WO2013051010A2 - A system and method for implementing biometric authentication for approving user's financial transactions - Google Patents

A system and method for implementing biometric authentication for approving user's financial transactions Download PDF

Info

Publication number
WO2013051010A2
WO2013051010A2 PCT/IN2012/000396 IN2012000396W WO2013051010A2 WO 2013051010 A2 WO2013051010 A2 WO 2013051010A2 IN 2012000396 W IN2012000396 W IN 2012000396W WO 2013051010 A2 WO2013051010 A2 WO 2013051010A2
Authority
WO
WIPO (PCT)
Prior art keywords
biometric
authentication
authentication token
verification server
user
Prior art date
Application number
PCT/IN2012/000396
Other languages
French (fr)
Other versions
WO2013051010A3 (en
Inventor
Sumeet PHADNIS
Mandar Agashe
Original Assignee
Sarvatra Technologies Pvt. Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sarvatra Technologies Pvt. Ltd. filed Critical Sarvatra Technologies Pvt. Ltd.
Publication of WO2013051010A2 publication Critical patent/WO2013051010A2/en
Publication of WO2013051010A3 publication Critical patent/WO2013051010A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A system and method for implementing biometric authentication for approving users' financial transactions have been disclosed. The system 100 provides dedicated biometric authentication facilitator units 104 at point of sales terminals 102 which capture a user's biometric characteristic when a request for conducting a financial transaction is raised. A verification server 116 of the system 100 generates a one-time use biometric authentication token in response to the captured biometric characteristic for approving or declining a financial transaction at an EFT switch interface 136. The system 100 thus, facilitates biometric authentication at remote POS terminals 102 without necessitating modifications in the existing POS hardware. Further, the system 100 eliminates the usage of specialized smart cards capable of storing biometric data or cumbersome secondary authentication mechanisms for approving and conducting financial transactions.

Description

A SYSTEM AND METHOD FOR IMPLEMENTING BIOMETRIC AUTHENTICATION FOR APPROVING USERS' FINANCIAL TRANSACTIONS
FIELD OF THE DISCLOSURE
This disclosure relates to the field of electronic financial transactions.
Particularly, this disclosure relates to system and method that use biometrics to determine whether to permit a particular financial transaction of the user submitting the biometric.
DEFINITIONS OF TERMS USED IN THE SPECIFICATION
The term 'authentication token' in this specification relates to an identifier or secret code which is used for verifying a financial transaction.
The term 'indicator' in this specification relates to a value which specifies the current status of the authentication token.
The term 'payment card' in this specification relates to a card which is associated with some monetary value and used for conducting financial transactions. The payment cards can be one of a debit card, a credit card, a prepaid gift card and the like.
The term 'payment card details' in this specification relates to details passed to a financial institution for debit of a payment amount. The payment card details typically include payment card identification number, identification number of the POS terminal where the financial transaction is been performed, name of the payment card holder and the like.
The term 'unused status' in this specification relates to an event associated with an authentication token. The authentication token is termed unused if it has not been associated with any successful financial transaction. BACKGROUND
For many individuals the need to establish their personal identity occurs on a daily basis. For example, a person may have to establish his/her personal identity to make use of the services provided by a bank, to access his/her personal bank account, to gain entry into an airport and the like. Personal identity is established by something that is associated with the particular person, such as a passport, computer password, Personal Identification Number (PIN) and the like. Personal identity of a person can also be established by something that is unique to a particular person, such as his/her facial structure, his/her written signature, his/her thumb impression and the like.
However, the most secure means of identity are biological features that can be automatically and objectively measured and are resistant to tampering, impersonation, theft and other kinds of fraudulent acts. Biometrics includes fingerprints, facial features, voice features, iris features, hand geometry and the like. In the prior art, the facility of biometric identification and authentication of users is not extended to POS (Point of Service) terminals but is restricted to application for purposes such as for opening high security vaults, gaining entry into restricted area and the like.
One of the disadvantages associated with systems of prior art is that they are not designed to authenticate financial transactions performed on a remote POS terminal. Since users performing financial transactions performed through POS terminals are not biometrically authenticated, there is a possibility that such POS terminal is misused by fraudsters to perform fraudulent transactions which includes withdrawing money illegally by using stolen payment cards.
Another disadvantage associated with systems of prior art is that some of the systems do make use of secondary authentication mechanisms in addition to usage of biometric authentication systems. Secondary authentication mechanisms include systems that verify a user based on unique identification including his/her PIN (Personal Identification Number), password and the like. This unique identification information is difficult to remember and at some times the user or the holder of the payment card might forget his/her unique identification and such a phenomenon not only causes inconvenience but retrieving lost PIN or password can be a cumbersome and painstaking process for the user of payment card.
Yet another disadvantage associated with biometric systems of prior art is that they necessitate a dedicated server for the purpose of storing biometric data of users. The dedicated server stores the biometric data corresponding to the users and subsequently runs a comparison.
Another disadvantage associated with biometric systems of the prior art is that they necessitate usage of a specialized smart card capable of storing the biometric data corresponding to the user. The smart card which is adapted to store the biometric data corresponding to the user has to be carried by the user for him/her to be biometrically authenticated. The smart card also includes accounting information corresponding to the user. Since these cards were embedded with a combination of biometric information and accounting information rendered these cards non- interoperable and restricted their usage to only those terminals which are specially designed to process such smart cards.
Therefore there was felt a need for a system which overcomes above mentioned drawbacks and provides:
• payment card users with the facility of biometric identification and authentication;
• for utilization of biometric authentication techniques through standardized, cost effective magnetic stripe payment cards;
• for usage of biometric data in addition to other authentication mechanisms prior to performing financial transactions;
• seamless integration with the existing banking mechanism; and
• for secured and safer financial transaction through POS terminals.
OBJECTS
It is an object of the present disclosure to provide payment card users with the facility of biometric verification. Yet another object of the present disclosure is to provide biometric authentication facilities without making use of smart cards capable of storing biometric data.
Another object of the present disclosure is to provide a system that makes use of biometric data to initiate secured financial transactions.
Yet another object of the present disclosure is to provide a system that can be easily integrated with existing network for providing safer and secured financial transactions.
Still further object of the present disclosure is to provide a system that does not require biometric identification data to be stored in a dedicated server.
Another object of the present disclosure is to provide a system that efficiently captures the biometric data corresponding to users.
Yet another object of the present disclosure is to provide a system that issues a unique single use key for facilitating secured financial transactions.
Another object of the present disclosure is to provide a system that alters the authentication message to accommodate the biometric identification token thereby not necessitating an alteration of the existing hardware system.
SUMMARY
The present disclosure envisages a system for implementing biometric authentication for approving user's financial transactions, the system comprising:
• a plurality of customized Point of Sales (POS) terminals having a biometric authentication facilitator unit, the biometric authentication facilitator unit comprising:
- biometric data capturing means adapted to capture a pre-designated biometric characteristic of a user requesting a financial transaction; - first transmission means adapted to transmit the captured biometric characteristic;
- first receiving means adapted to receive a biometric authentication token corresponding to the transmitted biometric characteristic;
- authentication message compilation means to collate an authentication message including the authentication token and financial transaction related payment details;
- second transmission means adapted to transmit the authentication message;
fication server co-operating with each of the POS terminals comprising:
- a repository adapted to store biometric authentication associated data for users;
- second receiving means adapted to receive the biometric characteristic from the POS terminals;
- a first comparator adapted to compare the received biometric characteristic with corresponding biometric characteristic for a user fetched from the repository;
- an authentication token generator adapted to generate a biometric authentication token in the event that the received and fetched biometric characteristic for a user match;
- a temporary buffer adapted to store the authentication token for a predetermined time;
- third transmission means adapted to transmit the biometric authentication token to a corresponding POS terminal;
- third receiving means adapted to receive the authentication message;
- a second comparator adapted to compare an authentication token in the authentication message with the stored authentication token in the temporary buffer for verifying the validity and status of the authentication token;
- fourth transmission means adapted to transmit a confirmation for approving the financial transmission; • a Electronic Fund Transfer (EFT) switch interface co-operating with the POS terminals and the verification server, the EFT switch interface comprising:
fourth receiving means adapted to receive the authentication message from a POS terminal;
- token determination means adapted to determine presence of the authentication token in the authentication message;
fifth transmission means to transmit the authentication message to the verification server for approval if presence of the authentication token is determined;
- fifith receiving means to receive the confirmation from the verification server to conduct the financial transaction; and
• communication interfaces for facilitating communication between the POS terminals, the verification server and the EFT switch interface.
Preferably, the biometric authentication facilitator unit includes encryption means to encrypt the captured biometric data of the user using AES 256 bit encryption technique before transmission through the first transmission means.
Typically, the repository stores biometric characteristics associated with users fetched from at least one server selected from the group consisting of third party servers and locally compiled on the verification server.
Further, the repository further stores data associated with a user including user credentials and financial transaction related payment data.
Still further, the verification server includes error handling unit adapted to generate an error message for the corresponding POS terminal in the event that the received and fetched biometric data for a user does not match.
Furthermore, the verification means includes status updation means adapted to update the status of a biometric authentication token as 'used' on generating the confirmation for a valid authentication token. In addition, the communication interface is selected from the group consisting of an Internet based wireless communication interface, and an Internet based wired or cabled communication interface.
Still further, the system comprises a logging unit to record the activity carried out by the verification server, the POS terminals and the EFT switch interfaces and store the recorded activity in a log repository.
The present disclosure envisages a method of implementing biometric authentication for approving users' financial transactions, the method comprising the following steps:
- hosting a repository at a verification server to host biometric data associated with users;
- capturing at least one biometric characteristic of a user requesting a financial transaction through a biometric authentication facilitator unit at a POS terminal;
- transmitting the captured biometric characteristic to a verification server for verification;
- verifying if the biometric characteristic received from the POS terminal matches with biometric data fetched for a corresponding user from the repository;
- generating a unique biometric authentication token if it is determined that the received and fetched biometric data match;
transmitting the unique biometric authentication token to a corresponding POS terminal for compiling an authentication message including the biometric authentication token and financial transaction related payment data;
- transmitting the authentication message to an EFT switch interface;
- transmitting the authentication message to the verification server in the event that presence of the authentication token is detected in the authentication message at the EFT switch interface;
- determining at the verification server whether the unique biometric authentication token in the authentication message is valid and unused; and
- generating a confirmation for approving and carrying out the financial transaction at an EFT switch interface. Further, the step of transmitting the captured biometric data of a user includes the step of encrypting the biometric data before transmitting to the verification server.
Additionally, the step of verifying if the biometric data received from the POS terminal matches with biometric data fetched from the repository includes the step of generating and transmitting an error message for the POS terminal in the event that the received and fetched biometric data for a user does not match.
Still further, the step of generating a confirmation for approving and carrying out the financial transaction includes the step of updating the status of a biometric authentication token as 'used'.
Furthermore, the method comprises the steps of recording the activity carried out by the verification server, the POS terminals and the EFT switch interfaces and storing the recorded activity in a log repository.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWINGS
The system and method for implementing biometric authentication for approving users' financial transactions will now be described with reference to the non-limiting, accompanying drawings, in which:
FIGURE 1 illustrates a schematic of the system for implementing biometric authentication for approving users' financial transactions in accordance with this disclosure; and
FIGURE 2 illustrates a flowchart for the method implementing biometric authentication for approving users' financial transactions in accordance with this disclosure.
DETAILED DESCRIPTION OF THE ACCOMPANYING DRAWINGS
The system and method for implementing biometric authentication for approving users' financial transactions will now be described with reference to the accompanying drawings which do not limit the scope and ambit of the disclosure. The description provided is purely by way of example and illustration. Biometric systems of the prior art do not authenticate the users when they are performing financial transactions on a POS terminal. Moreover, some of the biometric authentication systems disclosed in the prior art authenticate users based on secondary identification data such as PIN and password apart from utilizing the biometric data. The user might find it inconvenient and cumbersome to remember the ΡΓΝ and/or the password and would be forced to witness furthermore inconvenience by being unable to perform any financial transactions when he/she forgets the password and/or the PIN. Therefore, in order to overcome the above mentioned drawbacks, the present disclosure envisages a system and method for facilitating biometric authentication of users on POS terminals.
The system in accordance with the present disclosure makes it possible for the banks to authenticate the users involved in performing financial transactions through POS terminals. The payment cards issued to the users are activated by the concerned bank official using an authentication card. The users are allowed to use their respective payment cards only after they are activated and during the step of activation, if a particular user desires to opt for the facility of biometric verification, his/her biometric data including but not restricted to thumb impressions, palm prints, image of the retina, image of the iris, voice pattern, pattern of handwriting and image of the face.
In order to make use of the biometric authentication facilities provided by the present disclosure, POS terminals need to be equipped with a device that is capable of capturing the biometric data corresponding to the users. The system in accordance with the present disclosure makes it possible to make use of third party database servers for the purpose of electronically storing, retrieving and verifying the biometric data corresponding to the users. An example of such a third party database server is the biometric verification database server developed and maintained by Government of India for storing the biometric data of users who are enrolled for UID (Unique Identification) scheme.
In accordance with the present disclosure, if the banks choose to use a third party server for the purpose of electronically storing and retrieving biometric data corresponding to the users, they are relieved of the task of maintaining a record of the biometric data corresponding to the users. Hence, in the case of third party database servers being used by banks, the identification number corresponding to the users and stored in the third party database server is mapped against the respective identification numbers of the payment cards issued to the users. Subsequent to mapping, the biometric data stored in the third party database server can be used for the purpose of authenticating the users while they perform financial transactions on a POS terminal using their payment cards. In case of banks choosing to use in-house database servers for the purpose of electronically storing and retrieving the biometric data corresponding to the users, the biometric data corresponding to the users will be procured at the time of registration of user's payment card using any of the well known biometric data procurement devices and subsequently transmitted and stored in the in-house database server in encrypted format in order to ensure security of data. Well known encryption algorithms such as AES 256 and the like can be utilized for the purpose of encrypting the biometric data.
Referring to the accompanying drawings, FIGURE 1 shows a schematic of the system 100 for implementing biometric authentication for approving users' financial transactions. The system 100 comprises three main components namely Point of Sales (POS) terminals 102, represented by Xi to X„ collectively represented by reference numeral 102, Electronic Fund Transfer (EFT) switch interface 136 and verification server 116.
In accordance with one aspect of the present disclosure, the system 100 provides dedicated biometric authentication facilitator unit 104 for each of the POS terminals 102. The dedicated biometric authentication facilitator unit 104 performs the task of capturing at least one biometric characteristic of a user requesting a financial transaction and further processes it before sending it to the verification server 116. Thus, no hardware modifications are required in the existing POS terminals 102 for facilitating the biometric authentication. The biometric authentication facilitator unit 104 is electronically coupled/ hardwired to the POS terminal 102. Alternatively, the biometric authentication facilitator units 104 can be embedded in the POS terminal 102.
The biometric authentication facilitator unit 104 for facilitating the biometric authentication at the POS terminal 102 comprises biometric data capturing means 106 to capture a pre-designated biometric characteristic of a user including an iris scan, a finger print, a thumb impression, facial image and the like data. The captured biometric characteristic of the user is transmitted to the verification server 116 through first transmission means 108 of the biometric authentication facilitator unit 104. Alternatively, the biometric authentication facilitator unit 104 can utilize the POS terminal's 102 communication channel for receiving and transmitting data. Further, the biometric authentication facilitator unit 104 includes an encryption unit (not shown in the figures), which encrypts the captured biometric characteristic of a user using AES 256 bit encryption technique, before transmitting it to the verification server 116 over a secure Internet based communication interface 146.
The verification server 116 includes a repository 118 which hosts the biometric authentication related data of the users. The repository 118 stores data associated with a user including the user's credentials, payment card details and one or more authentication tokens and their status. The repository 118 also hosts temporary biometric characteristics of users which are fetched from a third party database server like a governmental agency which holds biometric characteristics for all citizens for facilitating the verification process. Alternatively, the repository 118 hosts biometric characteristics which are fetched from an in house database server maintained by a financial institution like a bank for facilitating the verification process.
The verification server 116 includes second receiving means 120 for receiving the biometric characteristic from the POS terminals 102 and forwards the biometric characteristics to a first comparator 122. The first comparator 122 compares the received biometric characteristic with corresponding biometric characteristic for a user fetched from the repository 118. The results of the comparison are given to an authentication token generator 124 of the verification server 116. The authentication token generator 124 generates a one-time use based temporary biometric authentication token in the event that the received and fetched biometric characteristic for a user match with one another. Further, the verification server 116 stores the generated biometric authentication token for a predetermined time in a temporary buffer 126. Further, the verification server 116 transmits the biometric authentication token to a corresponding POS terminal 102. In accordance with another aspect of this disclosure, if the authentication token generator 124 determines that the biometric characteristic received from the POS terminal 102 does not match with the biometric characteristic archived on the repository 118, then the verification server 116 transmits an error message to the corresponding POS terminal 102 and subsequently rejects the financial transaction requested by the user using an error handling unit (not shown in the figure).
A first receiving means of the biometric authentication facilitator unit 104 at the POS terminal 102 receives the biometric authentication token corresponding to the transmitted biometric characteristic and forwards it to authentication message compilation means 112. The authentication message compilation means 112 of the biometric authentication facilitator unit 104 collates an authentication message which includes the biometric authentication token, biometric authentication token's status indicator (which is initially set to an 'unused status'), and financial transaction related payment details. The payment details include the name of the payment card holder, payment card identification number and payment amount details. The biometric authentication facilitator unit 104 subsequently forwards the authentication message to the EFT switch interface 136 through second transmission means 114 to approve and conduct the financial transaction. In accordance with this disclosure, the authentication message plays a key role in the process of approving the financial transaction.
The EFT switch interface 136 co-operates with various payment gateways and receives the authentication message associated with a user. The EFT switch interface 136 determines whether the authentication message received through its fourth receiving means 138 includes the biometric authentication token. If the token determination means 140 of the EFT switch interface 136 determines that the authentication message includes the biometric authentication token, the EFT switch interface 136 subsequently transmits the biometric message to the verification server 116 via its fifth transmission means 142.
The verification server 116 receives the authentication message from the EFT switch interface 136 via its third receiving means 130. A second comparator 132 of the verification server 136 compares a biometric authentication token in the authentication message with the authentication token stored in the temporary buffer 126 for verifying the validity and status of the authentication token. If the verification system 116 finds the biometric authentication token to be valid and unused, it marks the biometric authentication token with the tag "USED" using a status updation means (not shown in the figures) and provides for one time usage of the biometric authentication token by generating and transmitting a confirmation via fourth transmission means 134.
The EFT switch interface 136 receives the confirmation from the verification server 116 through fifth receiving means 144, confirming that the transmitted biometric authentication code is unused and valid for one financial transaction, processes the biometric authentication token and approves the financial transaction requested through the POS terminal 102. The system further comprises a logging unit (not shown in the figures) to record the activity carried out by the verification server 116, the POS terminals 102 and the EFT switch interface 136 via an activity logger and stores the recorded activity in a log repository.
In accordance with yet another aspect of this disclosure, the communication between the verification server 116, the POS terminals 102 and the EFT switch interface 136 is facilitated using communication interfaces 146. The communication interfaces 146 are Internet based wireless communication interfaces. Alternatively, the communication interfaces 146 are Internet based wired or cabled communication interfaces.
The embodiment as disclosed hereinabove includes POS terminals 102 as the interface between the verification server 116 and the EFT switch interface 136. However, in accordance with another embodiment of this disclosure, the interface 102 is a wired or wireless Internet based electronic device, typically a mobile phone, a conventional landline, a computing device Or the like which co-operates with the biometric authentication facilitator unit 106 to facilitate the biometric authentication for approving a financial transaction.
Further, in accordance with another embodiment of this disclosure, the first transmission means 108 and second transmission means 114 of the biometric authentication facilitator unit 104 may be instances of a single transmission means which transmit discrete data / values / information. Similar embodiment can be applied for other transmission and receiving means of biometric authentication facilitator unit 104, the verification server 116 and the EFT switch interface 136.
In accordance with this disclosure, there is provided a method of implementing biometric authentication for approving users' financial transactions, the method comprising the following steps as seen in FIGURE 2, hosting a repository at a verification server to host biometric data associated with users 1000; capturing a biometric characteristic of a user requesting a financial transaction through a biometric authentication facilitator unit at a POS terminal 1002; transmitting the captured biometric characteristic to a verification server for verification 1004; verifying if the biometric characteristic received from the POS terminal matches with biometric characteristic fetched for a corresponding user from the repository 1006; generating a unique biometric authentication token if it is determined that the received and fetched biometric data match 1008 else generating and transmitting an error message for the POS terminal in the event that the received and fetched biometric data for a user does not match 1010; compiling an authentication message including the biometric authentication token and the financial transaction related payment details 1012, transmitting the authentication message to an EFT switch interface via the POS terminal 1014 for detecting presence of an authentication token in the authentication message; determining whether the unique biometric authentication code is valid and unused 1016; approving the financial transaction for a user if the authentication token is valid and has an unused status 1020 else declining the financial transaction 1018.
Further, the step of transmitting the captured biometric data of a user includes the step of encrypting the biometric data before transmitting to the verification server.
Additionally, the step of verifying if the biometric data received from the POS terminal matches with biometric data fetched from the repository includes the step of generating and transmitting an error message for the POS terminal in the event that the received and fetched biometric data for a user does not match.
Still further, the step of generating a confirmation for approving and carrying out the financial transaction includes the step of updating the status of a biometric authentication token as 'used'.
Furthermore, the method comprises the steps of recording the activity carried out by the verification server, the POS terminals and the EFT switch interfaces and storing the recorded activity in a log repository.
TECHNICAL ADVANTAGES
The technical advancements of the present disclosure include the following:
• present disclosure provides payment card users with the facility of biometric verification;
• present disclosure provides a system that does not necessitate usage of specialized smart cards capable of storing biometric data;
• present disclosure provides a system that makes use of biometric data to initiate secured financial transactions;
• present disclosure provides a system that can be easily integrated with existing network for providing safer and secured financial transactions; • present disclosure provides a system that does not require biometric identification data to be stored in a dedicated server;
• present disclosure provides a system that efficiently captures the biometric data corresponding to users;
• present disclosure provides a system that issues a unique single use key for every financial transaction; and
• present disclosure provides a system that alters the authentication message to accommodate the biometric identification token thereby not necessitating modifications in existing hardware mechanism.
Throughout this specification the word "comprise", or variations such as "comprises" or "comprising", will be understood to imply the inclusion of a stated element, integer or step, or group of elements, integers or steps, but not the exclusion of any other element, integer or step, or group of elements, integers or steps.
The use of the expression "at least" or "at least one" suggests the use of one or more elements or ingredients or quantities, as the use may be in the embodiment of the invention to achieve one or more of the desired objects or results.
While considerable emphasis has been placed herein on the particular features of this invention, it will be appreciated that various modifications can be made, and that many changes can be made in the preferred embodiment without departing from the principles of the invention. These and other modifications in the nature of the invention or the preferred embodiments will be apparent to those skilled in the art from the disclosure herein, whereby it is to be distinctly understood that the foregoing descriptive matter is to be interpreted merely as illustrative of the invention and not as a limitation.

Claims

CLAIMS:
1. A system for implementing biometric authentication for approving user's financial transactions, said system comprising:
• a plurality of customized Point of Sales (POS) terminals having a biometric authentication facilitator unit, said biometric authentication facilitator unit comprising:
- biometric data capturing means adapted to capture a pre-designated biometric characteristic of a user requesting a financial transaction;
- first transmission means adapted to transmit the captured biometric characteristic;
- first receiving means adapted to receive a biometric authentication token corresponding to the transmitted biometric characteristic;
- authentication message compilation means to collate an authentication message including said authentication token and financial transaction related payment details;
- second transmission means adapted to transmit said authentication message;
• a verification server co-operating with each of said POS terminals, said verification server comprising:
- a repository adapted to store biometric authentication associated data for users;
- second receiving means adapted to receive said biometric characteristic from said POS terminals;
- a first comparator adapted to compare the received biometric characteristic with corresponding biometric characteristic for a user fetched from the repository;
- an authentication token generator adapted to generate a biometric authentication token in the event that the received and fetched biometric characteristic for a user, match;
- a temporary buffer adapted to store said biometric authentication token for a predetermined time; - third transmission means adapted to transmit said biometric authentication token to a corresponding POS terminal;
- third receiving means adapted to receive said authentication message;
- a second comparator adapted to compare an authentication token in said authentication message with said authentication token stored in said temporary buffer for verifying the validity and status of said authentication token;
- fourth transmission means adapted to transmit a confirmation for approving the financial transmission in the event that validity and the status of said authentication token is confirmed;
• a Electronic Fund Transfer (EFT) switch interface co-operating with said POS terminals and said verification server, said EFT switch interface comprising:
- fourth receiving means adapted to receive said authentication message from a POS terminal;
- token determination means adapted to determine presence of said authentication token in said authentication message;
- fifth transmission means to transmit said authentication message to said verification server for approval if presence of said authentication token is determined;
- fifth receiving means to receive said confirmation from said verification server to conduct the financial transaction; and
• communication interfaces for facilitating communication between said POS terminals, said verification server and said EFT switch interface.
2. The system as claimed in claim 1, wherein said biometric authentication facilitator unit includes encryption means to encrypt said captured biometric data of the user using AES 256 bit encryption technique before transmission through said first transmission means.
3. The system as claimed in claim 1, wherein said repository stores biometric characteristics associated with users fetched from at least one server selected from the group consisting of third party servers and locally compiled on said verification server.
4. The system as claimed in claim 1, wherein said repository further stores data associated with a user including user credentials and financial transaction related payment data.
5. The system as claimed in claim 1, wherein said verification server includes error handling unit adapted to generate an error message for said corresponding POS terminal in the event that the received and fetched biometric data for a user does not match.
6. The system as claimed in claim 1, wherein said verification means includes status updation means adapted to update the status of a biometric authentication token as 'used' on generating said confirmation for a valid authentication token.
7. The system as claimed in claim 1, wherein each of said communication interface is selected from the group consisting of an Internet based wireless communication interface, and an Internet based wired or cabled communication interface.
8. The system as claimed in claim 1, wherein said system further comprises a logging unit to record the activity carried out by said verification server, said POS terminals and said EFT switch interfaces and store the recorded activity in a log repository.
9. A method of implementing biometric authentication for approving users' financial transactions, said method comprising the following steps:
hosting a repository at a verification server to host biometric data associated with users;
- capturing at least one biornetnc characteristic of a user requesting a financial transaction through a biometric authentication facilitator unit at a POS terminal; - transmitting the captured biometric characteristic to a verification server for verification;
- verifying if the biometric characteristic received from said POS terminal matches with biometric data fetched for a corresponding user from said repository;
generating a unique biometric authentication token if it is determined that the received and fetched biometric data match;
- transmitting said unique biometric authentication token to a corresponding POS terminal for compiling an authentication message including said biometric authentication token and financial transaction related payment data;
transmitting said authentication message to an EFT switch interface;
- transmitting said authentication message to said verification server in the event that presence of said authentication token is detected in said authentication message at the EFT switch interface;
- determining at said verification server whether said unique biometric authentication token in said authentication message is valid and unused; and
- generating a confirmation for approving and carrying out the financial transaction at an EFT switch interface.
10. The method as claimed in claim 9, wherein the step of the step of transmitting the captured biometric data of a user includes the step of encrypting the biometric data before transmitting to said verification server.
11. The method as claimed in claim 9, wherein the step of verifying if the biometric data received from said POS terminal matches with biometric data fetched from said repository includes the step of generating and transmitting an error message for said POS terminal in the event that the received and fetched biometric data for a user does not match.
12. The method as claimed in claim 9, wherein the step of generating a confirmation for approving and carrying out the financial transaction includes the step of updating the status of a biometric authentication token as 'used'.
13. The method as claimed in claim 9, wherein the method further comprises the steps of recording the activity carried out by said verification server, said POS terminals and said EFT switch interface and storing the recorded activity in a log repository.
PCT/IN2012/000396 2011-06-06 2012-06-05 A system and method for implementing biometric authentication for approving user's financial transactions WO2013051010A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN1657/MUM/2011 2011-06-06
IN1657MU2011 2011-06-06

Publications (2)

Publication Number Publication Date
WO2013051010A2 true WO2013051010A2 (en) 2013-04-11
WO2013051010A3 WO2013051010A3 (en) 2013-07-04

Family

ID=48044257

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2012/000396 WO2013051010A2 (en) 2011-06-06 2012-06-05 A system and method for implementing biometric authentication for approving user's financial transactions

Country Status (1)

Country Link
WO (1) WO2013051010A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160063471A1 (en) * 2014-08-28 2016-03-03 Erick Kobres Methods and a system for passive authentication
WO2018087317A1 (en) * 2016-11-10 2018-05-17 Sthaler Limited Biometric transaction system
WO2018106431A1 (en) * 2016-12-08 2018-06-14 Mastercard International Incorporated Systems and methods for biometric authentication using existing databases

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030046237A1 (en) * 2000-05-09 2003-03-06 James Uberti Method and system for enabling the issuance of biometrically secured online credit or other online payment transactions without tokens
CN1758288A (en) * 2004-10-08 2006-04-12 富士通株式会社 Authenticating method, personal authentication apparatus, and program
US7558406B1 (en) * 2004-08-03 2009-07-07 Yt Acquisition Corporation System and method for employing user information
US20100299258A1 (en) * 1999-12-10 2010-11-25 Terri Page System and method for verifying the authenticity of a check and authorizing payment thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100299258A1 (en) * 1999-12-10 2010-11-25 Terri Page System and method for verifying the authenticity of a check and authorizing payment thereof
US20030046237A1 (en) * 2000-05-09 2003-03-06 James Uberti Method and system for enabling the issuance of biometrically secured online credit or other online payment transactions without tokens
US7558406B1 (en) * 2004-08-03 2009-07-07 Yt Acquisition Corporation System and method for employing user information
CN1758288A (en) * 2004-10-08 2006-04-12 富士通株式会社 Authenticating method, personal authentication apparatus, and program

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160063471A1 (en) * 2014-08-28 2016-03-03 Erick Kobres Methods and a system for passive authentication
WO2018087317A1 (en) * 2016-11-10 2018-05-17 Sthaler Limited Biometric transaction system
CN110192213A (en) * 2016-11-10 2019-08-30 斯泰勒有限公司 Biological characteristic transaction system
IL266507B1 (en) * 2016-11-10 2023-09-01 Sthaler Ltd Biometric transaction system
WO2018106431A1 (en) * 2016-12-08 2018-06-14 Mastercard International Incorporated Systems and methods for biometric authentication using existing databases
US10715520B2 (en) 2016-12-08 2020-07-14 Mastercard International Incorporated Systems and methods for decentralized biometric enrollment
US11252150B2 (en) 2016-12-08 2022-02-15 Mastercard International Incorporated Systems and methods for smartcard biometric enrollment
US11588813B2 (en) 2016-12-08 2023-02-21 Mastercard International Incorporated Systems and methods for biometric authentication using existing databases
US11916901B2 (en) 2016-12-08 2024-02-27 Mastercard International Incorporated Systems and methods for smartcard biometric enrollment

Also Published As

Publication number Publication date
WO2013051010A3 (en) 2013-07-04

Similar Documents

Publication Publication Date Title
US11562363B2 (en) Hardware and token based user authentication
US20210226797A1 (en) Authentication in ubiquitous environment
CN111711520B (en) Authentication in ubiquitous environments
EP2648163B1 (en) A personalized biometric identification and non-repudiation system
US8799670B2 (en) Biometric authentication method, computer program, authentication server, corresponding terminal and portable object
EP3417392B1 (en) Method, system, device and software programme product for the remote authorization of a user of digital services
US20070291995A1 (en) System, Method, and Apparatus for Preventing Identity Fraud Associated With Payment and Identity Cards
US20030115490A1 (en) Secure network and networked devices using biometrics
US20070169182A1 (en) Multi-mode credential authorization
WO2001042938A1 (en) Personal authentication system and portable electronic device having personal authentication function using body information
US20100131414A1 (en) Personal identification device for secure transactions
US20190139051A1 (en) Biometric secure transaction system
JP2017182326A (en) Qualification authentication system using mobile terminal, qualification authentication tool and qualification authentication method
CN109426963B (en) Biometric system for authenticating biometric requests
JP2015525409A (en) System and method for high security biometric access control
JP7155859B2 (en) Authentication device, authentication system, and authentication method
MX2015000169A (en) Biometric validation method and biometric terminal.
EP2365477A1 (en) Personal identification device for secure transactions
Lasisi et al. Development of stripe biometric based fingerprint authentications systems in Automated Teller Machines
US20190019189A1 (en) Payment authentication
KR101812637B1 (en) Method, institution card, and system for verifing identity using identification code
WO2013051010A2 (en) A system and method for implementing biometric authentication for approving user's financial transactions
US10503936B2 (en) Systems and methods for utilizing magnetic fingerprints obtained using magnetic stripe card readers to derive transaction tokens
US20190325427A1 (en) Contactless device and method for generating a unique temporary code
US20160342996A1 (en) Two-factor authentication method

Legal Events

Date Code Title Description
122 Ep: pct application non-entry in european phase

Ref document number: 12838001

Country of ref document: EP

Kind code of ref document: A2