WO2014092665A1 - Integrated user authentication system in self-service machines - Google Patents

Integrated user authentication system in self-service machines Download PDF

Info

Publication number
WO2014092665A1
WO2014092665A1 PCT/TR2013/000382 TR2013000382W WO2014092665A1 WO 2014092665 A1 WO2014092665 A1 WO 2014092665A1 TR 2013000382 W TR2013000382 W TR 2013000382W WO 2014092665 A1 WO2014092665 A1 WO 2014092665A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication system
palm
user authentication
component
face
Prior art date
Application number
PCT/TR2013/000382
Other languages
French (fr)
Inventor
Emre ÖZER
Sinan ÇEKEREKLİ
Fatih ALAGÖZ
Mücahit GÜNDEBAHAR
Original Assignee
Kuveyt Türk Katilim Bankasi Anoni̇m Şi̇rketi̇
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kuveyt Türk Katilim Bankasi Anoni̇m Şi̇rketi̇ filed Critical Kuveyt Türk Katilim Bankasi Anoni̇m Şi̇rketi̇
Publication of WO2014092665A1 publication Critical patent/WO2014092665A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/70Multimodal biometrics, e.g. combining information from different biometric modalities
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/25Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
    • G07C9/257Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition electronically
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F19/00Complete banking systems; Coded card-freed arrangements adapted for dispensing or receiving monies or the like and posting such transactions to existing accounts, e.g. automatic teller machines
    • G07F19/20Automatic teller machines [ATMs]
    • G07F19/201Accessories of ATMs

Definitions

  • the invention relates to an integrated user authentication system that uses face recognition, palm vein recognition, and key-stroke dynamics biometric methods in automatic self-service machines.
  • ATM automatic self-service machines
  • Kiosk Cash deposit machines
  • Teller machines are widely used as alternative distribution channels.
  • the automatic self- service machines (ATM, Kiosk, Cash deposit machines, Teller machines) provide a solution for many banking transactions, but there are still some transaction limitations.
  • an ATM security system and method based on face recognition is disclosed. It is described that it captures infrared face pictures of system users and keeps in a database, and allows admittance of user by a face recognition engine during logging in process through an ATM machine.
  • a security system and method is disclosed that may avoid unauthorized access in case a credit card or debit card are copied or password is cloned. It is mentioned that the system checking the access security can perform it by IC card reader, RF card reader, fingerprint reader, iris scanner or face recognition device.
  • IC card reader RF card reader
  • fingerprint reader iris scanner
  • face recognition device a system and method, in which an artificial neural network and face recognition method are used, is disclosed as a solution for drawing money using a stolen card.
  • the card reader on ATM device reads the number from user's card and then asks for the input of identifier password.
  • Digital camera used a visual capturing unit captures user's face visual.
  • the feature vector created by using the distinguishing features from face visual is conveyed to the artificial neural network.
  • the artificial neural network unit performs instruction and then recognition operations by using feature vectors.
  • recognition score which is obtained by artificial neural network, is equal to or is higher than a predetermined threshold value
  • user gets access authorization.
  • central unit is warned and notified about stolen or copied card use. It is stated that it can also be applied for credit card using the user's signature via a signature pad as the biometric recognition data of the invention.
  • JP2005196516 a system is disclosed where face recognition method is used for logging in with cards at ATM machines. Face recognition data belonging to users are stored in the pre-registered cards. By processing face image of users captured by camera who want to log in at ATM machine, facial characteristic data is obtained. Obtained data is compared to the pre-registered user data and it is decided whether s/he is an authorized or unauthorized user. Face data of unauthorized users are registered on a separate storage unit, and card holder is informed via electronic post about unauthorized access.
  • WO201 1046810 a system and method is disclosed where biometric authentication and authorization for financial processes are applied.
  • the system audibly warns the user and collects her/his biometric data using fingerprint recognition (fingerprint scanner), iris recognition (iris scanner) and/or face recognition (camera) methods. It associates user name and address with biometric data as additional identifying information. Biometric data of a user who tries to log in will be compared with pre-registered user data and it will be decided whether to allow for access or not.
  • JP201 1 18740 a system that identifies user ID using face recognition and provides power saving on ATM devices is disclosed.
  • the proximity sensor takes the camera and face recognition components out of power saving mode when a user approaches to the machine and performs the user identification.
  • Said system that decides whether corresponding user is allowed to do transactions on ATM machine also takes other units out of power saving mode.
  • KR2Q030048390 a system and method is disclosed that gives approval of withdrawal using customer's face information who wishes to draw money from ATM's.
  • customer's face information who wishes to draw money from ATM's.
  • specific information representing user's face is registered to magnetic tape or IC chip on the cards.
  • DGTM Dynamic Genetic Tree Map
  • PCA Principle Component Analysis
  • KR20070058966 a system and method is disclosed, which scans hand vein visual on ATM's and provides saving of said visual with regard to its quality into the IC card or warns for re-registering.
  • a safety system and method based on keystroke dynamics is disclosed.
  • the system functioning with keyboard calculates the time between button pushes of users and acquires user-specific button push information.
  • key-stroke dynamics value of the new user is measured, and it is compared with pre-registered user key-stroke dynamics value, and decision regarding login permission is given.
  • a security system and method in which access permission is provided with key-stroke dynamics for systems like building entrance system and mobile wireless devices. Decision regarding the access permission is taken by comparing one or more button push metrics of the user requesting access permission with registered users' button push metrics. Delay time between button pushes of used metrics indicates that there may be pressing time or pushing errors.
  • KR20090022682 a system and method is disclosed in which key-stroke dynamics information is used while doing financial transactions.
  • certificate request is submitted to the server. Certificate request includes user password and key-stroke dynamics. If user password is verified at initial inquiry, user's key-stroke dynamics inquiry is carried out at secondary inquiry.
  • the present invention relates to a new integrated user authentication system that provides user access control in automatic self-service machines to remove the above-mentioned disadvantages and bring new advantages to concerning technical field.
  • the main object of the invention is to provide an integrated user authentication system that provides preeminent security for those using banking services.
  • Another object of the invention is to provide an integrated user authentication system that uses face recognition, palm vein recognition, and key-stroke dynamics biometric methods together.
  • the present invention relates to an integrated user authentication system having an automatic self-service machine and face recognition, palm recognition, and key- stroke dynamics components provided on said automatic self-service machine .
  • Characteristic of said integrated user authentication system is that it comprises at least one multi-layered biometric access security component that performs authorization verification by providing multi-access security using alternative combinations of biometric methods of face recognition component, palm recognition component and key-stroke dynamics component.
  • At least one authorization score component that plays a role on authorization decision of the user is provided.
  • At least one integrated score that provides user's authorization decision in said authorization score component is provided.
  • At least one camera for capturing user's picture in automatic self-service machine is provided.
  • At least one monitor for displaying informing screens to users in automatic self-service machine is provided.
  • the invention comprises at least one keyboard where users can input data in automatic self-service machine.
  • at least one card reader for enabling user card entrance in automatic self-service machine is provided.
  • At least one palm reader provided for capturing hand vein view of users in automatic self-service machine is provided.
  • At least one proximity sensor that is provided for informing relevant units by sensing that a user is approaching in the automatic self-service machine is provided.
  • at least one face parser that distinguishes user's visual, which is provided in face recognition component and captured by said camera, from the background is provided.
  • At least one face feature identifier provided on face recognition component which determines user's face features is provided.
  • at least one face matcher that matches the face vector provided in face recognition component and obtained from user's view with pre- registered face profile vector is provided.
  • at least one hand vein pattern parser that distinguishes palm vein pattern visual from the palm visual obtained from said palm reader and provided in palm recognition component is provided.
  • At least one palm feature identifier provided in palm recognition component, which determines palm features is provided.
  • At least one palm matcher that matches the hand vein vector provided in palm recognition component and obtained from user's palm with pre-registered palm profiles is provided.
  • At least one key-stroke dynamics identifier that is provided in the key-stroke dynamics component and calculates button push measurements via user's button push signals is provided.
  • at least one key-stroke dynamics matcher that compares the calculated button push value by said key-stroke dynamics identifier with the registered key-stroke dynamics profile is provided.
  • the present invention relates to an integrated user authentication method having an automatic self-service machine and face recognition, palm vein recognition, and key-stroke dynamics components provided on said automatic self-service machine.
  • Said application method comprises the steps of, a. Sensing of users approaching to automatic self-service machines for doing transactions,
  • Figure 1 a general view of the automatic self-service machine is disclosed.
  • the integrated user authentication system according to the invention is described only for better understanding the subject without any limiting effects. Accordingly, said integrated user authentication system is described in the description and figures below as being adapted to an automatic self-service machine that provides remote access to banking services. Yet, the invention can be adapted to different systems by making small changes thereon.
  • FIG. 1 a general view of an automatic self-service machine (10) is given.
  • At least one camera (1 ), which can capture images at a certain frame, is adapted to said automatic self-service machine (10).
  • At least one monitor (12) present that provides display of information screens that is to be positioned to be within the view of general users who come for transactions.
  • At a certain distance down from said monitor (12) at a position accessible to users, there is at least one keyboard (13) that provides data input for users, and in neighborhood of said keyboard (13), there is at least one card reader ( 4) for users to have their card recognized.
  • At least one face recognition component (20) is provided in said automatic self-service machine (10) that makes relevant calculations by utilizing user's image that is captured by the camera (11).
  • FIG. 2 there is one block diagram provided relating to the transactions done by said face recognition component (20).
  • said face recognition component (20) there is at least one face parser (21), at least one face feature identifier (22), and at least one face matcher (23) for doing said transactions.
  • At least one palm recognition component (30) is provided in said automatic self-service machines (10). With reference to Figure 3; there is the block diagram of palm recognition component (30) provided.
  • the palm recognition component (30) there is at least one hand vein pattern parser (31), at least one palm feature identifier (32), and at least one palm matcher (33) for doing said transactions.
  • At least one key-stroke dynamics component (40) is also provided in said automatic self- service machine (10).
  • Figure 4 there is the block diagram of said key-stroke dynamics component (40) provided.
  • the key-stroke dynamics component (40) there is at least one key-stroke dynamics identifier (41) and at least one key-stroke dynamics matcher (42) provided for doing said transactions.
  • multi-layered biometric access security component (50) provided in said automatic self-service machine (10).
  • authorization score component (51) that does relevant transactions at multi-layered biometric access security component (50).
  • the automatic self-service machine (10) various data that are either obtained by different transactions by the abovementioned units or direct input of users are identified.
  • the error ratio between user's image captured by the camera (11), user's visual (GO); facial view of the user, face visual (GyO); user's face feature vector, face vector (YvO); registered face profile vector, face profile vector (Yvp), user's face features and registered face features is defined as face score (Sy).
  • the error ratio between palm view of user captured with the palm reader (15), palm visual (GeO); view of hand vein pattern, vein pattern visual (GdO); hand vein feature vector of user, hand vein vector (EvO); registered hand vein vector, hand vein profile (Evp), user's palm features and registered hand vein features is defined as palm score (Se).
  • the error ratio between button push signals by user through the keyboard 13), button push signal (TsO); user button push measurements, button push value (TsO); registered button push measurements, key-stroke dynamics profile (Tvp), user's key-stroke dynamics measurements and the registered key-stroke dynamics measurements is defined as keystroke dynamics score (Std).
  • the final score obtained as face score (Sy), palm score (Se) and key-stroke dynamics scores (Std) are included with regard to user's configuration is defined as the integrated score (St).
  • the integrated user authentication system can provide utility and enhanced access security, depending on user's preference, by applying user's card, password, palm recognition, face recognition and key-stroke dynamics access security methods in different combinations in an integrated way.
  • the face recognition component (20) is activated depending on user's needs.
  • the user's visual (GO) captured by the camera (11) is pre-processed on face parser (21) and the face visual (GyO) is obtained by distinguishing from the background. Obtained face visual (GyO) is transferred to a face feature identifier (22) as a visual index.
  • the face vector (YvO) comprising the user-specific info is calculated, it is transferred to the face matcher (23), and compared to pre-registered face profile vector (Yvp).
  • the face score (Sy) obtained in the face matcher (23) component is ready for use for calculating the integrated score (St) on authorization score component (51).
  • the palm recognition component (30) is activated depending on user's needs.
  • the palm visual (GeO) captured using the palm reader (15) is pre-processed in the hand vein pattern parser (31), and the vein pattern visual (GdO) is obtained.
  • the vein pattern visual (GdO) reaches to the palm feature identifier (32) and herein, the user-specific hand vein vector (EvO) is calculated.
  • the hand vein vector (EvO) comes to the palm matcher (33), and here, the error ratio between the hand vein vector (EvO) and registered hand vein profile (Evp) is determined and palm score (Se) is obtained, and it is conveyed to the authorization score component (51 ) for calculating the integrated score (St).
  • the key-stroke dynamics component (40) is activated again depending on user's needs.
  • the button push signal (TsO) established by the user while inputting password with the keyboard (13) is transferred to the key-stroke dynamics identifier (41) component and is used in calculating the button push value (TvO) that includes features like button push interval and button push durations etc.
  • TvO button push value
  • Tvp registered key- stroke dynamics profile
  • Std key-stroke dynamics score
  • the authorization score component (51) obtains the integrated score (St) by using face score (Sy), palm score (Se) and key-stroke dynamics scores (Std) obtained from the ace recognition component (20), palm recognition component (30) and key-stroke dynamics component (40).
  • the information, whether a user is authorized or not in the obtained integrated score (St) is transferred to the automatic self-service machine (10) and necessary application continues.
  • the integrated user authentication system provided with the multi-layered biometric access security component (50) and increased security starts to the process by sensing a user via the proximity sensor (16) approaching to the automatic self-service machine (10) for transaction.
  • the user who wishes to do a transaction with card on the automatic self-service machine (10) is asked for inserting her/his card into the card reader (14).
  • one or more biometric identifying steps are executed.
  • the integrated score (St) obtained by the face score (Sy), palm score (Se) and key-stroke dynamics score (Std) obtained as a result of one or more biometric identifying methods executed in accordance with user's preferences is evaluated, and the automatic self-service machine (10) takes the decision of authorization by performing authentication.

Abstract

The invention relates to an integrated user authentication system having an automatic self-service machine (10) and face recognition, palm recognition, and key-stroke dynamics components (20, 30, 40) provided on said automatic self-service machine (10). Said integrated user authentication system characterized in comprising at least one multi-layered biometric access security component (50) that performs authorization verification by providing multi-access security using alternative combinations of biometric methods of face recognition component (20), palm recognition component (30) and key-stroke dynamics component (40).

Description

DESCRIPTION
INTEGRATED USER AUTHENTICATION SYSTEM IN SELF-SERVICE
MACHINES
TECHNICAL FIELD
The invention relates to an integrated user authentication system that uses face recognition, palm vein recognition, and key-stroke dynamics biometric methods in automatic self-service machines.
PRIOR ART
In banking sector, automatic self-service machines (ATM, Kiosk, Cash deposit machines, Teller machines) are widely used as alternative distribution channels. The automatic self- service machines (ATM, Kiosk, Cash deposit machines, Teller machines) provide a solution for many banking transactions, but there are still some transaction limitations.
When bank users use automatic self-service machines generally at the weekends, public holidays, out-of-hours etc., they come across said transaction limitations and the safety measures are not enough.
These missing safety measurements constitute problems like losing password, stolen card, limited transaction set offer etc.. In present practices, password inquiry is the most widespread method for user access safety. Yet, it causes an important safety problem for users when a card is stolen or copied. In order to avoid this problem, additional security stages like finger vein recognition, biometrics techniques etc. are developed thanks to developments in technology. There are many patent documents relating to security methods that are used in the current system. In patent document numbered TR201004447 a system is disclosed which allows bank clients to do banking transactions by a bank transaction authorized person in a remote call center without going to banking branches, and which is designed as a cabin to be used both in branches and shopping centers, terminals etc. secured external places and where all the transactions available in a branch can be done through video communication. It is described that an authorized person in banking transaction directs in an interactive way for
l completing all the banking transactions asked by a customer, who is identified by palm reader and similar security systems.
In the patent document numbered CN101266704, an ATM security system and method based on face recognition is disclosed. It is described that it captures infrared face pictures of system users and keeps in a database, and allows admittance of user by a face recognition engine during logging in process through an ATM machine.
In patent document numbered KR20040070413, a security system and method is disclosed that may avoid unauthorized access in case a credit card or debit card are copied or password is cloned. It is mentioned that the system checking the access security can perform it by IC card reader, RF card reader, fingerprint reader, iris scanner or face recognition device. In patent document numbered TWI245205, a system and method, in which an artificial neural network and face recognition method are used, is disclosed as a solution for drawing money using a stolen card. The card reader on ATM device reads the number from user's card and then asks for the input of identifier password. Digital camera used a visual capturing unit captures user's face visual. The feature vector created by using the distinguishing features from face visual is conveyed to the artificial neural network. The artificial neural network unit performs instruction and then recognition operations by using feature vectors. When recognition score, which is obtained by artificial neural network, is equal to or is higher than a predetermined threshold value, user gets access authorization. In other cases, central unit is warned and notified about stolen or copied card use. It is stated that it can also be applied for credit card using the user's signature via a signature pad as the biometric recognition data of the invention.
In the patent document numbered JP2005196516, a system is disclosed where face recognition method is used for logging in with cards at ATM machines. Face recognition data belonging to users are stored in the pre-registered cards. By processing face image of users captured by camera who want to log in at ATM machine, facial characteristic data is obtained. Obtained data is compared to the pre-registered user data and it is decided whether s/he is an authorized or unauthorized user. Face data of unauthorized users are registered on a separate storage unit, and card holder is informed via electronic post about unauthorized access. In the patent document numbered WO201 1046810, a system and method is disclosed where biometric authentication and authorization for financial processes are applied. The system audibly warns the user and collects her/his biometric data using fingerprint recognition (fingerprint scanner), iris recognition (iris scanner) and/or face recognition (camera) methods. It associates user name and address with biometric data as additional identifying information. Biometric data of a user who tries to log in will be compared with pre-registered user data and it will be decided whether to allow for access or not.
In the patent document numbered JP201 1 18740, a system that identifies user ID using face recognition and provides power saving on ATM devices is disclosed. The proximity sensor takes the camera and face recognition components out of power saving mode when a user approaches to the machine and performs the user identification. Said system that decides whether corresponding user is allowed to do transactions on ATM machine also takes other units out of power saving mode.
In the patent document numbered KR20060117865, a system and method is disclosed that does not allow users to do transactions at ATM machines when their faces are covered (glasses, masks etc.) to the extent that they are impossible to be recognized. In the patent document numbered KR20050002106, a system and method is disclosed that warns security units when it is determined that ATM user's face visual, which is captured by camera, is not valid by checking its validity using the visual comparing algorithm.
In the patent document numbered KR2Q030048390, a system and method is disclosed that gives approval of withdrawal using customer's face information who wishes to draw money from ATM's. When users get a new card, specific information representing user's face is registered to magnetic tape or IC chip on the cards. When a user wants to withdraw money from ATM machines, her/his face zone is detected with the camera on the machine inside the view. DGTM (Dynamic Genetic Tree Map) information of face visual is passed from the Principle Component Analysis (PCA) and decision regarding the approval is given. If approval is given, money withdrawal takes place.
In the patent document numbered WO03069569, an ATM system and method, in which face features of users are detected with digital camera, and video signal is kept in storage unit for searching later is disclosed. In the patent document numbered KR20080049693, a security system and method is disclosed where finger vein pattern data is used as user's biometric data. The biometric data representing the user's finger vein pattern obtained by the finger vein reader on the ATM machine is saved to the IC card. When the user wants to do transactions, her/his finger pattern is taken again and compared to the pre-registered finger pattern, and when approved, the user is authorized and at the same time, the finger vein pattern on the IC card is updated.
In the patent document numbered KR20070058966, a system and method is disclosed, which scans hand vein visual on ATM's and provides saving of said visual with regard to its quality into the IC card or warns for re-registering.
In the patent order transaction occurring between remote access computers comprises user's key-stroke dynamics data document numbered EP2357596, a system and method is disclosed, in which approval info sent for electronic.
In the patent document numbered US2010146619, a system and method is disclosed, in which both user name/password information and user's key-stroke dynamics templates are inquired for access control on electronic devices.
In the patent document numbered US6442692, a safety system and method based on keystroke dynamics is disclosed. The system functioning with keyboard calculates the time between button pushes of users and acquires user-specific button push information. When a new user wants to log in, key-stroke dynamics value of the new user is measured, and it is compared with pre-registered user key-stroke dynamics value, and decision regarding login permission is given.
In the patent document numbered GB2470579, a security system and method is disclosed, in which access permission is provided with key-stroke dynamics for systems like building entrance system and mobile wireless devices. Decision regarding the access permission is taken by comparing one or more button push metrics of the user requesting access permission with registered users' button push metrics. Delay time between button pushes of used metrics indicates that there may be pressing time or pushing errors. In the patent document numbered KR20090022682, a system and method is disclosed in which key-stroke dynamics information is used while doing financial transactions. When user wants to do financial transactions on ATM device, certificate request is submitted to the server. Certificate request includes user password and key-stroke dynamics. If user password is verified at initial inquiry, user's key-stroke dynamics inquiry is carried out at secondary inquiry. Result of that inquiry is transferred to ATM machine. In the patent document numbered US6062474, a system and method is disclosed that analyzes key-stroke dynamics signatures of ATM or electronic trade users. Measured user's key-stroke dynamics values are compared to the button push values that have been already measured and saved to the database, and user authentication can be done in this way. As a result, authentication security can be increased without any other extra equipment except for keyboard or keypad.
As a result of improvements made through additional security layers, user's security is increased. Yet, always utilizing safer systems is one of the top subjects for banks on which they always make effort all the time to increase prestige of banking sector.
Eventually, it has been necessary to make an innovation in relevant technical field with regard to above-mentioned problems.
BRIEF DESCRIPTION OF THE INVENTION
The present invention relates to a new integrated user authentication system that provides user access control in automatic self-service machines to remove the above-mentioned disadvantages and bring new advantages to concerning technical field. The main object of the invention is to provide an integrated user authentication system that provides preeminent security for those using banking services.
Another object of the invention is to provide an integrated user authentication system that uses face recognition, palm vein recognition, and key-stroke dynamics biometric methods together.
In order to reach the above-mentioned and all the objects to be figured out from the following detailed description, the present invention relates to an integrated user authentication system having an automatic self-service machine and face recognition, palm recognition, and key- stroke dynamics components provided on said automatic self-service machine . Characteristic of said integrated user authentication system is that it comprises at least one multi-layered biometric access security component that performs authorization verification by providing multi-access security using alternative combinations of biometric methods of face recognition component, palm recognition component and key-stroke dynamics component.
In a preferred embodiment of the invention, in said multi-layered biometric access security component, at least one authorization score component that plays a role on authorization decision of the user is provided.
In another preferred embodiment of the invention/ at least one integrated score that provides user's authorization decision in said authorization score component is provided.
In a preferred embodiment of the invention, at least one camera for capturing user's picture in automatic self-service machine is provided.
In a preferred embodiment of the invention, at least one monitor for displaying informing screens to users in automatic self-service machine is provided.
In a preferred embodiment, the invention comprises at least one keyboard where users can input data in automatic self-service machine. In another preferred embodiment of the invention, at least one card reader for enabling user card entrance in automatic self-service machine is provided.
In a preferred embodiment of the invention, at least one palm reader provided for capturing hand vein view of users in automatic self-service machine is provided.
In another preferred embodiment of the invention, at least one proximity sensor that is provided for informing relevant units by sensing that a user is approaching in the automatic self-service machine is provided. In another preferred embodiment of the invention, at least one face parser that distinguishes user's visual, which is provided in face recognition component and captured by said camera, from the background is provided.
In another preferred embodiment of the invention, at least one face feature identifier provided on face recognition component, which determines user's face features is provided. In another preferred embodiment of the invention, at least one face matcher that matches the face vector provided in face recognition component and obtained from user's view with pre- registered face profile vector is provided. In another preferred embodiment of the invention at least one hand vein pattern parser that distinguishes palm vein pattern visual from the palm visual obtained from said palm reader and provided in palm recognition component is provided.
In another preferred embodiment of the invention, at least one palm feature identifier provided in palm recognition component, which determines palm features is provided.
In another preferred embodiment of the invention, at least one palm matcher that matches the hand vein vector provided in palm recognition component and obtained from user's palm with pre-registered palm profiles is provided.
In another preferred embodiment of the invention, at least one key-stroke dynamics identifier that is provided in the key-stroke dynamics component and calculates button push measurements via user's button push signals is provided. In another preferred embodiment of the invention, at least one key-stroke dynamics matcher that compares the calculated button push value by said key-stroke dynamics identifier with the registered key-stroke dynamics profile is provided.
In order to reach the above-mentioned and all the objects to be figured out from the following detailed description, the present invention relates to an integrated user authentication method having an automatic self-service machine and face recognition, palm vein recognition, and key-stroke dynamics components provided on said automatic self-service machine. Said application method comprises the steps of, a. Sensing of users approaching to automatic self-service machines for doing transactions,
b. Choosing security configuration,
c. Executing one or more biometric recognition steps depending upon the security configuration preferred by the user,
d. Transferring data obtained in corresponding biometric recognition steps to the authorization score component,
e. Reaching the integrated score based on the data obtained in the authorization score component, f. Reaching to decision of authorization by the automatic self-service machine as result of authentication by evaluating the integrated score.
In order to better understand the configuration of the present invention and its advantages with additional elements, it is necessary to evaluate it along with the figures that are described below.
BRIEF DESCRIPTION OF THE FIGURES
In Figure 1 a general view of the automatic self-service machine is disclosed.
In Figure 2 the block diagram of face recognition component is disclosed. In Figure 3 the block diagram of palm recognition component is disclosed.
In Figure 4 the block diagram of key-stroke dynamics component is disclosed.
In Figure 5 the block diagram of the multi-layered biometric access security component is disclosed.
REFERENCE NUMBERS
10 Automatic Self-service Machine
11 Camera
12 Monitor
13 Keyboard
14 Card Reader
15 Palm Reader
16 Proximity Sensor
20 Face Recognition Component
21 Face Parser
22 Face Feature Identifier
23 Face Matcher
30 Palm Recognition Component
31 Hand Vein Pattern Parser
32 Palm Feature Identifier 33 Palm Matcher
40 Key-stroke dynamics Component
41 Key-stroke dynamics Identifier
42 Key-stroke dynamics Matcher
50 Multi-layered Biometric Access Security Component
51 Authorization Score Component
GO: User's Visual
GyO: Face Visual
YvO: Face Vector
Yvp: Face Profile Vector
Sy: Face Score
GeO: Palm Visual
GdO: Vein Pattern Visual
EvO: Hand Vein Vector
Evp: Hand Vein Profile
Se: Palm Score
TsO: Button Push Signal
TvO: Button Push Value
Tvp: Key-stroke dynamics Profile
Std: Key-stroke dynamics Score
St: Integrated Score
DETAILED DESCRIPTION OF THE INVENTION
Within this detailed description, the integrated user authentication system according to the invention is described only for better understanding the subject without any limiting effects. Accordingly, said integrated user authentication system is described in the description and figures below as being adapted to an automatic self-service machine that provides remote access to banking services. Yet, the invention can be adapted to different systems by making small changes thereon.
With reference to Figure 1 , a general view of an automatic self-service machine (10) is given. At least one camera (1 ), which can capture images at a certain frame, is adapted to said automatic self-service machine (10). Following said camera (1 ), there is at least one monitor (12) present that provides display of information screens that is to be positioned to be within the view of general users who come for transactions. At a certain distance down from said monitor (12), at a position accessible to users, there is at least one keyboard (13) that provides data input for users, and in neighborhood of said keyboard (13), there is at least one card reader ( 4) for users to have their card recognized. At a position accessible to users and around said card reader (14), there is at least one palm reader (15) for capturing hand vein images of users, and at least one proximity sensor (16) that senses that users approach to the machines and activates device components or provides for preparation of welcome message.
At least one face recognition component (20) is provided in said automatic self-service machine (10) that makes relevant calculations by utilizing user's image that is captured by the camera (11). With reference to Figure 2; there is one block diagram provided relating to the transactions done by said face recognition component (20). In said face recognition component (20), there is at least one face parser (21), at least one face feature identifier (22), and at least one face matcher (23) for doing said transactions.
At least one palm recognition component (30) is provided in said automatic self-service machines (10). With reference to Figure 3; there is the block diagram of palm recognition component (30) provided. In the palm recognition component (30), there is at least one hand vein pattern parser (31), at least one palm feature identifier (32), and at least one palm matcher (33) for doing said transactions.
At least one key-stroke dynamics component (40) is also provided in said automatic self- service machine (10). In Figure 4; there is the block diagram of said key-stroke dynamics component (40) provided. In the key-stroke dynamics component (40) there is at least one key-stroke dynamics identifier (41) and at least one key-stroke dynamics matcher (42) provided for doing said transactions.
In addition to all, there is at least one multi-layered biometric access security component (50) provided in said automatic self-service machine (10). With reference to Figure 5; there is at least one authorization score component (51) that does relevant transactions at multi-layered biometric access security component (50).
In the automatic self-service machine (10), various data that are either obtained by different transactions by the abovementioned units or direct input of users are identified. First of all; the error ratio between user's image captured by the camera (11), user's visual (GO); facial view of the user, face visual (GyO); user's face feature vector, face vector (YvO); registered face profile vector, face profile vector (Yvp), user's face features and registered face features is defined as face score (Sy).
The error ratio between palm view of user captured with the palm reader (15), palm visual (GeO); view of hand vein pattern, vein pattern visual (GdO); hand vein feature vector of user, hand vein vector (EvO); registered hand vein vector, hand vein profile (Evp), user's palm features and registered hand vein features is defined as palm score (Se).
The error ratio between button push signals by user through the keyboard (13), button push signal (TsO); user button push measurements, button push value (TsO); registered button push measurements, key-stroke dynamics profile (Tvp), user's key-stroke dynamics measurements and the registered key-stroke dynamics measurements is defined as keystroke dynamics score (Std). The final score obtained as face score (Sy), palm score (Se) and key-stroke dynamics scores (Std) are included with regard to user's configuration is defined as the integrated score (St).
In a detailed description, the integrated user authentication system can provide utility and enhanced access security, depending on user's preference, by applying user's card, password, palm recognition, face recognition and key-stroke dynamics access security methods in different combinations in an integrated way.
With reference to figure 2, the face recognition component (20) is activated depending on user's needs. The user's visual (GO) captured by the camera (11) is pre-processed on face parser (21) and the face visual (GyO) is obtained by distinguishing from the background. Obtained face visual (GyO) is transferred to a face feature identifier (22) as a visual index. Herein; after the face vector (YvO) comprising the user-specific info is calculated, it is transferred to the face matcher (23), and compared to pre-registered face profile vector (Yvp). The face score (Sy) obtained in the face matcher (23) component is ready for use for calculating the integrated score (St) on authorization score component (51).
With reference to figure 3, the palm recognition component (30) is activated depending on user's needs. The palm visual (GeO) captured using the palm reader (15) is pre-processed in the hand vein pattern parser (31), and the vein pattern visual (GdO) is obtained. The vein pattern visual (GdO) reaches to the palm feature identifier (32) and herein, the user-specific hand vein vector (EvO) is calculated. The hand vein vector (EvO) comes to the palm matcher (33), and here, the error ratio between the hand vein vector (EvO) and registered hand vein profile (Evp) is determined and palm score (Se) is obtained, and it is conveyed to the authorization score component (51 ) for calculating the integrated score (St).
With reference to Figure 4, the key-stroke dynamics component (40) is activated again depending on user's needs. The button push signal (TsO) established by the user while inputting password with the keyboard (13) is transferred to the key-stroke dynamics identifier (41) component and is used in calculating the button push value (TvO) that includes features like button push interval and button push durations etc. By transferring it to the key-stroke dynamics matcher (42), error ration between the button push value (TvO) and registered key- stroke dynamics profile (Tvp) is calculated, and the obtained key-stroke dynamics score (Std) is transferred to the authorization score component (51) for calculating the integrated score (St).
With reference to the Figure 5; the authorization score component (51) obtains the integrated score (St) by using face score (Sy), palm score (Se) and key-stroke dynamics scores (Std) obtained from the ace recognition component (20), palm recognition component (30) and key-stroke dynamics component (40). The information, whether a user is authorized or not in the obtained integrated score (St), is transferred to the automatic self-service machine (10) and necessary application continues.
The integrated user authentication system provided with the multi-layered biometric access security component (50) and increased security starts to the process by sensing a user via the proximity sensor (16) approaching to the automatic self-service machine (10) for transaction. The user, who wishes to do a transaction with card on the automatic self-service machine (10) is asked for inserting her/his card into the card reader (14). Afterwards, depending upon the security configuration preferred by the user, one or more biometric identifying steps are executed. The integrated score (St) obtained by the face score (Sy), palm score (Se) and key-stroke dynamics score (Std) obtained as a result of one or more biometric identifying methods executed in accordance with user's preferences is evaluated, and the automatic self-service machine (10) takes the decision of authorization by performing authentication.
As a result, thanks to the integrated user authentication system and applied method, users obtain remarkable advantages in terms of providing their security. As the face recognition component (20), palm recognition component (30) and key-stroke dynamics component (40) can be applied in different combinations, they can provide a higher user security compared to present applications. The users who are sure about their security can do transactions that they can apply remotely via the automatic self-service machines (10) and avoid the crowd of bank branches. In addition to this, bank branches can serve more effectively by avoiding crowd.

Claims

An integrated user authentication system having an automatic self-service machine (10) and face recognition, palm recognition, and key-stroke dynamics components (20, 30, 40) provided on said automatic self-service (10) machine, characterized in comprising at least one multi-layered biometric access security component (50) that performs authorization verification by providing multi-access security using alternative combinations of biometric methods of face recognition component (20), palm recognition component (30) and key-stroke dynamics component (40).
2. An integrated user authentication system according to Claim 1 , characterized in comprising at least one authorization score component (51) that plays a role in authorization decision of the user is provided in said multi-layered biometric access security component (50).
3. An integrated user authentication system according to Claim 2, characterized in comprising at least one integrated score (St) that provides authorization decision of the user in said authorization score component (51).
4. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one camera (1 1) provided in the automatic self- service machine (10) for capturing user's image.
5. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one monitor for displaying informing screens to users in automatic self-service machine (10).
6. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one keyboard (13) where users can input data in automatic self-service machine (10).
7. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one card reader (14) for enabling user card entrance in automatic self-service machine (10).
8. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one palm reader provided for capturing hand vein view of users in automatic self-service machine (10).
9. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one proximity sensor (16) that is provided for informing relevant units by sensing that a user is approaching in the automatic self- service machine (10).
10. An integrated user authentication system according to the claim 4, characterized in comprising at least one face parser (21) that distinguishes user's visual (GO) from the background, and which is provided in face recognition component (20) and captured by said camera (11).
11. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one face feature identifier (22) provided in the face recognition component (20), which determines user's face features.
12. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one face matcher (23) that matches the face vector (YvO) provided in face recognition component (20) and obtained from user's view with pre-registered face profile vector (Yvp).
13. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one hand vein pattern parser (31) that distinguishes vein pattern visual (GdO) from the palm visual (GeO) obtained from said palm reader ( 5) and provided in palm recognition component (30).
14. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one palm feature identifier (32) provided in palm recognition component (30), which determines palm features.
15. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one palm matcher (33) that matches the hand vein vector (EvO) provided in palm recognition component (30) and obtained from user's palm with pre-registered hand vein profile (Evp).
16. An integrated user authentication system according to any of the preceding claims, characterized in comprising at least one key-stroke dynamics identifier (41) that is provided in the key-stroke dynamics component (40) and calculates button push measurements via user's button push signals.
17. An integrated user authentication system according to the claim 16, characterized in comprising at least one key-stroke dynamics matcher (42) that compares the calculated button push value (TvO) by said key-stroke dynamics identifier (41) with the registered key-stroke dynamics profile (Tvp).
18. An integrated user authentication system application method having an automatic self-service machine (10) and face recognition, palm vein recognition, and key-stroke dynamics components (20, 30, 40) provided on said automatic self-service (10) machine, characterized in comprising the steps of; a. Sensing of users approaching to automatic self-service machine (10) for doing transactions,
b. Choosing security configuration,
c. Executing one or more biometric recognition steps depending upon the security configuration preferred by the user,
d. Transferring data obtained in corresponding biometric recognition steps to the authorization score component (51),
e. Reaching the integrated score (St) based on the data obtained in the authorization score component (51),
f. Reaching to decision of authorization by the automatic self-service machine (10) as result of authentication by evaluating the integrated score (St).
PCT/TR2013/000382 2012-12-13 2013-12-13 Integrated user authentication system in self-service machines WO2014092665A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
TR2012/14617 2012-12-13
TR201214617 2012-12-13

Publications (1)

Publication Number Publication Date
WO2014092665A1 true WO2014092665A1 (en) 2014-06-19

Family

ID=50116149

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/TR2013/000382 WO2014092665A1 (en) 2012-12-13 2013-12-13 Integrated user authentication system in self-service machines

Country Status (1)

Country Link
WO (1) WO2014092665A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017030500A1 (en) * 2015-08-19 2017-02-23 Jing King Tech Holdings Pte. Ltd. Biometric access control system
US10341310B1 (en) 2015-12-11 2019-07-02 Orock Technologies, Inc. System for authenticating users using multiple factors

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020091937A1 (en) * 2001-01-10 2002-07-11 Ortiz Luis M. Random biometric authentication methods and systems

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020091937A1 (en) * 2001-01-10 2002-07-11 Ortiz Luis M. Random biometric authentication methods and systems

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ARUN ROSS ET AL: "Un panorama de lâ identification biometrique des personnes ; Human recognition using biometrics: an overview", ANNALS OF TELECOMMUNICATIONS - ANNALES DES TÃ CR LÃ CR COMMUNICATIONS, SPRINGER-VERLAG, PARIS, vol. 62, no. 1 - 2, 1 January 2007 (2007-01-01), pages 11 - 35, XP035065998, ISSN: 1958-9395, DOI: 10.1007/BF03253248 *
ROMAIN GIOT ET AL: "Low Cost and Usable Multimodal Biometric System Based on Keystroke Dynamics and 2D Face Recognition", PATTERN RECOGNITION (ICPR), 2010 20TH INTERNATIONAL CONFERENCE ON, IEEE, PISCATAWAY, NJ, USA, 23 August 2010 (2010-08-23), pages 1128 - 1131, XP031770994, ISBN: 978-1-4244-7542-1 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017030500A1 (en) * 2015-08-19 2017-02-23 Jing King Tech Holdings Pte. Ltd. Biometric access control system
US10341310B1 (en) 2015-12-11 2019-07-02 Orock Technologies, Inc. System for authenticating users using multiple factors
US10992653B2 (en) 2015-12-11 2021-04-27 Orock Technologies, Inc. System for authenticating users using multiple factors

Similar Documents

Publication Publication Date Title
US10275768B2 (en) System and method for selectively initiating biometric authentication for enhanced security of financial transactions
US8558663B2 (en) Integration of facial recognition into cross channel authentication
US11503021B2 (en) Mobile enrollment using a known biometric
KR101944965B1 (en) User authentication system using face recognition and biometric authentication card, and method thereof
US20170352037A1 (en) Identification and Payment Method Using Biometric Characteristics
JP2018532211A (en) Financial transaction relay system with multi-safety lock function for processing user authentication by simultaneously scanning finger vein and fingerprint and processing method thereof
KR101617855B1 (en) System for relaying financial transaction with multiple safety function using finger vein authentication and method for processing thereof
JP4500760B2 (en) IC card authentication system
WO2022059081A1 (en) Input control device, input system, input control method, and non-transitory computer-readable medium
KR101717754B1 (en) System for relaying financial transaction with multiple safety function using finger vein authentication
JP2001256496A (en) Device and method for recognizing face picture
KR101853270B1 (en) Authentication method for portable secure authentication apparatus using fingerprint
US20220277311A1 (en) A transaction processing system and a transaction method based on facial recognition
KR101334744B1 (en) Loaning method using kiosk system
JP2014074972A (en) Personal authentication supporting system with face image
WO2014092665A1 (en) Integrated user authentication system in self-service machines
JP2001005836A (en) Iris registration system
JP4671845B2 (en) Personal authentication system and personal authentication program
KR20040028210A (en) Apparatus for Identifying a Person through Recognizing a Face and Method thereof
JP4500834B2 (en) IC card authentication system
WO2022065059A1 (en) Authentication system
JP2007280405A (en) Individual authentication method
US20160203481A1 (en) System and method for reconciling electronic transaction records for enhanced security
JP4208014B2 (en) Automatic transaction apparatus and automatic transaction system
JP2005202729A (en) Automatic transaction system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13830163

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13830163

Country of ref document: EP

Kind code of ref document: A1