WO2017063763A1 - Authentification biométrique sécurisée - Google Patents

Authentification biométrique sécurisée Download PDF

Info

Publication number
WO2017063763A1
WO2017063763A1 PCT/EP2016/060939 EP2016060939W WO2017063763A1 WO 2017063763 A1 WO2017063763 A1 WO 2017063763A1 EP 2016060939 W EP2016060939 W EP 2016060939W WO 2017063763 A1 WO2017063763 A1 WO 2017063763A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
line
axis
fingerprint
code
Prior art date
Application number
PCT/EP2016/060939
Other languages
English (en)
Inventor
Steinar Pedersen
Original Assignee
Secure Fingerprints As
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Secure Fingerprints As filed Critical Secure Fingerprints As
Publication of WO2017063763A1 publication Critical patent/WO2017063763A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints

Definitions

  • the present disclosure relates to a user authentication system and in particular to a method used for two-factor authentication where a fingerprint and an authentication code are used to authenticate a user.
  • fingerprints alone has the inherent weakness that it is possible to prepare replicas of fingerprints or fingers belonging to individuals subject to impersonation, e.g. in connection with fraud. Such replicas may be provided with the same or similar properties as genuine fingerprints or fingers and may thus be used to provide a fingerprint pattern that will be accepted by a sensor system.
  • touch screens are used for entering information and for operating programs and applications.
  • a consequence of using the touch screen as user/program interface is that the screen will contain an abundance of fingerprint residues stemming from legitimate user(s), where "readable” fingerprints may be easily “lifted off the screen, e.g. after the equipment has been stolen or lost.
  • Fingerprints thus obtained may be used to spoof the system, either by printing a simple picture or by more sophisticated techniques such as using a laser operated 3-D printer to prepare a "skin-like" structure that may be attached to a fingertip.
  • fingerprint registrations alone are often inadequate and will have to be supplemented with input of a user specific code, assuming that this code is secret and only known to authorized users.
  • Some currently used systems combine a fingerprint with a personal access code, which is entered by means of a numeric or alphanumeric keypad.
  • a separate keypad for input of a user specific code, both because this requires extra equipment and also because this implies separation of steps involved in the routine for identification and authentication on two different input entities.
  • a separate, often permanently installed keypad may allow application of utilities such as keystroke loggers that permit illegitimate "reading" of the code during input.
  • keystroke loggers that permit illegitimate "reading" of the code during input.
  • Many people also find it difficult to memorize a numeric or alphanumeric code, particularly if the user is required to remember a whole series of such codes.
  • EP 2584485 A1 discloses a touch based system for entering data comprising at least one digit on a sensor surface.
  • EP 2575084 A1 discloses techniques provided for entering a secret into a security token using an embedded tactile sensing user interface with the purpose of verifying the secret against a stored representation of the same secret.
  • the security token provides on-card matching functionality.
  • EP 2509019 A1 discloses a method and arrangement for providing access to a device, where the method comprises receiving via a touch surface a graphical code, said code comprising at least two parts where a first part relates to a first physical value on the touch surface and a second part relates to a second physical value on said touch surface.
  • US 20120042378 A1 discloses a login system for a graphical user interface where a user sets a design and uses that to get access to a resource.
  • the design can include lines and distances of lines, directions and locations.
  • the design can require a user to select a color and can include colors and amounts by which the different entered parts need to overlap.
  • WO 2009/008686 discloses a data input device and an input conversion method using the data input device.
  • the data input device includes a detection unit provided in a predetermined input region, the detection unit processing several directional inputs.
  • a control unit is configured to determine input locations of lateral, vertical and tilt pressing directions.
  • US 20090313693 A1 discloses a method and system for electronic access security using touches and movements on a touch sensitive surface to determine graphical passcodes that are used in a manner similar to passwords.
  • Graphical passcodes comprise various combinations of swipes, taps or drags on a touchscreen surface as defined by a user.
  • WO 2009095263 A1 discloses a portable electronic device comprising means for fingerprint user authentication having a fingerprint sensor and means for entering first data, wherein said means for entering first data are being entered by sensing a presence of an object relative to the fingerprint sensor, where the first data are independent of biometric characteristics of the object.
  • WO 2003007220 A1 discloses a fingerprint authentication apparatus and method without a keypad, to which a user can input his/her ID number as well as a fingerprint through a fingerprint acquisition window.
  • the fingerprint acquisition window is divided into a plurality of sections and different numerals are being allocated to the different sections.
  • EP 1 1 13405 A2 discloses a fingerprint sensing system usable as a command interface. If the fingerprint pattern matches a previously stored pattern, the user is permitted to enter commands via the same interface system. In the case of an automobile, a user may perform such functions as unlocking doors, setting the seat to a selected location, or pre-starting the car.
  • WO 2002028067 A1 discloses method and system for generating complex text input by sequences of finger touches on a single sign generator in cellular phones that include a display and a sign generator.
  • the sign generator which includes a touch sensitive sensor can be adapted to sense movements of a finger across the sensor in two dimensions.
  • US 81 1 1 136 B2 discloses a fingerprint scanner including a control module for detecting and controlling the transmission of signals.
  • the fingerprint scanning module is coupled to the control module to detect fingerprints and sense different touches representing different command signals.
  • US 6373967 B2 discloses an entry device that recognizes users' fingerprints which are entered in a sequence, where the fingerprints of different fingers must be entered in the proper sequence in order to be recognized and accepted by the system.
  • US 6509847 B1 discloses a method for inputting an access code via temporal variations in the amount of pressure applied to a touch interface.
  • CA 2340501 discloses fingerprint or hand palm scanning, where finger- or palm prints are consecutive print images where the subject exerts force, torque and/or rolling over an interval of time.
  • US 20090153297 A1 discloses a smart card device with a partial fingerprint sensor (swipe sensor), ergonomic guides and a processor.
  • the guides help insure that the user ' s finger properly swipes the fingerprint sensor.
  • US 210225443 A1 discloses a system for user authentication comprising a touch sensitive element such as a touch screen, where finger touch information from a user is accepted via a touch sensitive element, the finger touch information including at least a time series of finger touch samples that define a trace of the user's signature.
  • US 6509847 B1 discloses a method for inputting an access code via temporal variations in the amount of pressure applied to a touch interface. The disclosed method also provides an option to capture additional biometric information by signature operations (finger pressure, fingerprint, skin impedance, etc.) and other biometric inputs (e.g. voice, iris scans, etc.).
  • WO 2015057320 A1 discloses an electronic device with a display and a fingerprint sensor, where the sensor can detect a plurality of finger gestures. After collecting fingerprint information, the device determines whether the collected information is sufficient to enroll a fingerprint. If the information is not sufficient, the user is prompted to perform one or more additional finger gestures on the sensor.
  • EP 2787462 A1 discloses methods and devices for obtaining a fingerprint sample due to incidental contact with a fingerprint sensor when performing a gesture. If the fingerprint sensor is located adjacent to a touchscreen display, the gesture is characterized by input representing movement that is directed at or from the fingerprint sensor and received, at least in part at an end of the touchscreen display.
  • US 8371501 B1 discloses a system and a method for providing multi-factor authentication with an authentication factor, such as a unique tag identifier embedded within a wearable article such as a ring or a watch.
  • an authentication factor such as a unique tag identifier embedded within a wearable article such as a ring or a watch.
  • WO 2005043451 A2 discloses a system where the sensor surface is subdivided into sections allowing the user to register a user specific code by moving the finger from section to section either horizontally, vertically or diagonally, or to deposit brief pressure bouts on the sensor surface.
  • WO 2014206505 A1 discloses a method of authenticating a user that comprises scanning of a fingerprint by means of a fingerprint sensor and receiving at the same sensor surface, a user-specific pattern that comprises one or more gestures guided by a polygonal (preferably square or rectangular) frame.
  • Some of the disclosed inventions utilize one or more touch screens (e.g. the display screen of smartphones) for entering an alphanumeric code or a graphic code pattern, while others depend on a separate keypad. Others employ the fingerprint sensor itself for code entries.
  • existing disclosures describe methods and equipment that utilize fairly large touch screens or sensor surfaces, enabling entry of number codes and recording of finger gestures that are dependent on a subdivision of the sensor surface into identifiable sections that can be touched by one or more fingers in a sequence. Such procedures are feasible with touch screens, but most modern fingerprint sensors, and in particular recent "touch sensors” utilize very small sensor surfaces (such as 5 x 5 mm to 10 x 10 mm) that make subdivision into identifiable and individually touchable sections virtually impossible.
  • fingerprint sensors when used with smartphones and portable computing devices come in a variety of different shapes, very often round or rectangular (for example, 3 x 9 mm) with rounded corners. Such sensors present an additional challenge when serving as means for input of user-specific codes or drawing patterns.
  • a method of authenticating a user of an electronic fingerprint sensor comprising: receiving, at a surface of the electronic fingerprint sensor a finger of said user; scanning a fingerprint with said electronic fingerprint sensor; receiving, at the same sensor surface, a user- specific code recorded by means of the same sensor; wherein the entry of a user- specific code comprises drawing of a user-specific pattern that comprises one or more lines; wherein a line is input by a line gesture that comprises swiping of a finger along an approximately rectilinear path on a portion of the electronic fingerprint sensor surface; characterised in that: the method comprises determining a direction along a longitudinal axis of a user's finger while depositing the fingerprint, and using determined direction to define the orientation of a first axis of an orthogonal X-Y coordinate system that is superimposed with its origin at or near the centre of the sensor surface; and in that: a virtual, rectangular frame is superimposed at or upon the sensor surface, wherein the vertical sides of the virtual frame are
  • the user-specific pattern further comprises dots, entered by dot gestures.
  • the direction of the conditional Y-axis relative to an authorized user's fingerprint is established during the enrolment procedure by the user depositing his fingerprint with the finger kept in a pointing direction that is aligned with the Yo axis of a reference coordinate system with a given orientation based on the direction of columns and rows of the fingerprint sensor grid; wherein spatial relationships between characteristic features of the fingerprint are connected to the direction of Yo; this relationship being stored in memory and later used to establish the direction of the conditional Y-axis.
  • the characteristic features comprise minutiae.
  • the direction of the conditional Y-axis relative to an authorized user's fingerprint is established during the enrolment procedure by the user moving his finger forwards or backwards in the pointing direction of the finger immediately after depositing the fingerprint, this relative direction being stored in memory together with the fingerprint.
  • the user-specific code pattern comprises one or more separate sub- patterns where at least one sub-pattern comprises at least two connected lines.
  • lifting and repositioning the fingertip upon the sensor surface initiates a new sub-pattern.
  • the user-specific code pattern may comprise one or more dots entered at key positions of a line pattern, where the key positions include start, end and connection points of connected lines and where dots signify repeats of key positions in a pattern.
  • lifting and repositioning of a fingertip at approximately same location on the sensor surface is equivalent to a dot gesture.
  • the user increases the finger pressure temporarily against the sensor surface.
  • the corners of the virtual frame are assigned code labels that identify their relative positions.
  • the method comprises steps wherein the code label of Po is determined after a subsequent line is drawn at an angle between +45° and +135° or between -45° and -135° relative to the first line, whereupon Po is assigned the label of one of the four corners of the virtual frame, and wherein drawing a line at an angle between +135° and +180° or between -135° and -180° relative to previous line represents a line running approximately along the same path but in the opposite direction; drawing a line at an angle between 0° and +45° or between 0° and -45° relative to previous line represents continuation of same line, running approximately along the same path; and drawing a line at an angle between +45° and +135° or between -45° and -135° relative to previous line represents a line drawn at an approximately right angle relative to the previous line.
  • the method comprises steps wherein the code label of Po is determined after a subsequent line is drawn at an angle between +30° and +150° or between -30° and -150° relative to the first line, whereupon Po is assigned the label of one of the four corners of the virtual frame; and wherein drawing a line at an angle between +150° and +180° or between -150° and -180° relative to previous line represents a line running approximately along the same path but in the opposite direction; drawing a line at an angle between 0° and +30° or between 0° and -30° relative to previous line represents continuation of same line running approximately along the same path; drawing a line at an angle between +60° and +120° or between -60° and -120° relative to previous line represents a line drawn at an approximately right angle relative to the former line; drawing a line at an angle between +120° and +150° or between -120° and -150° relative to a Y-axis aligned or relative to an X-axis aligned line represents
  • the method comprises steps wherein continuing a rectilinear line gesture outside the detection range of the sensor surface signifies end of a user code input.
  • the method comprises steps wherein a swipe gesture across the whole detection range of the sensor surface indicates the end of a user code input or the correction of a user code input.
  • a user authentication system comprising: an electronic fingerprint sensor comprising a surface which is suitable for receiving a finger for fingerprint scanning and for receiving a user-specific code comprising a user-specific pattern; a perceptible frame surrounding at least a portion of the fingerprint sensor; a memory means storing fingerprint pattern data and user-specific code data associated with at least one user; a processor coupled with said sensor and said memory means and characterised by being arranged to: determine a direction along a longitudinal axis of a user's finger while depositing the fingerprint, and using determined direction to define the orientation of a first axis of an orthogonal X-Y coordinate system that is superimposed with its origin at or near the centre of the sensor surface; receive a user specific code, wherein the entry of a user- specific code comprises drawing of a user-specific pattern that comprises one or more lines; wherein a line is input by a line gesture that comprises swiping of a finger along an approximately rectilinear path on a portion of
  • the perceptible frame of the system comprises a border bounding or at least partially bounding the perimeter or a sensor surface, where the frame is visually or physically demarcated from a surrounding surface of a host device and the sensor surface.
  • a host device comprising the user authentication system, the host device being a mobile computing device, a mobile telephone, smartphone, financial transaction card, identity card, access card, machinery, locks for entrance doors and gates, and other devices or utilities subject to restricted use.
  • a computer program product encoded with instructions that, when run on a computing device enables it to: receive fingerprint data and user-specific code data comprising gesture data relating to a user-specific pattern; characterised in that the computing device is arranged to: determine a direction along a longitudinal axis of a user's finger while depositing the fingerprint, and using determined direction to define the orientation of a first axis of an orthogonal X-Y coordinate system that is superimposed with its origin at or near the centre of the sensor surface; receive a user specific code, wherein the entry of a user- specific code comprises drawing of a user-specific pattern that comprises one or more lines; wherein a line is input by a line gesture that comprises swiping of a finger along an approximately rectilinear path on a portion of the electronic fingerprint sensor surface; and said lines are compared with a virtual, rectangular frame superimposed at or upon the sensor surface, wherein the vertical sides of the virtual frame are aligned with the Y-
  • the Fig. 1 series illustrates a smartphone incorporating a round fingerprint sensor on its backside and a finger depositing a fingerprint.
  • the Fig. 2 series illustrates the principle of superimposing a conditional coordinate system upon the sensor surface.
  • the Fig. 3 series illustrates a fingertip performing a sequential movement relative to the sensor surface in order to input a user-specific code.
  • the Fig. 4 series illustrates a principle of detecting a directional movement of a fingertip upon the sensor surface.
  • the Fig. 5 series illustrates principles for assigning code values to various drawing patterns.
  • the Fig. 6 series illustrates tolerances accepted when drawing a line at an "approximately right angle" relative to a first line.
  • the Fig. 7 series illustrates tolerances accepted when drawing a line in the "approximately same direction" as a first line.
  • Fig. 8 series illustrates the drawing of a code pattern where code lines are joined at "approximately right angles" relative to each other.
  • Fig. 9 series illustrates principles of transforming a drawn code pattern into an idealized pattern and further into a pattern suitable for assigning code values.
  • the Fig. 10 series illustrates principles of drawing code patterns comprising two sub- patterns.
  • the Fig. 1 1 series illustrates a method used to signal the end of a code pattern input.
  • the Fig. 12 series illustrates an approach taken when translating a numerical code value into an actual code pattern drawing.
  • Fig. 13 illustrates an optional mode of drawing code patterns.
  • the Fig. 14 series illustrates a smartphone with a square fingerprint sensor on its backside and methods for entering a code pattern on the sensor surface.
  • the Fig. 15 series illustrates a smartphone with an oval fingerprint sensor on its backside and a method for entering a code pattern on the sensor surface.
  • the Fig. 16 series illustrates a smartphone with a small, rectangular fingerprint sensor below the phone display and examples of user-specific code entries.
  • the Fig. 17 series illustrates a smartphone with a fingerprint sensor incorporated in or underneath the cover glass and an example of user-specific code entry.
  • the Fig. 18 series is a side view of a smartphone incorporating a rectangular fingerprint sensor on its side and an example of user-specific code entry.
  • the Fig. 19 series illustrates a transaction card (or access card) incorporating a fingerprint sensor and an example of user-specific code entry.
  • the Fig. 20 series illustrates a smartphone with a round fingerprint sensor below the display, showing a fingerprint scan and a user-specific code entry.
  • the Fig. 21 series illustrates a smartphone with a round fingerprint sensor on its backside and, showing a fingerprint scan and a user-specific code entry.
  • the Fig. 22 series illustrates a method for introducing "dots" in code patterns involving lifting and repositioning of a finger on the sensor surface.
  • the Fig. 23 series illustrates methods for finalizing code entry.
  • the present disclosure provides a method and system used for authentication of users of electronic fingerprint sensors that are based on capacitive, radiofrequency (RF) based, thermal, optoelectronic, ultrasonic and other physical principles used for scanning of fingerprints.
  • the method is particularly adapted to the input of an authentication code in combination with a fingerprint.
  • the authentication code may in preferred embodiments be user-specific, and preferably personal and user-defined.
  • a "user-specific" authentication code means that a code will generally be different for each physical instance of an authentication system. For example, where an authentication system forms part of a portable computing or communication device, the authentication code will be specific to a user of that device.
  • authentication code Since the number of such devices in common use is large, there are likely to be some overlaps of authentication codes, but these are still user-specific because one user who knows a code that is associated with his device will not have knowledge of the authentication code for somebody else's device.
  • authentication code "user code”, “user- specific code”, “user pattern” and “drawing pattern” may in general be used interchangeably throughout this document, unless the specific context requires otherwise).
  • the method disclosed is suitable for assessing characteristics of a fingerprint entered in combination with an authentication code by a certain user, for comparing such combination with stored information on fingerprints and authentication codes and for using the outcome of this comparison to verify the identity of said user.
  • entries of a fingerprint and an authentication code may be performed independently of each other using the same system.
  • the disclosure may provide a sensor surface surrounded by a frame, where the frame can be perceived or sensed by the user during entry of a code pattern.
  • the frame may be of any chosen shape, for example (and without limitation), square, rectangular, polygonal or round (the latter being precisely or substantially circular, elliptical or oval).
  • the code entry may comprise drawing of a user-specific pattern, optionally in combination with other code elements such as selective application of pressure by a user's finger.
  • the user-specific code pattern will be discussed in more detail below.
  • the user will maintain his fingertip in continuous contact with the sensor for entry of the authentication code.
  • Continuous contact between finger and sensor may be maintained both for the entry fingerprint scan and for an immediately following code pattern drawing as described below.
  • perceptible frames surrounding the sensor surface serve to guide finger movements during entry of an authentication code, permitting use of moderate to small area sensors and enabling a high degree of precision and reproducibility during entry of user patterns.
  • These user patterns may include different types of gestures, termed herein as a "line gesture” and a “dot gesture".
  • a line gesture comprises a finger swiping across a section of the sensor surface in a basically rectilinear manner.
  • a "composite line gesture” comprises several line gestures that are joined at an angle, where joining takes place at "connection points”.
  • a dot gesture may comprise a brief pressure increase entered via the sensor surface (and recorded e.g.
  • a dot gesture is basically equivalent to a "position repeat", i.e. creating repeated, subsequent occurrences of the fingertip at one particular location in the code pattern and thus entering same position number several times in a row in the equivalent number code.
  • the user pattern may either comprise a sequence of a defined number of lines ("line pattern"), or a sequence of a defined number of lines and dots in combination (“combination pattern").
  • the user pattern will preferably comprise at least two connected lines, and may optionally comprise "dots" entered at connection points between individual lines or at start and/or end of code pattern drawing.
  • fingerprint scanning and assessment can be performed with the finger positioned at any angle relative to the sensor surface. This is particularly useful when the sensor is located on the backside of a device such as a smartphone. This option deviates from older scanning procedures where the finger had to be positioned at a certain reproducible location and angle relative to the sensor surface during a scan, often guided by a distinct, physical frame. This opportunity to perform a fingerprint scan at any angle (between 0° and 360°) is emphasized by many sensor and equipment manufacturers by enclosing the sensor surface with a circular bezel, indicating that no specific input angle is required. Some earlier disclosed methods for entering a user-specific code pattern on the sensor surface (e.g. WO 2014206505 A1 ) are rendered less useful when confronted with a smooth, circular frame without any distinct features on the frame surface.
  • fingerprint scanning and code entry are performed as two disconnected operations (as e.g. described in WO 2014206505 A1 ).
  • the re-positioning of the finger and the time lapse between the two operations add to the complexity and time expenditure associated with such two-factor authentication methods and thereby reduce their attractiveness.
  • the present disclosure provides a method that can be used with fingerprint sensors of any shape, including sensors enclosed by a round, featureless aperture or bezel - and at the same time providing a method for uninterrupted transition from fingerprint scanning to code drawing as one continuous operation.
  • An example of a two-factor authentication procedure according to the invention is illustrated in the Fig. 1 series, where a round fingerprint sensor system 2 is incorporated on the backside of a smartphone 1 (Fig. 1 a).
  • a round fingerprint sensor system 2 is incorporated on the backside of a smartphone 1 (Fig. 1 a).
  • the sensor stands out as an identifiable entity relative to its surroundings through the use of tactile features, implying that it can be physically sensed by a user, e.g. by means of a fingertip.
  • a tactile configuration is advantageous since the sensor system can be operated without the user having to visually inspect the procedure.
  • a user operates the sensor by means of a particular finger 3.
  • the smartphone including viewing the display, the phone rests in the palm of one hand with fingers gripping the sides of the phone body. In this position, one or more fingers (commonly the index finger) are free to operate facilities on the backside of the phone, e.g. a fingerprint sensor. In this situation, the operating finger 3 will attain a slanted position relative to the longitudinal axis of the phone body.
  • FIG. 1 c illustrates a recorded fingerprint scan 4. While electronic fingerprint sensor matrices are typically square or rectangular, the fingerprint 4 in Fig. 1 c has a circular appearance due to the sensor aperture and bordering bezel being circular and thereby masking part of the total sensor surface (indicated by the dotted line).
  • Fig. 1 d illustrates an orthogonal 2D coordinate system 5 that is projected or superimposed on the sensor surface and used as a guide when drawing the code pattern.
  • Fig. 2 series illustrates the principle of assigning direction to the superimposed coordinate system 5 referred to under Fig. 1 d.
  • Fig. 2a indicates that a reference coordinate system XoYo may be aligned with the direction of the sensor grid, comprising a matrix of pixels organized in columns and rows.
  • the Yo axis is commonly pointing in the direction of the longitudinal axis of the equipment (e.g. a smartphone) or generally pointing in a direction upwards or away from the user when operating the equipment.
  • the pointing direction of the finger will form an angle with the axes of the reference coordinate system.
  • the Y-axis of the superimposed coordinate system 5 is oriented along the longitudinal axis of the user's finger at a direction taken while depositing the fingerprint, as shown in Fig. 2b.
  • This coordinate system and its axes will be referred to as “temporary” or “conditional”, since their direction will depend on the position taken by the user's finger while entering the fingerprint.
  • Another option, not necessitating the user to align his finger along the Yo axis of the reference coordinate system 7 during the enrolment procedure requires the user to combine a fingerprint scan with a brief movement of the finger along the pointing direction of the finger, thereby establishing the relationship between the direction of the conditional coordinate system and characteristic features of the fingerprint. This relationship is utilized for interpretation of future input of fingerprint and user pattern combinations.
  • Fig. 2c illustrates a situation where the user is moving his finger backwards along the pointing direction of the finger, thereby establishing the direction of the Y-axis of the conditional coordinate system 5.
  • the relationship between an authorized user's fingerprint pattern and the direction of the conditional Y-axis is thereby established and can be recorded as part of the enrolment procedure.
  • the Fig. 3 series illustrates a generalized method of entering a user-specific code pattern according to an embodiment of the invention.
  • the user's fingertip 3 rests upon a circular sensor surface 2, ready for fingerprint scanning and code entry.
  • the fingertip is moved backwards in the direction of the arrow (Fig. 3b), then sideways at a right angle (Fig. 3c) and finally forwards at a right angle to the previous line gesture in the direction of the arrow in Fig. 2d.
  • An arbitrary point near the center of the contact area of the scanned finger is used as starting point when recording the complete user pattern 6.
  • the fingertip movements as shown implies that the user is aware of the conditional coordinate system and directs his fingertip movements according to the direction of its X- and Y-axes.
  • the disclosed method implicates that the actual movement of the fingertip upon the sensor surface is recorded, either by means of the full sensing capabilities of the system or at a lower resolution, involving e.g. each fifth column and/or row of the sensor matrix.
  • One motion recording principle is illustrated in the Fig. 4 series, indicating that a characteristic feature (e.g. a minutia) is located near the center of the circular fingerprint at Po (Fig. 4a) and its initial position recorded as the starting point for the code drawing.
  • a characteristic feature e.g. a minutia
  • the direction of the Y-axis of the conditional coordinate system 5 can be established as parallel to the arrow 9.
  • the Fig. 5 series illustrates basic rules implemented for transforming the actual motion pattern of a fingertip into an idealized pattern suitable for code label assignment.
  • a key tool in this context is a four-sided frame 18 (Fig. 5d) referred to as "codification frame" that serves as reference when transforming a drawing pattern into a number code.
  • the corners of the frame may be assigned any kind of labels, but are in this instance labelled clockwise with numbers from 1 to 4, starting in the upper left corner.
  • the codification frame is preferably square with vertical borders aligned with the Y-axis and horizontal borders aligned with the X-axis of the conditional coordinate system.
  • the codification frame is a virtual tool and has a rectangular shape.
  • rectangular implies that the frame is quadrilateral with four right angles, where opposing sides of the frame are of equal length.
  • the preferred rectangular shape is square, with four sides of equal length.
  • the “rectangular” and “square” are generalized terms, also comprising shapes with cut-off and rounded corners).
  • the drawing pattern is transformed according to a set of rules in order to fit into the codification frame, enabling a transformation algorithm to put numbers to key features of the code pattern (start point, end point, points of direction change, etc.) and thus generate number codes such as "432", "14123”, “3434123234", etc.
  • FIG. 5a One set of code transformation rules is illustrated in the Fig. 5a - Fig. 5d series.
  • the user initiates code pattern drawing by moving his finger a short distance in the negative direction of the Y-axis, indicated by the arrow 13 (Fig. 5a).
  • a similar movement is shown by the arrow 14 in Fig. 5b, but the distance is somewhat longer.
  • An even more extensive finger movement is indicated by the arrow 15 in Fig. 5c.
  • Arrows (11 , 12) representing the finger movements are entered into the codification frame 18 in Fig. 5d. Irrespective of the length of finger movement, the arrow appearing in the codification frame is of unit length.
  • this first gesture is initially represented by two alternative arrows 1 1 , 12 in the codification frame.
  • the code pattern comprises only a single line gesture
  • the arrow 1 1 is by convention located along the left border or the frame. Similar rules apply to line gestures entered along the X-axis, where a code pattern comprising a single line gesture by convention is recorded along the upper, horizontal border of the codification frame. (This latter single-line code convention is not absolute, and may be altered, e.g. if judged as advantageous for particular embodiments).
  • the Fig. 5e - Fig. 5h series illustrates codification consequences of adding a second line gesture at a right angle to the first gesture 14 (Fig. 5e).
  • This second line gesture 16 is illustrated as a line crossing the first gesture, although both gestures are entered as a single, continuous movement of the finger.
  • the general motion pattern is perhaps better illustrated by two crossing arrows.
  • a drawing convention illustrated by the two-legged code pattern 17 shown in Fig. 5g is used in the context of this disclosure.
  • This L-shaped arrow indicates that a downward (-Y) line gesture is followed by a connected, rightward (+X) line gesture at right angle to the first.
  • This composite line gesture is transferred to the codification frame as an L-shaped user pattern 19 codified as "143".
  • the combined gesture 21 takes the shape of an inverse L as shown in Fig. 5k, which again is transferred to the codification frame in Fig. 5I as a user pattern 22 codified as "234".
  • a line gesture in the positive direction of the Y-axis is recorded as an arrow pointing upwards (i.e. from 4 to 1 or from 3 to 2) in the codification frame, while a line gesture in the negative direction of the Y-axis is recorded as an arrow pointing downwards (i.e. from 1 to 4 or from 2 to 3) in the codification frame.
  • a line gesture in the positive direction of the X-axis is recorded as an arrow pointing from left to right (i.e. from 1 to 2 or from 4 to 3) in the codification frame, while a line gesture in the negative direction of the X-axis is recorded as an arrow pointing from right to left (i.e. from 2 to 1 or from 3 to 4) in the codification frame.
  • a user pattern or sub-pattern comprises a single line gesture in the direction of the Y-axis, it is recorded as an arrow along the left, vertical border (i.e. from 4 to 1 or from 1 to 4) of the codification frame, while if the line gesture is performed along the X-axis, it is recorded as an arrow along the upper horizontal border (i.e. from 1 to 2 or from 2 to 1 ) of the codification frame.
  • a first line gesture performed along the Y-axis with a second gesture performed along the positive X-axis will position the first segment of the broken arrow along the left, vertical border of the codification frame, while a second gesture performed along the negative X-axis will position the first segment of the broken arrow along the right vertical border of the codification frame.
  • a first line gesture performed along the X-axis with a second gesture performed along the positive Y-axis will position the first segment of the broken arrow along the lower horizontal frame border, while a second gesture performed along the negative Y-axis will position the first segment of the broken arrow along the upper horizontal frame border.
  • Next step is to draw a new branch from the end of 14 either to the right or to the left, ideally at a right angle along the X-axis. Taking drawing imprecision into consideration, it is accepted if this new gesture creates a line that is positioned within 45° from the ideal trajectory, i.e. within a(1 ), a(2), a(3) or a(4) as illustrated in Fig. 6b. This is exemplified in Fig. 6c, where the second leg of the code pattern 24 is drawn at an "approximately" right angle to the first leg. In the context of description of present invention, the "approximate" term is generally used to describe the practical outcome where the intention may be to draw a right angle.
  • FIG. 8 series An example of a more extensive code pattern drawing exhibiting imprecisions referred to above is given in the Fig. 8 series.
  • a first two line gestures 26 oriented at an approximately right angle to each other is shown in Fig. 8a, which is continued with a third, fourth and fifth leg at approximately right angles to each other into the complete "raw" drawing pattern 27 shown in Fig. 8b and the final code pattern 28 is shown in Fig. 8c, referred to by number code as "143214".
  • Fig. 9 series is merely included to illustrate a drawing convention used when presenting code patterns, in particular for situations where drawing include back-and- forth movements where overlying lines may not be apparent.
  • Fig. 9a where the "raw" code pattern includes several segments of overlying lines.
  • the "zig-zag" structure of the first three line segments may be due to imprecise drawing, or as here merely used to indicate that three separate line segments are drawn, involving turning points at 30 and 31.
  • Fig. 9b A somewhat clearer picture of the drawing pattern is given in Fig. 9b, where the transitory pattern 32 shows the turning points 33 and 34 in a more explicit, "squared” manner.
  • the final code pattern 35 entered into the codification frame is shown in Fig. 9c, representing the number code "14143214".
  • Code patterns may be drawn as continuous lines, or comprise two or more separate, interrupted combination gestures, each referred to as "sub-patterns". Some examples are provided in the Fig. 10 series, where a first composite line pattern 36 is followed by a single line gesture 37 along the +X axis in Fig. 10 b, yielding the final code pattern 38 entered into the codification frame 18 in Fig. 10c and codified as "14321-12". (Sub- patterns of user codes are separated by a "-"). Similarly, the initial code pattern 36 is followed by a single line gesture 39 along the -Y axis in Fig. 10e, providing the final code pattern 40 entered into the codification frame 18 in Fig. 0f and codified as "14321 -14".
  • the initial code pattern 36 is followed by a slightly more complex pattern 41 in Fig. 10h, showing the final code pattern 42 in Fig. 10i codified as "14321-234".
  • the transition from one sub-pattern to a next may be performed by briefly lifting and re-positioning of the fingertip upon the sensor surface (see also Fig. 22).
  • a prerequisite for using the disclosed motion-based pattern drawing as foundation for user-code entry is that at least a small part of the fingertip is touching the sensor surface during the drawing process.
  • This is indicated in the Fig. 1 1 series, starting with a fingertip in a scanning position and illustrating a recorded fingerprint 4 and a virtual starting point Po for code pattern drawing in Fig. 1 1 a.
  • Fig. 1 1 b only a small part of the fingertip is touching the sensor surface, yielding the fingerprint section 43 with some characteristic feature (e.g. minutia) Pi at the lower end of the Y-axis.
  • Fig. 1 1 c indicates that the finger has subsequently been moved to the right and finally upwards and out of the detection range of the sensor.
  • This "sensor area exit” 45 may suitably serve to signal that code pattern entry is finalized, in this instance yielding a complete code pattern 44 referred to as "1432".
  • the reverse of the approach taken above for interpreting code patterns is illustrated in the Fig. 12 series, where a number code “143214” is provided and translated into a code pattern suitable for entering onto a fingerprint sensor surface.
  • One may then start by visualizing the pattern 46 contained in a codification frame 18, which is then attempted drawn on the sensor surface with right angles in the shape of 47 in Fig. 12b, but which in practice will be entered as a somewhat more imprecise pattern 48 as shown in Fig. 12c. Although imprecise, the code pattern interpretation algorithm will recognize the pattern as representing "143214".
  • code patterns comprising straight lines drawn at right angles to each other comprise gestures that are moderately challenging to perform, and the "square" patterns discussed above are the preferred code patterns generated as outcome of the disclosed method.
  • code patterns may be extended with "slanted lines", as illustrated in the Fig. 13 series. The principle is illustrated starting with a single line gesture 14 as shown in Fig. 13a. After finalizing this first branch of the pattern, the drawing may continue at an angle to the first line through a series of alternative sectors 49 named from a(1 ) to a(6), each spanning 30°.
  • a line drawn through a(6) or the corresponding sector on the other side of the Y-axis represents a line gesture drawn in the opposite direction of 14 (equivalent to drawing a line at an angle between 150° and 210° of the original direction).
  • a line drawn through a(3), a(4) or the corresponding sectors on the other side of the Y-axis represents a line gesture drawn at an approximately right angle to 14 (equivalent to drawing a line at an angle between 60° to 120° counterclockwise or between 240° to 300°, the latter also referred to as -60° to -120° of the original direction).
  • a line drawn through a(5) or the corresponding sector on the other side of the Y-axis represents a "slanting line" that in a code pattern context is used to connect two diametrically opposite corners of a square codification frame.
  • the purpose of using these slanting lines is to extend the code pattern variety, implying that instead of only having two options when continuing a line gesture with a new line at a right angle to the first, or backwards along the first line, this slanting line represents a third drawing option. This is illustrated by the rather complex user code 50 drawn in Fig. 13b, which takes the shape of 51 when transferred to the codification frame, corresponding to the user code "1421213".
  • the code pattern concept has been illustrated above using a sensor with a round frame, but same concept may be easily adapted to sensors of any size and shape, which are incorporated at any position in a great variety of equipment, devices, machinery, entry points, doors, access cards, transaction cards, etc. Some of these applications are illustrated in figures below (Fig. 14 to Fig. 21 ).
  • the Fig. 14 series illustrates a smartphone 52 (Fig. 14a) incorporating a square fingerprint sensor with rounded corners 53 on its backside.
  • a slanted finger 3 (Fig. 14b) deposits a fingerprint and draws a user pattern 54 on the square sensor surface 53 (Fig. 14c), codified as "143214".
  • the fingertip movement is not limited by the shape and orientation of the perceptible, square frame 49, but since the operation may be performed without the user actually seeing the pattern input, the frame may optionally offer some guidance as illustrated by the code pattern 55 ("432143") shown in Fig. 14d.
  • a rectangular sensor with rounded corners or an oval sensor 57 is shown on the backside of a smartphone 56 in Fig. 15a, where an essentially upright finger 3 (Fig. 15b) is used to enter a user pattern.
  • the user is overviewing the code entry and may therefore use slanted lines (as described under Fig. 13) as part of the code pattern 58 ("341342") shown in Fig. 15c.
  • Some fingerprint sensors in use have a rectangular shape 60 (with different height and width) and are positioned below the display of smartphones 59 (Fig. 16a). This position encourages fingerprint entry by any finger, including the thumb 3 (Fig. 16b).
  • Code pattern entry is easy also with this sensor configuration and operation, as exemplified by the code pattern 62 shown in Fig. 16c ("23412") where the finger is pointing straight upwards along the Y-axis 61 or an alternative pattern 64 ("41234") where the finger is slightly skewed and pointing along the slanted axis 63.
  • the Fig. 17 series illustrates fingerprint scanning and code entry by means of a sensor 66 that is located under or within the cover-glass of the display of a smartphone 65 (Fig. 17a).
  • the sensor may appear on a conditional basis, e.g. only when a fingerprint or code entry is required as part of log-on or other approval procedures.
  • the user is firstly requested to put a finger 3 on top of the visualized sensor range (Fig. 17b), to deposit a fingerprint 67 (Fig. 17c) and thereafter enter a user-specific pattern 69 ("34123") as illustrated in Fig. 17d.
  • Some smartphones 70 come with a rectangular fingerprint sensor 71 on their side, as illustrated in Fig. 18a. Even this awkward position allows easy entry of user code 72 ("23412") using single-handed operation and e.g. drawing the pattern by means the thumb (Fig. 18b).
  • Single-handed operation may also be used with smart-cards, entry-cards and transaction cards 73 incorporating a fingerprint sensor 74 as illustrated in Fig. 19a.
  • a user code 75 (Fig. 19b) may be entered simultaneously with a scanned fingerprint, encrypted and transferred to an NFC receiver as part of a payment or other transaction procedures.
  • Apple's original fingerprint sensor 77 was located beneath the display region of their iPhone 76 (Fig. 20a). Contrary to sensors discussed in the preceding, the round, featureless frame entirely encloses a small, square sensor (5 x 5 mm).
  • the two-factor authentication method described herein is well suited to be used also with this sensor system. This is illustrated by a finger 3 taking a slightly slanted position while entering a fingerprint (Fig. 20b), yielding a fingerprint 78 in Fig. 20c and entry of a user pattern 79 ("23214") in Fig. 20d.
  • An aspect of the present invention is summarized in the Fig. 21 series where a smartphone 1 incorporates a round fingerprint sensor 2 on its backside (Fig.
  • the Fig. 10 series illustrates an embodiment where the code pattern comprises several sub-patterns and where initiation of a new sub-pattern is instigated by lifting and repositioning a finger on the sensor surface. Except for certain sub-pattern combinations (e.g. 42, Fig. 10i and similar), this lift-and-reposition operation is equivalent to introducing a "position repeat" or a "dot" in the code pattern.
  • the process of lifting and repositioning of a finger 3 on the sensor surface 53 is shown in Fig. 22a - Fig. 22c. For graphic, illustrative purposes, this operation is drawn as a square "bump" 81 near corners of code patterns (Fig. 22d).
  • the final code pattern 84 is assigned the number code "1444321 14". By introducing position repeats or dots this way, the number of available code patterns can be extended significantly, without becoming too complex.
  • Dots may alternatively be introduced by temporarily increasing the finger pressure while the finger rests in a specific location, where increased pressure may be registered by means of pressure sensors or micro-switches.
  • This operation may alternatively be used to signal end of code input, as illustrated in the Fig. 23 series employing a smartphone 59 with a rectangular sensor 60 for fingerprint and code entry.
  • the sensor button is depressed, symbolized by the square "recess" 85 at the end of the pattern 86.
  • the system may thereafter provide for a swiping motion 87 (Fig. 23b, Fig. 23d) of the fingertip across the sensor surface in order to finalize user input, an operation that may ensure that the sensor surface is devoid of any readable fingerprints.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • User Interface Of Digital Computer (AREA)
  • Image Input (AREA)

Abstract

L'invention concerne un procédé d'authentification d'utilisateurs de capteurs d'empreinte digitale et de l'équipement et des dispositifs utilisant de tels capteurs (illustrés ici par un smartphone, 1) ; où le procédé utilise un capteur d'empreinte digitale électronique (2) en tant que fonctionnalité de saisie pour détecter et enregistrer un code d'authentification (80) saisi par un utilisateur. Le capteur est entouré par un châssis perceptible. Le code d'authentification (80 ; notation raccourcie du code actuel : « 14231 ») est saisi en utilisant un système de coordonnées XY projeté conditionnellement sur la surface du capteur comme guide. Des combinaisons d'empreintes digitales enregistrées (4) et de codes d'authentification (80), ou uniquement des codes d'authentification, sont utilise(e)s pour authentifier des utilisateurs légitimes desdits capteurs, équipement et dispositifs et pour rejeter des utilisateurs illégitimes.
PCT/EP2016/060939 2015-10-14 2016-05-16 Authentification biométrique sécurisée WO2017063763A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1518215.7 2015-10-14
GB1518215.7A GB2543323A (en) 2015-10-14 2015-10-14 Secure biometric authentication

Publications (1)

Publication Number Publication Date
WO2017063763A1 true WO2017063763A1 (fr) 2017-04-20

Family

ID=55131055

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2016/060939 WO2017063763A1 (fr) 2015-10-14 2016-05-16 Authentification biométrique sécurisée

Country Status (2)

Country Link
GB (1) GB2543323A (fr)
WO (1) WO2017063763A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109151193B (zh) * 2018-08-13 2020-09-22 维沃移动通信有限公司 一种闹钟控制方法及移动终端
WO2021101192A1 (fr) * 2019-11-22 2021-05-27 Samsung Electronics Co., Ltd. Procédé et appareil d'authentification d'un utilisateur
CN114115453A (zh) * 2021-10-21 2022-03-01 维沃移动通信有限公司 电子设备

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109697013A (zh) * 2018-12-26 2019-04-30 北京硬壳科技有限公司 控制光标的方法、光标控制器和光标控制设备
SG10201908859TA (en) * 2019-09-24 2021-04-29 Mastercard International Inc Method and system for authenticating users
DE102020111285A1 (de) * 2020-04-24 2021-10-28 Carl Fuhr GmbH & Co. KG. Verfahren zur Überprüfung einer Zutrittsberechtigung

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140301615A1 (en) * 2011-12-28 2014-10-09 Fujitsu Limited Narrow down data creating method and narrow down data creating device
WO2014206505A1 (fr) * 2013-06-26 2014-12-31 Steinar Pedersen Perfectionnements apportés ou ayant trait à l'authentification d'un utilisateur

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005043451A2 (fr) * 2003-08-05 2005-05-12 Pedersen Steinar Systeme d'identification d'une personne
KR102123092B1 (ko) * 2013-11-21 2020-06-15 삼성전자주식회사 지문 인식 방법 및 그 전자 장치
KR102177150B1 (ko) * 2014-02-19 2020-11-10 삼성전자 주식회사 지문인식 장치 및 방법

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140301615A1 (en) * 2011-12-28 2014-10-09 Fujitsu Limited Narrow down data creating method and narrow down data creating device
WO2014206505A1 (fr) * 2013-06-26 2014-12-31 Steinar Pedersen Perfectionnements apportés ou ayant trait à l'authentification d'un utilisateur

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109151193B (zh) * 2018-08-13 2020-09-22 维沃移动通信有限公司 一种闹钟控制方法及移动终端
WO2021101192A1 (fr) * 2019-11-22 2021-05-27 Samsung Electronics Co., Ltd. Procédé et appareil d'authentification d'un utilisateur
CN114115453A (zh) * 2021-10-21 2022-03-01 维沃移动通信有限公司 电子设备
CN114115453B (zh) * 2021-10-21 2024-02-09 维沃移动通信有限公司 电子设备

Also Published As

Publication number Publication date
GB2543323A (en) 2017-04-19
GB201518215D0 (en) 2015-11-25

Similar Documents

Publication Publication Date Title
US20160140379A1 (en) Improvements in or relating to user authentication
WO2017063763A1 (fr) Authentification biométrique sécurisée
EP3336733B1 (fr) Système et procédé de reconnaissance d'empreinte digitale, et appareil d'affichage
US9349035B1 (en) Multi-factor authentication sensor for providing improved identification
CN1311322C (zh) 移动终端
TWI556134B (zh) 手持電子裝置及用以控制手持式電子裝置之方法
US9224029B2 (en) Electronic device switchable to a user-interface unlocked mode based upon a pattern of input motions and related methods
US8903141B2 (en) Electronic device including finger sensor having orientation based authentication and related methods
US20160210452A1 (en) Multi-gesture security code entry
WO2018079001A1 (fr) Dispositif de traitement d'informations, procédé de traitement d'informations et programme
WO2013069372A1 (fr) Dispositif d'authentification biométrique et dispositif de transaction automatique pourvu de celui-ci
US9785863B2 (en) Fingerprint authentication
US10438041B2 (en) Techniques for fingerprint detection and user authentication
KR101576557B1 (ko) 모바일 단말기용 지문인식 해킹방지 장치 및 지문 해킹방지용 표면부재와 그 지문해킹 방지방법
US11048786B2 (en) Techniques for fingerprint detection and user authentication
US11722904B2 (en) Electronic system for construction and detection of spatial movements in a VR space for performance of electronic activities
JP5104659B2 (ja) 入力装置、携帯端末装置、及び入力装置の入力方法
CN112395925B (zh) 屏下指纹注册方法及电子装置
KR100629410B1 (ko) 지문인증기능을 구비한 포인팅 장치 및 방법과, 이를 위한 휴대 단말기
WO2021071762A1 (fr) Techniques pour la détection d'empreintes digitales et l'authentification d'utilisateur
JP2013246567A (ja) 情報処理装置、認証方法およびプログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16726030

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16726030

Country of ref document: EP

Kind code of ref document: A1