WO2018109014A1 - Systèmes et procédés d'authentification - Google Patents

Systèmes et procédés d'authentification Download PDF

Info

Publication number
WO2018109014A1
WO2018109014A1 PCT/EP2017/082642 EP2017082642W WO2018109014A1 WO 2018109014 A1 WO2018109014 A1 WO 2018109014A1 EP 2017082642 W EP2017082642 W EP 2017082642W WO 2018109014 A1 WO2018109014 A1 WO 2018109014A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
authentication
data
terminal
matching database
Prior art date
Application number
PCT/EP2017/082642
Other languages
English (en)
Inventor
Klaas Zwart
Original Assignee
Hanscan Ip Bv
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hanscan Ip Bv filed Critical Hanscan Ip Bv
Publication of WO2018109014A1 publication Critical patent/WO2018109014A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Definitions

  • Described examples relate to systems, methods and other apparatus for use with authentication, such as authentication of individuals. Some examples relates to systems and methods for providing authenticated access.
  • biometric IDs can often be the case that if a biometric ID is stolen or replicated, then they essentially function in same way as normal IDs, potentially giving rise to unauthorised access to any person. Where stolen IDs can be cancelled and replaced, biometric IDs on the other hand, when taken, are lost for life. One cannot keep on changing one's limbs. Many countries already store fingerprints for future backdoor access, for when the biometric access era comes on stream.
  • an authentication system there is described an authentication system.
  • the system may comprise a plurality of user terminals. Each terminal may be associated with a single user. Each terminal may comprise a transmitter configured to communicate with a matching database.
  • the system may comprise a dedicated matching database configured to store a plurality of authentication records. Each record may comprise authentication data relating to a particular user.
  • Each terminal may be operable to communicate authentication data from the user terminal to the matching database.
  • the matching database may comprise an authentication unit configured to compare the authentication data that is received from that user terminal together with a data record associated with that user.
  • the matching database e.g. a transmitter at the matching database
  • Each terminal may be associated with a single user such that that terminal may be considered to be a "personal" device, i.e. personal to that user only.
  • the system may comprise a plurality of user terminals and a plurality of users, with each terminal being identifiable and associated with a different user.
  • each terminal is configured for exclusive use with a single user.
  • Each authentication record associated with a user at the matching database may store, with that record, data identifying the user's terminal.
  • each terminal may have a particular unique identifier, such as a unique serial number, or the like.
  • Some or all terminals may comprise some form of user sensor, such as a biometric sensor. If a biometric sensor is used, then that biometric sensor may be configured to permit the system to obtain biometric data derived from a user.
  • each terminal may comprise a biometric sensor configured to obtain a representation of one or more biometric properties of a user (e.g. one or more fingerprints).
  • some or all terminals may comprise a fingerprint sensor configured to obtain a representation of one or more fingerprints of a user.
  • Such terminals may comprise a convertor configured to convert the representation from the biometric sensor into unique biometric data. That biometric data may be considered to be an abstraction, such as a unique abstraction, of the biometric representation.
  • the sensor may be configured to obtain a 3D representation of the biometric properties of a user (e.g. a 3D representation of a user's fingertip). That 3D representation may be used by the convertor in order to provide biometric data.
  • the convertor may be configured to implement a conversion algorithm in order to provide biometric data.
  • That conversion algorithm may be selected from a number of potential algorithms for use at terminals (e.g. each time the biometric data is obtained). That conversion algorithm may be unique to that particular terminal.
  • the biometric data may correspond to the representation of one or more biometric properties of the user in manner that is unique or rare across all terminals within the authentication system.
  • the terminal may be configured to convert the biometric representation obtained from the sensor into biometric data such that, while relating to the biometric representation, may not be readily reconstructable to derive again the biometric representation (e.g. without an understanding of algorithm and how the biometric data was obtained in the first instance).
  • Each terminal may be configured to obtain authentication data for subsequent communication with the matching database (e.g. at or around the time of an authentication request).
  • An authentication request may be a request for authentication for the purposes of physical or digital access, for payment, age verification, etc.
  • An authentication request may be initiated by the system (e.g. by the user terminal), and/or may be initiated by a third party. Such a third party may be in communication with the user terminal, and may be configured to initiate the authentication request.
  • the terminals may be configured to require user activation in order to provide a response to an authorisation request (e.g. in order to generate/communicate authentication data in response to an authentication request).
  • the terminals may be configured to generate biometric data in response to a user activation or other such action.
  • the terminal may be configured to receive an activation input from the user.
  • the terminal may be configured to generate the biometric data at the time of the activation input (e.g. simultaneously).
  • Such user activation input may include a specified user action, such as a swipe and/or press at the terminal (e.g. at the sensor).
  • the terminal may comprise an auxiliary sensor.
  • the auxiliary sensor may be configured to identify a proof of life of the user. For example, the sensor may measure one or more of temperature, haemoglobin, heart beats, neural sensor, etc.
  • the auxiliary sensor may be incorporated together with the biometric sensor.
  • the terminal may comprise one or more tamper respondent sensors.
  • tamper respondent sensors may be configured to modify (e.g. erase) data stored at the terminal in the event of a detected tampering event of the terminal (e.g. attempted unauthorised access).
  • the terminal may be configured to communicate authentication data comprising biometric data of a user of that particular terminal together with the particular unique identifier of the terminal.
  • the terminal may comprise a compiler configured to compile authentication data for transmission to the matching database, e.g. using the transmitter of user terminal.
  • the compiler may be configured to apply a time stamp to the authentication data (e.g. prior to transmission).
  • the compiler may be configured to hash the authentication data to a particular data size for subsequent transmission.
  • the compiler may be configured to encrypt authentication data for subsequent transmission.
  • Each authentication record stored at the matching database that relates to a particular user may comprise data associated a particular user's terminal (e.g. a terminal unique identifier) together with permitted biometric data for that user (e.g. for that known user of that known terminal).
  • the authentication records may comprise additional user data, such as name, age, etc.
  • the authentication unit may be configured to compare the authentication data received from that user terminal (e.g. after an authentication request) together with a data record associated with that user in order to provide an authentication response.
  • the authentication unit of the matching database may be configured locate a data record associated with the user terminal (e.g. using the unique identifier of the user terminal) and then compare the received biometric data with the biometric data of that record. In the event that the received biometric data is the same as biometric data for that data record, then the system (e.g. matching database) may be configured to provide an authentication response.
  • the system may be configured to provide access to a secure network (e.g. comprising hosting servers). In such a way, access to those servers may only be possible if an authentication is positively provided.
  • a secure network e.g. comprising hosting servers.
  • the system may be considered to provide a gateway to the secure network.
  • the system may be configured such that access to the secure network is possible via the matching database.
  • the system may be considered to comprise the secure network (i.e. the system itself not only comprises the matching database, etc., but also the secure network). Access to the secure network may only be provided via the system, e.g. via the matching database. In other words, in some examples, it may only be possible to communicate with the secure network via the matching database (or via authorisation from the matching database).
  • the matching database may be configured to store (e.g. at a data record) access events, e.g. occurrences of user access.
  • the secure network of the system may comprise a plurality of servers. Some or all of the servers may be located at different geographical regions or locations. In such cases, the servers may nevertheless communicate with the matching database (e.g. via trusted connections). Access to those servers may only be possible via a positive authentication by the system (e.g. at the matching database).
  • the system may be configured such that each server at the secure network might be accessible after a positive authentication has been provided by the matching database.
  • Such servers may comprise e-mail servers, banking servers, etc. In some examples, access to the servers may only be possible after a positive authentication response is provided.
  • that authentication response may be communicated back to the user terminal. From that terminal, the response may be communicated to a third party for authentication. Otherwise, that authentication response may be communicated directly to a third party.
  • the authentication unit may be configured to use the time stamp of received authentication data in order to provide an authentication response. For example, where the time stamp suggest that the authentication data was transmitted beyond a defined time threshold (e.g. greater than 1 second, 3 seconds, 5 seconds, etc.) then the authentication unit may be configured not to provide authentication, even if biometric data were to match with data stored at the specified record.
  • the matching database may be configured to provide an authentication response via one or more channels, for example, to a third party (e.g. a point of sale, a bank, etc.).
  • the matching database may be configured such that access is limited such that only requests for authentication emanating from user terminals that have a corresponding data record have access to the database.
  • the matching database may be configured to perform a database check from time to time, e.g. periodically. Such database check may be verify data, such as internal signatures, or other modification in the core system.
  • the matching database may be configured such that administrator access is permitted via a user terminal, as mentioned above. Operations performed by the system administrator may be monitored and/or saved, e.g. at the database.
  • the authentication system may be configured to permit user enrolment with the matching database (e.g. additional user enrolment).
  • additional user enrolment e.g. additional user enrolment
  • the system may be configured to permit different levels of enrolment.
  • Each enrolment level may provide a particular level of authentication veracity.
  • An enrolment level of a particular user terminal may be stored together with a corresponding data record.
  • the matching database may be configured to communicate the enrolment level of a particular user terminal at the time of an authentication response.
  • the enrolment level may be communicated to the user terminal, or to a third party directly.
  • the user terminal may store and communicate the enrolment level (e.g. to a third party).
  • the enrolment levels may include a low level enrolment.
  • the end user of a terminal may validate/certify the data record stored at the matching database.
  • the enrolment levels may include a high level enrolment.
  • a trusted administrator e.g. government official
  • the enrolment levels may include a medium level enrolment.
  • a trusted intermediator e.g. a bank
  • Each authentication record stored at the matching database that relates to a particular user may comprise data associated a particular enrolment level of that terminal/user.
  • the authentication system may define an access protocol.
  • authentication system may be used/accessible by third parties in order to authenticate users in a manner that has not be performed previously.
  • the system may share common hardware, firmware and/or software.
  • an authentication system comprising:
  • each terminal being associated with a single user and comprising a transmitter configured to communicate with a matching database, a dedicated matching database configured to store a plurality of authentication records, each record comprising authentication data relating to a particular user,
  • a secure network comprising one or more servers in communication with the matching database
  • each terminal is operable to communicate authentication data from the user terminal to the matching database
  • the matching database comprises an authentication unit configured to compare the authentication data that is received from that user terminal together with a data record associated with that user, and wherein the system is configured to provide a positive authentication response in the event of a match between the data at the appropriate data record for that user terminal and the received authentication data from that data terminal, and further wherein, in the event of a positive authentication, a user is provided access to the secure network via the matching database.
  • access to the secure network is possible only in the event of a positive authentication response from the matching database.
  • one or more user terminal for use with an authentication system described.
  • a method for authenticating a user comprising: responsive to an authentication request, communicating authentication data from a user terminal to a matching database, the user terminal being associated with a single user and the matching database storing a plurality of authentication records, each record comprising authentication data relating to particular users,
  • the method may comprise receiving, at the user terminal, biometric data derived from a user.
  • the method may comprise obtaining a representation of one or more biometric properties of a user (e.g. one or more fingerprints).
  • the method may comprise obtaining a representation of one or more fingerprints of a user.
  • the method may comprise converting the representation from the biometric sensor into unique biometric data. That biometric data may be considered to be an abstraction, such as a unique abstraction, of the biometric representation.
  • the method may comprise obtaining a 3D representation of the biometric properties of a user (e.g. a 3D representation of a user's fingertip).
  • the method may comprise converting that 3D representation in order to provide biometric data.
  • the method may comprise implementing a conversion algorithm in order to provide biometric data. That conversion algorithm may be selected from a number of potential algorithms for use at terminals. That conversion algorithm may be unique to that particular terminal.
  • the biometric data may correspond to the representation of one or more biometric properties of the user in manner that is unique or rare across all terminals within the authentication system.
  • the method may comprise converting the biometric representation obtained from the terminal into biometric data such that, while relating to the biometric representation, may not be readily reconstructable to derive again the biometric representation (e.g. without an understanding of algorithm and how the biometric data was obtained in the first instance).
  • the method may comprise obtaining authentication data for subsequent communication to the matching database (e.g. at or around the time of an authentication request).
  • An authentication request may be a request for authentication for the purposes of for physical or digital access, for payment, age verification, etc.
  • the method may additionally comprise initiating an authentication request by the system (e.g. by the user terminal), and/or initiating by a third party.
  • a third party may be in communication with the system (e.g. user terminal), and may be configured to initiate the authentication request.
  • the method may comprise requiring user activation in order to provide a response to an authorisation request (e.g. in order to generate/communicate authentication data in response to an authentication request).
  • the method may comprise generating biometric data in response to a user activation or other such action.
  • the method may comprise receiving an activation input from the user at the terminal.
  • the method may comprise generating the biometric data at the time of the activation input (e.g. simultaneously).
  • Such user activation input may include a specified user action, such as a swipe and/or press at the terminal (e.g. at the sensor).
  • the method may comprise identifying a proof of life of the user.
  • the method may comprise measuring one or more of temperature, haemoglobin, heart beats, etc. at the terminal.
  • the method may comprise modifying (e.g. erasing) data stored at the terminal in the event of a detected tampering event at the terminal (e.g. attempted unauthorised access).
  • the method may comprise communicating authentication data comprising biometric data of a user of that particular terminal together with the particular unique identifier of the terminal.
  • the method may comprise compiling authentication data for transmission to the matching database, e.g. using a transmitter of user terminal.
  • the method may comprise applying a time stamp to the authentication data, prior to transmission.
  • the method may comprise hashing the authentication data to a particular data size for subsequent transmission.
  • the method may comprise encrypting authentication data for subsequent transmission.
  • Each authentication record stored at the matching database that relates to a particular user may comprise data associated a particular terminal with a user (e.g. a terminal unique identifier) together with permitted biometric data for that user.
  • the authentication records may comprise additional user data, such as name, age, etc.
  • the method may comprise comparing the authentication data received from that user terminal (e.g. after an authentication request) together with a data record associated with that user in order to provide an authentication response.
  • the method may comprise locating a data record associated with the user terminal (e.g. using the unique identifier of the user terminal) and then comparing the received biometric data with the biometric data of that record.
  • the method may comprise providing, from the system (e.g. from the matching database), an authentication response.
  • the method may comprise providing access to the secure network (e.g. comprising one or more servers, such as hosting servers).
  • the method may be considered to be a process of provided gated-access to such a secure network.
  • the method may provide an access protocol. That is to say that, in some examples, the only manner in which those secure servers can be accessed is via the matching database.
  • the method may comprise accessing one or more servers provided at the secure network after a positive authentication has been provided. Such servers may comprise e-mail servers, banking servers, etc. In some examples, access to the servers may only be possible after a positive authentication response is provided.
  • the method may comprise communicating an authentication response back to the user terminal. The method may comprise communicating, from that terminal, the response a third party for authentication.
  • the method may comprise using the time stamp of received authentication data in order to provide an authentication response. For example, where the time stamp suggests that the authentication data was transmitted beyond a defined time threshold (e.g. greater than 1 second, 3 seconds, 5 seconds, etc.) then the method may not to provide authentication, even if biometric data matches with the specified record.
  • a defined time threshold e.g. greater than 1 second, 3 seconds, 5 seconds, etc.
  • the method may comprise providing an authentication response via one or more channels, for example, to a third party (e.g. a point of sale, a bank, etc.)
  • the method may comprise performing a database check of the matching database from time to time, e.g. periodically.
  • Such database check may verify data, such as internal signatures, or other modifications in the core system.
  • the method may comprise permitting additional user enrolment with the matching database.
  • further user terminals and data records may be enrolled.
  • the method may comprise permitting different levels of enrolment.
  • Each enrolment level may provide a particular level of authentication veracity.
  • An enrolment level of a particular user terminal may be stored together with a corresponding data record.
  • the method may comprise communicating the enrolment level of a particular user terminal at the time of an authentication response.
  • the enrolment level may be communicated to the user terminal, or to a third party directly.
  • the user terminal may store and communicate the enrolment level (e.g. to a third party).
  • the enrolment levels may include a low level enrolment.
  • the method may comprise permitting an end user of a terminal to validate/certify the data record stored at the matching database.
  • the enrolment levels may include a high level enrolment.
  • the method may comprise permitting a trusted administrator (e.g. government official) to validate/certify the data record stored at the matching database.
  • the enrolment levels may include a medium level enrolment.
  • the method may comprise permitting a trusted intermediator (e.g. a bank) to validate/certify the data record stored at the matching database.
  • Each authentication record stored at the matching database that relates to a particular user may comprise data associated a particular enrolment level of that terminal/user.
  • a computer program product that when programmed into a suitable controller configures the controller to perform any methods disclosed herein.
  • a carrier medium such as a physical or tangible and/or non-transient carrier medium, comprising the computer program product.
  • the carrier medium may be a computer readable carrier medium.
  • processing apparatus when programmed with the computer program product described.
  • Figure 2 shows in more detail the authentication system of Figure 1 and one particular user terminal
  • Figure 3a shows an example of an authentication system in use
  • Figure 3b shows a secure network of the system
  • Figure 3c shows an additional/alternative use of the authentication system
  • Figure 4 shows an example of representative diagram of the process of authentication
  • the following described examples relate to new systems and methods that provide exemplary ways of authenticating a user, which take an entirely different approach that would otherwise have been considered previously.
  • Some examples specifically described a secure network together with a new access protocol for such a network.
  • the only manner in which the secure network can be accessed is by using the access protocol described below.
  • the described examples provide a robust authentication process that can be used across many platforms, and for multiple different types of authentication. It will be appreciated that authentication may be used for a number of different reasons, such as physical access (e.g. access to a building, vehicle or the like), logical access (e.g.
  • FIG. 1 shows an example of an authentication system 100.
  • an authentication system 100 may be consider to be provided as an end-to-end security environment, comprising a dedicated matching database 1 10 together with a plurality of user terminals 120.
  • the matching database 1 10 and user terminals 120 may support access control and user authentication, as will be described.
  • aspects of the system's 100 hardware, firmware, software, communications, etc. may be shared between the matching database 1 10 and the user terminals 120. That is to say that dedicated communication protocols, implemented algorithms, encryptions, etc. may be commonly provided across the matching database 1 10 and user terminals 120.
  • Each of the user terminals 120 may be in communication with the database 1 10 via a network 130.
  • each of the user terminals 120 may be implemented differently, for example a user terminal 120 may be connected or connectable to a personal computer, mobile device, etc. (e.g. by wired or wireless communication), which in turn can be in communication with a matching database 1 10 via the network 130.
  • each terminal 120 is associated with a single user (e.g. exclusively with that user). That is to say that each terminal 120 may be considered to be a personal device, i.e. personal to that user.
  • the system 100 is configured such that each terminal 120 is identifiable and associated with a different user (e.g. a different identifiable user).
  • each terminal 120 has a particular unique identifier, such as a unique serial number, or the like, stored at the terminal 120.
  • the system 100 can be configured such each terminal 120 associated with the system 100 is uniquely identifiable on the system 100.
  • the matching database 1 10 stores authentication records that include data identifying that user's terminal.
  • the dedicated matching database 1 10 is configured to store a plurality of authentication records, each record comprising authentication data relating to a particular user.
  • Each terminal 120 is operable to communicate particular authentication data from the user terminal 120 to the matching database 1 10 (e.g. via the network), and the matching database is configured to compare the authentication data that is received from that user terminal 120 together with a data record associated with that user (e.g. user terminal) in order to provide an authentication response, as will be further described.
  • Figure 2 shows the matching database 1 10 together with one particular user terminal 120 in more detail.
  • the user terminal 120 may be in communication with user devices, such as a tablet, computer, mobile device, etc. Additionally, the terminal 120 may be in communication with other devices having networking capabilities, such as more recently household appliances or the like. In each case, the user terminal 120 may be in communication with such other devices via a wired and/or wireless communication link, as will be appreciated by a skilled reader. However, such user devices are not shown for ease. It will be appreciated also that data may be communicated between the matching database 1 10 and the user terminal using such devices, e.g. using the network 130 connectivity of such devices.
  • the user terminal 120 comprises a biometric sensor 140 that is configured to receive biometric data derived from a user.
  • the biometric sensor 140 is configured to obtain a representation of one or more biometric properties of a user, and in this example one or more fingerprints.
  • alternative sensors 140 may be provided.
  • the sensor 140 is configured so as to capture a 3D representation of the biometric properties of a user (e.g. a 3D representation of a user's fingertip).
  • the sensor 140 may use a 3D radio frequency sensor in order to essentially capture a 3D image of the user's fingerprint. In such a way, additional information can be captured at the sensor 140, when compared to utilising only a 2D image or the like.
  • the terminal 120 further comprises a converter 150, which is configured to convert the representation obtained from the biometric sensor 140 into biometric data associated with that user (e.g. unique biometric data).
  • That biometric data may be considered to be an abstraction, such as a unique abstraction, of the biometric representation.
  • the convertor 150 is configured to implement a conversion algorithm in order to provide biometric data.
  • that conversion algorithm may be selected from a number of potential algorithms for use at the terminal 120. It other words, it may not be the same conversion that is provided each time. Further, any conversion algorithm may be unique to that particular terminal 1 10 (in a similar manner to the serial number).
  • the biometric data may correspond to the representation of one or more biometric properties of the user in manner that is unique or rare across all terminals 120 within the authentication system 100.
  • biometric data generated at the terminal 120 may be useable in order to respond to an authorisation request - as will be explained.
  • some or all of the terminals 120 may be specifically configured to require user activation in order to generate biometric data.
  • the terminal 120 may be configured to receive an activation input from the user and, in response to that input (e.g. only in response to that input), the terminal 120 generates the biometric data at or around the time of the activation input.
  • Such user activation input may include a specified user action, such as a swipe and/or press at the terminal 120 (e.g. at the sensor 140).
  • a user is required to swipe their finger across the biometric sensor 140 is order for the sensor 140 to active and for the convertor 150 to generate biometric data. In such away, any data generated will have been done so with some indication of user intent.
  • the terminal 120 may comprise an auxiliary sensor 160.
  • an auxiliary sensor 160 may be configured to identify a proof of life of the user.
  • the sensor 160 may measure one or more of temperature, haemoglobin, heart beats, neural signals, such as conscious or unconscious neural signals (e.g. using a neural sensor), etc.
  • the auxiliary sensor 160 may be incorporated together with the biometric sensor 140. In such a way, again, the user terminal 120 maybe configured to generate biometric data on the event of confirmed proof of life from the auxiliary sensor 160.
  • the terminal 120 as shown here comprises a transmitter 170 configured to communicate with a matching database 1 10.
  • the terminal 1 10 is configured to communicate authentication data comprising biometric data of a user of that particular terminal 1 10 together with, in this example, the particular unique identifier of the terminal 1 10.
  • the terminal 120 further comprises a compiler 180 configured to compile authentication data for transmission to the matching database 1 10, e.g. using the transmitter 170 of the user terminal 120.
  • the compiler 180 in this case is specifically configured to apply a time stamp to the authentication data, prior to transmission. Additionally, the compiler 180 may hash the authentication data to a particular data size for subsequent transmission. Further, the compiler 180 may be configured to encrypt authentication data.
  • the dedicated matching database 1 10 of the system 100 is configured to store a plurality of authentication records, each record comprising authentication data relating to a particular user.
  • Each authentication record stored at the matching database 1 10 that relates to a particular user may comprise data associated a particular terminal 120 for a user (e.g. a terminal unique identifier) together with permitted biometric data for that user.
  • the authentication records may - but need not - comprise additional user data, such as name, age, etc.
  • the matching database 1 10 comprises an authentication unit 210 configured to compare the authentication data that is received from that user terminal 120 together with a data record associated with that user. In the event of a match between the data at the appropriate data record for that user terminal 120 and the received authentication data from that user terminal 120, then the system 100 - and in this example the matching database 1 10 - can be configured to provide an authentication response.
  • a positive authentication response may be used at the system 100, e.g. at the matching database 1 10, to provide further user access - as will be described, and/or be communicated to a 3 rd party (e.g. via transmitter 220).
  • a 3 rd party e.g. via transmitter 220.
  • the authentication process is performed in relation to providing access to a secure network 400.
  • network 400 comprises one or more servers 500, such as hosting servers.
  • the servers 500 may provide e-mail client access, or data storage, financial data, or any of the like.
  • each of these servers 500 are only accessible via use of the system 100 (e.g via the matching database 1 10). Access to the servers 500 may be for user access and indeed administrative access.
  • the system 100 may be configured such that where administrative changes or the like are performed at the servers, then the authentication process may nevertheless need to be followed, as below.
  • An access authorisation request may be initiated, e.g. by the end user. That authentication request may also comprise an access request).
  • the user terminal 120 may then request biometric data from its user (i.e. the user personally associated with and in possession of that particular terminal 120).
  • biometric data i.e. the user personally associated with and in possession of that particular terminal 120.
  • the biometric sensor 140 can obtain a representation of the user's fingerprint. This in turn can be transformed into biometric data by the convertor 150.
  • the auxiliary sensor 160 may be used to indicate that the biometric data has been obtained from a living person.
  • the compiler 180 may compile authentication data comprising the biometric data together with the identifier of the terminal 120 for subsequent transmission to the matching database 1 10.
  • the compiler 180 applies a time stamp, as well as optionally hashing/encrypting, etc.
  • authentication data is communicated for subsequent receipt by the matching database 1 10. It will be appreciated that authentication data may be communicated from a device associated (e.g. tethered) with the user terminal 120. Otherwise, the terminal 120 may communicate with the database itself via the network 130.
  • the authentication unit 210 can be configured to compare the authentication data received from that user terminal 120 (e.g. after the authentication request) together with a data record associated with that user in order to provide an authentication response. It will be readily appreciated that because the system 100 is configured such that each user terminal 120 can be identified in the authentication data, and that each user terminal 120 is associated with a particular user, then one-to-one matching can be performed. In other similar words, the data record associated with that user can be quickly identified and the associated biometric data compared (e.g. matching quicker than 0.5 second). This would not be possible were, for example, only biometric data to be searched in the data records. As such, the system 100 can be implemented to promptly response to an authentication request.
  • the authentication unit 210 of the matching database 1 10 After the authentication unit 210 of the matching database 1 10 locates the relevant data record associated with the user terminal 120 (e.g. using the unique identifier of the user terminal 120), it can then compare the received biometric data with the biometric data stored on that record. In the event that the received biometric data is the same as biometric data for that data record, then the matching database 1 10 can provide a positive authentication response. Otherwise, the request and data packet can be discarded. In this case however, the authentication unit 210 also uses the time stamp of received authentication data in order to provide an authentication response. Where the time stamp suggests that the authentication data was transmitted beyond a defined time threshold (e.g.
  • the authentication unit 210 is configured not to provide authentication (or otherwise provide a negative authentication response), even if biometric data matches with the specified record. In such a way, man-in-the-middle attacks can be avoided. Again, this is assisted by the fact that the database 1 10 can quickly locate data.
  • secure access the network 400 can be provided (e.g. an secure access to the servers 500) .
  • a secure channel 530 can then be provided such that data communicated between the user and servers 500 passes via the matching database 1 10. In such a way, access to those servers 500 may only be possible if an authentication is positively provided.
  • the system 100 (e.g. matching database 1 10) may be considered to act as a gate keeper to provide access to one or more servers 500. Due to the required authentication, only those persons that have been properly identified may have access to the network 400 and servers 500.
  • the system 100 may also be configured to store data relating to user access. In other words, the system 100 may store "access data" (e.g. dates, times, identities, etc.) relating to persons who access the secure network 400 (e.g. this may be stored at the matching database 1 10). In such a way, each user of the network may be identified, and not by a simply user ID or the like - which is susceptible to fraud.
  • the secure network 400 may provide a dedicated secure network (e.g. a secure financial network) at which institutes store and permit access to data.
  • a dedicated secure network e.g. a secure financial network
  • the system 100 may comprise multiple matching databases 1 10 providing access to the secure network 400.
  • Each of those databases 1 10 may be contain their own authentication records (e.g. a database 1 10 for a particular region, or the like), or otherwise some or all of the databases 1 10 may share authentication records (e.g. using replication, or the like).
  • Access to the servers 500 can only be provided after a positive authentication process has been performed. That authentication process is based on a suitably enrolled user in which their user terminal 120 is specifically linked to that person and - in the example described above - that person's biometric data. As such, all visitors are identified. It will be appreciated that in this example access to those servers 500 may only be possible after authorisation by the system (e.g. at the matching database 1 10). In other examples, of course, the matching database 1 10 may additionally or alternatively provide an authentication response for use by a third party. Such a third party may use existing (essentially unsecure) networks, such as the Internet.
  • FIG. 3c also shows the authentication system 100 of Figure 3a.
  • the system 100 is configured additionally or alternatively to provide an authentication response to a third party.
  • the authentication process is performed in relation to a financial transaction at a point-of-sale device 300.
  • a point of sale may be physical, or indeed may be virtual, e.g. online.
  • an authorisation request may be initiated by the point-of-sale device 300.
  • the user terminal 1 10 may then request biometric data in a similar manner to that described above.
  • authentication data can be communicated for subsequent receipt by the matching database 1 10.
  • that authentication data is communicated to the point-of-sale device 300 for subsequent communication to the database 1 10.
  • the terminal 1 10 may communicate with the database itself via the network 130.
  • the authentication unit 210 is configured to compare the authentication data received from that user terminal (e.g. after the authentication request) together with a data record associated with that user in order to provide an authentication response, in a similar manner to that described above.
  • an authentication response may be communicated back to the user terminal 120. From that terminal 120, the response may be communicated to the point- of-sale device 300 for authentication. Otherwise, that authentication response may be communicated directly to a third party, e.g. via the network 130 from a trusted address.
  • Figure 4 shows a representative diagram 600 of the steps of authentication.
  • a first step 610 it is the user terminal 120 having a unique serial number obtains a user's biometric data in response to an authentication request.
  • this may be combined with the user terminal ID.
  • this may be performed together with various security features (encryption, time stamp, hash code and digital signature), and this may be compiled together to communicate as a "package”.
  • the dedicated matching database 1 10 searches for the user terminal in the data records.
  • the package (including the biometric data) is compared with only 1 specific data record on the database: i.e. the one that corresponds to the assigned serial number. Matching and approval (or not) can then take place. After the (un) successful match, the "package" is deleted.
  • the system 100 is configured to permit additional user enrolment with the matching database 1 10.
  • the system 100 can be configured to permit different levels of enrolment.
  • Each enrolment level may provide a particular level of authentication veracity.
  • An enrolment level of a particular user terminal may be stored together with a corresponding data record and, where desired/required, the matching database may be configured to communicate the enrolment level of a particular user terminal at the time of an authentication response.
  • the enrolment level may be communicated to the user terminal 120, or to a third party directly.
  • the user terminal may store and communicate the enrolment level (e.g. to a third party).
  • the enrolment levels may include a low level enrolment.
  • the end user of a terminal may validate/certify the data record stored at the matching database. This may be achieved by the user purchasing the user terminal and then performing an initialisation process (e.g. via the network 130). It will be appreciated that in such an arrangement, the veracity of the user's actual may be low.
  • the system 100 may operate a high level enrolment.
  • a trusted administrator e.g. government official
  • the enrolment levels may include a medium level enrolment.
  • a trusted intermediator e.g. a bank
  • Each authentication record stored at the matching database that relate to a particular user may comprise data associated a particular enrolment level of that terminal/user. In such a way, different levels of user authorisation may be required in different circumstances. It will readily be appreciated by the skilled reader that the authentication system 100 (e.g.
  • the user terminals 120 and matching database 1 10) may define an access protocol for use across many platforms.
  • authentication system 1 10 may be used/accessible by third parties in order to authenticate users in a manner that has not been performed previously. While in some of the above examples, a point-of-sale device was used, this is example only, and the same system and methods can be used to access e-mails, buildings, confirm transactions, etc. In other words, a user need only retain a single user terminal, which can securely provide access and authenticate that user at each event. Third parties can use and trust the authentication system accordingly, without the need to rely on passwords, etc. Further, the system 100 can be used to provide gated access to secure networks, servers, etc. In such examples, the system 100 can be considered to properly identify and authenticate a user, prior to permitting access.
  • each component of the system 100 may share common hardware, firmware and/or software. Further, the system 100 can be manufactured, and implemented by a single entity, thus again improving security. While in the above examples, only a single authentication step has been described, e.g. obtaining a biometric data once, it will readily be appreciated that in other example, multiple authentication steps may be performed in other to suitably authenticate a user. For example, a user may be requested to swipe additional fingers. A skilled reader will readily be able to implement the various embodiments accordingly.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Health & Medical Sciences (AREA)
  • General Business, Economics & Management (AREA)
  • Biomedical Technology (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Collating Specific Patterns (AREA)

Abstract

L'invention concerne un système d'authentification (100). Le système (100) comprend une pluralité de terminaux d'utilisateur (120), chacun étant associé à un utilisateur unique et comprenant un émetteur (170) configuré pour communiquer avec une base de données de concordance (110) configurée pour stocker une pluralité d'enregistrements d'authentification. Chaque enregistrement comprend des données d'authentification relatives à un utilisateur particulier. Le système (100) comprend un réseau sécurisé (400) comprenant un ou plusieurs serveurs (500) en communication avec la base de données de concordance (110). Chaque terminal (120) peut être utilisé pour communiquer des données d'authentification du terminal d'utilisateur (120) à la base de données de concordance (110). Le système (100) est configuré pour fournir une réponse d'authentification positive en cas de concordance entre les données au niveau de l'enregistrement de données approprié pour un terminal utilisateur (120) et les données d'authentification reçues. Dans le cas d'une authentification positive, un utilisateur du terminal d'utilisateur (120) obtient l'accès au réseau sécurisé (400) par le biais de la base de données de concordance (110).
PCT/EP2017/082642 2016-12-13 2017-12-13 Systèmes et procédés d'authentification WO2018109014A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1621176.5 2016-12-13
GBGB1621176.5A GB201621176D0 (en) 2016-12-13 2016-12-13 Authentication systems and methods

Publications (1)

Publication Number Publication Date
WO2018109014A1 true WO2018109014A1 (fr) 2018-06-21

Family

ID=58221958

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2017/082642 WO2018109014A1 (fr) 2016-12-13 2017-12-13 Systèmes et procédés d'authentification

Country Status (2)

Country Link
GB (1) GB201621176D0 (fr)
WO (1) WO2018109014A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020146076A1 (fr) * 2019-01-10 2020-07-16 Convida Wireless, Llc Appareil, système, procédé et support lisible par ordinateur pour effectuer un service de message et un service d'identité dans un réseau 5g
CN116010925A (zh) * 2023-03-30 2023-04-25 中孚安全技术有限公司 一种基于指静脉识别的安全认证方法及系统

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080120707A1 (en) * 2006-11-22 2008-05-22 Alexander Ramia Systems and methods for authenticating a device by a centralized data server
US20130227664A1 (en) * 2012-02-27 2013-08-29 Cellco Partnership D/B/A Verizon Wireless Central biometric verification service
US20150317638A1 (en) * 2014-05-01 2015-11-05 Mastercard International Incorporated Methods, Devices and Systems for Transaction Initiation
EP2993619A1 (fr) * 2014-08-28 2016-03-09 Kevin Alan Tussy Système d'authentification de reconnaissance faciale comprenant des paramètres de trajectoire

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080120707A1 (en) * 2006-11-22 2008-05-22 Alexander Ramia Systems and methods for authenticating a device by a centralized data server
US20130227664A1 (en) * 2012-02-27 2013-08-29 Cellco Partnership D/B/A Verizon Wireless Central biometric verification service
US20150317638A1 (en) * 2014-05-01 2015-11-05 Mastercard International Incorporated Methods, Devices and Systems for Transaction Initiation
EP2993619A1 (fr) * 2014-08-28 2016-03-09 Kevin Alan Tussy Système d'authentification de reconnaissance faciale comprenant des paramètres de trajectoire

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020146076A1 (fr) * 2019-01-10 2020-07-16 Convida Wireless, Llc Appareil, système, procédé et support lisible par ordinateur pour effectuer un service de message et un service d'identité dans un réseau 5g
US20220116770A1 (en) * 2019-01-10 2022-04-14 Convida Wireless, Llc Apparatus, system, method, and computer-readable medium for performing a message service and identity service in a 5g network
US12028707B2 (en) 2019-01-10 2024-07-02 Convida Wireless, Llc Apparatus, system, method, and computer-readable medium for performing a message service and identity service in a 5G network
CN116010925A (zh) * 2023-03-30 2023-04-25 中孚安全技术有限公司 一种基于指静脉识别的安全认证方法及系统

Also Published As

Publication number Publication date
GB201621176D0 (en) 2017-01-25

Similar Documents

Publication Publication Date Title
US20210350013A1 (en) Security systems and methods for continuous authorized access to restricted access locations
CN113114624B (zh) 基于生物特征的身份认证方法和装置
EP3138265B1 (fr) Sécurité améliorée pour un enregistrement de dispositifs d'authentification
EP3460691B1 (fr) Procédés et appareil de gestion de systèmes de détection d'intrusions au moyen d'une identité vérifiée
US20200358614A1 (en) Securing Transactions with a Blockchain Network
CN106575401B (zh) 用于使用数据分析执行验证的系统和方法
WO2017167093A1 (fr) Procédé et dispositif destinés à enregistrer une identité biométrique et authentifier une identité biométrique
US20240015150A1 (en) Authenticating devices via tokens and verification computing devices
US20130219481A1 (en) Cyberspace Trusted Identity (CTI) Module
WO2014006184A1 (fr) Vérification et certification d'attributs d'identité sur demande destinées à des services
KR20160003796A (ko) 사용자 인증
EP3206329B1 (fr) Procédé, dispositif, terminal et serveur de contrôle de sécurité
BR112014023361A2 (pt) método para gerar uma identidade pública para autenticar um indivíduo que transporta um objeto de identificação, dispositivo eletrônico, e, sistema para autenticar um titular de um objeto de identificação
JP7309261B2 (ja) 生体決済機器の認証方法、生体決済機器の認証装置、コンピュータ機器、及びコンピュータプログラム
US20230006844A1 (en) Dynamic value appended to cookie data for fraud detection and step-up authentication
US10333707B1 (en) Systems and methods for user authentication
KR20210133178A (ko) 인증 정보 처리 방법 및 장치와 인증 정보 처리 방법 장치를 포함한 사용자 단말
WO2018109014A1 (fr) Systèmes et procédés d'authentification
EP2959420B1 (fr) Procédés, appareil et programmes d'ordinateur d'authentification d'entité
Vorugunti et al. Improving security of lightweight authentication technique for heterogeneous wireless sensor networks
KR20160037520A (ko) 생체 인식 기반의 통합 인증 시스템 및 방법
KR102644124B1 (ko) 비실명 2-팩터 인증을 수행하는 사용자 단말 및 인증 수행 장치 및 그 동작 방법
US20230318853A1 (en) User terminal and authentication execution device for performing pseudonym 2-factor authentication, and operating method therefor
CN118573365A (zh) 区块链账户的处理方法、装置和区块链账户的管理系统
CN116527347A (zh) 一种设备身份认证方法及装置、电子设备、存储介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17822618

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 04-09-2019)

122 Ep: pct application non-entry in european phase

Ref document number: 17822618

Country of ref document: EP

Kind code of ref document: A1