WO2020128076A1 - Procédé d'authentification d'un utilisateur final à l'aide d'ondes cérébrales - Google Patents

Procédé d'authentification d'un utilisateur final à l'aide d'ondes cérébrales Download PDF

Info

Publication number
WO2020128076A1
WO2020128076A1 PCT/EP2019/086855 EP2019086855W WO2020128076A1 WO 2020128076 A1 WO2020128076 A1 WO 2020128076A1 EP 2019086855 W EP2019086855 W EP 2019086855W WO 2020128076 A1 WO2020128076 A1 WO 2020128076A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
brain
brain waves
brain wave
wave scheme
Prior art date
Application number
PCT/EP2019/086855
Other languages
English (en)
Inventor
Sumitavo BISWAS
Original Assignee
Thales Dis France Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thales Dis France Sa filed Critical Thales Dis France Sa
Publication of WO2020128076A1 publication Critical patent/WO2020128076A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/33Security of mobile devices; Security of mobile applications using wearable devices, e.g. using a smartwatch or smart-glasses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules

Definitions

  • the present invention relates to a method to authenticate an end-user.
  • the invention also pertains to an end-user device and a verification device implementing said method.
  • Login and password can be used. Also a personal identification number, or PIN code, can be used.
  • the first type is not convenient and do not avoid a steal of credentials.
  • the second type presents even more security limitations as a PIN code can be stolen and easily fraudulently used.
  • the present invention aims at proposing a very secure way of authenticating an individual.
  • the present invention is defined, in its broadest sense, as a method to authenticate an end-user, said method being implemented with an end-user device having a memory to securely store a reference brain wave scheme relative to a personal thought of the user and with a verification device having a brain computer interface to acquire brain waves from the end-user, said method comprising the step of, for both end-user and verification devices, connecting to each other, comparing the stored reference brain waves scheme with the acquired brain waves, authenticating the end-user as soon as the acquired brain waves correspond to the stored reference brain wave scheme.
  • the proposed solution thus helps to solve the mentioned problem using single step multi-factor authentication using brain waves, like a “passthought” and an end-user device, which is advantageously a secure electronic identification (elD) card.
  • elD electronic identification
  • the solution proposes to use a Brain Computer Interface (BCI) device to imprint a unique signature into an end-user device, typically a smart ID card, to be issued to the end user.
  • Brain waves are typically obtained by single-channel/multi-channel electro-encephalography.
  • the unique signature will be formed using a sample thought in a mind of the user which in turn acts as a very secure password.
  • the thought is unique to a user and leads to generation of unique brain signals and waves. This technology is very secure as it involves using brain waves which cannot be stolen like ordinary passwords or keys.
  • a thus obtained smart card once issued can be used to securely identify an individual wherein the smart card can be swapped along with the user thought, as captured using a brain computer interface, and corresponding match of signature generated is a dire proof that the individual is successfully identified.
  • reference biometric data being also stored in the end-user device, these data are used in conjugation with the stored reference brain waves scheme to constitute a unique signature of the end-user to be checked with the acquisitions at the verification device thus further comprising biometric acquisition interface.
  • Such a feature enables to strengthen the passthought by combining the passthought verification with a biometric verification.
  • the usage of the passthought in conjugation of other details such as finger print, retina scan etc generates a unique signature.
  • Biometric data can be chosen among finger print, retina scan.
  • the method comprises a preliminary step of provisioning the end-user device with the reference brain wave scheme and, when applicable, with the reference biometric data.
  • Such a provisioning enables the end-user device to be the storage of the reference.
  • the reference thus remains in property of the end-user.
  • a unique signature formed by the combination of the passthought and biometric data is provisioned in the end-user device, typically an afore mentioned smart card.
  • the method further comprises the step of constructing a reference brain wave scheme by, the end-user being at a brain computer interface, prompting the end-user to think according to particular instructions, acquiring the subsequent brain waves of the end-user using a brain computer interface, repeating the acquisition of the subsequent brain waves when the end-user is prompted to think according to particular instructions, processing similarities and differences of the raw brain waves as acquired to build a reference brain wave scheme representative of the thought of the user when given the particular instructions, such a reference brain wave scheme being the provisioned one.
  • instructions are chosen among: a particular shape, a particular color, a particular private remembrance, a particular private data.
  • Those embodiments can be elected depending on the expected security or on specific needs of the service provider which needs to authenticate the end-user.
  • the thoughts can be a life experience, event etc.
  • the present invention also relates to an end-user device having a memory to securely store a reference brain wave scheme relative to a personal thought of the user and adapted to connect to a verification device having a brain computer interface to acquire brain waves from the end-user, this connection enabling as comparison of the acquired brain wave with the stored reference brain wave scheme, the end-user being authenticated as soon as the acquired brain waves correspond to the stored brain wave scheme.
  • the end-user device is a smart-card or an official electronic identification document. elD cards or biometric identification cards as defined by government are specifically targeted by the invention.
  • Every citizen individual of a country is thus provided with an elD card of the invention.
  • the invention at last relates to a verification device having a brain computer interface to acquire brain waves from the end-user and adapted to connect to an end-user device storing a reference brain wave scheme to enable a comparison of the acquired brain waves with the stored reference brain wave scheme relative to a personal thought of the user, the end-user being authenticated as soon as the acquired brain waves correspond to the stored reference brain wave scheme.
  • one or more embodiments comprise the features hereinafter fully described and particularly pointed out in the claims.
  • Figure 1 represents an illustrative environment where the method of the invention is implemented
  • Figure 2 schematically shows a time diagram of a first embodiment of the method of the invention
  • Figure 3 schematically shows a time diagram of a second embodiment of the method of the invention.
  • Figure 4 schematically shows an end-user device of the invention.
  • FIG. 1 schematically shows an environment where the invention is implemented.
  • This environment comprises an end-user EU and its own end- user device EUD.
  • the environment further comprises a verification device VD able to connect to the end-user device EUD while the end-user EU wants to authenticate him/herself.
  • the end-user device EUD comprises at least a memory MEM where a reference brain waves scheme RWS is stored.
  • the verification device VD comprises a brain computer interface BCI.
  • a brain computer interface BCI can be of the kind of the one Neurosky Mindset as disclosed in following document:“I Think, Therefore I Am: Usability and Security of Authentication Using Brainwaves”, John Chuang & al.
  • Other systems enabling to characterize an individual can also be used in the implementation of the invention. It can thus also be any brain computer interface as known at the time of the implementation of the invention.
  • the end-user EU While in contact or vicinity with the brain computer interface BCI, the end-user EU can produce recordable brain waves BW by him/herself and/or according to instructions prompted by the verification device VD needing to authenticate the end-user EU.
  • the end-user EU can be the single to know what he/she has to think about or the verification device VD can prompt the end-user EU to think about something special.
  • the end-user can be prompted to think about different successive colors or shapes. Then it is possible for the verification device to call the end-user EU to think about colors but according to a specific order, this order can be different each time the end-user EU must authenticate.
  • the pattern of brain waves for each color can be distinguished and the user authenticated according to his/her specific brain waves while thinking about those colors as human beings all have different patterns while thinking about the same things.
  • the end-user preliminary knows what he has to think and just have to mentally reproduce this thought to be authenticated. For example, it can be a specific landscape or a specific life remembrance he/she has. Those example are illustrated in the following.
  • Figure 2 illustrates a first implementation of the invention as a time diagram.
  • the end-user EU is prompted to think about several specific topics T1 , T2 and T3 while being connected to the brain computer interface BCI.
  • a brain computer interface BCI can be a brain sensing headband like the Muse product, NCTU Brain-Computer-lnterface- Fleadband, Necomimi brainwave Cat Ears, Emotiv headsets or other existing or later developed products.
  • the brain computer interface BCI is shown as being installed on board a verification device VD and thus as being the same than in the following of the method.
  • different brain computer interfaces and/or different devices having their own brain computer interface could be used to implement the invention as far as calibration data intervene in order for the reference to be exploitable in comparison with the one acquired at the verification device VD.
  • the interface BCI receives brain waves BW from the end- user EU, these brain waves BW being successively representative of the specific thoughts T1 , T2 and T3.
  • Those brain waves are processed in a step P2 to form a reference brain wave scheme RWS which is sent in a step P3 to the end-user device EUD where it is stored in the memory MEM of this device EUD in a step P4 for later use.
  • the verification device VD can, in a step E1 , prompt the end-user EU to have specific thoughts in a specific order, for example T3 and T1 , while being connected to its brain computer interface. It uses a thinking request TR(T3,T 1 ) for example displayed on a screen of the verification device VD. This request can also be sent to the end-user device EUD for it to display the request on the screen of the end-user device EUD.
  • TR(T3,T 1 ) for example displayed on a screen of the verification device VD.
  • This request can also be sent to the end-user device EUD for it to display the request on the screen of the end-user device EUD.
  • a step E2 the interface BCI acquires brain waves.
  • the acquired brain waves AW are sent, after processing or not, in an authentication request AR to the end-user device EUD for it to check the correspondence with the stored reference brain wave scheme RWS.
  • the memory MEM is read in a step E4 and stored RWS is compared to the acquired brain wave AW in a step E5.
  • the correspondence of RWS and AW leads to a positive authentication (case Y) and the failure leads to a failed authentication (case N).
  • the authentication result OK/NOK can be displayed on the verification device VD.
  • Figure 3 illustrates another implementation of the invention in a time diagram.
  • a preliminary step R0 the end-user EU is prompted to have a thought T, anything he/she wants while being connected to the brain computer interface BCI.
  • the interface BCI receives brain waves BW representative to the thought T from the end-user EU. Those brain waves are processed in a step R2 to form a reference brain wave scheme RWS which is sent in a step R3 to the end-user device EUD where it is stored in the memory MEM of this device EUD in a step R4 for later use.
  • the end-user EU wants to authenticate at a verification device VD
  • the end user after connection to the brain computer interface, thinks at the thought T, in a step S1 .
  • the verification device VD to prompt the end-user EU, even if this can also be contemplated that a positive request is done by the verification device VD.
  • a step S2 the interface BCI acquires brain waves AW.
  • a reference retrieval request RR(RWS) for the reference brain wave scheme to be retrieved by the verification device VD is sent to the end-user device EUD.
  • a step S4 the reference brain wave scheme RWS is retrieved by the verification device VD. Then, in a step S5, the retrieved reference RWS is compared to the acquired brain waves AW.
  • the correspondence of RWS and AW leads to a positive authentication and the failure of the correspondence leads to a failed authentication (case N).
  • the authentication result OK/NOK can then be displayed on the verification device VD.
  • implementations of the invention can be a mix of the features as presented in figure 2 and 3.
  • a single thought T can be used while the end-user device EUD is the one where the comparison occurs.
  • Figure 4 schematically shows an end-user device EUD of the invention according to the first implementation of the invention shown on figure 2. It comprises a memory MEM storing a reference brain wave scheme RWS and a communication interface Cl to connect with a verification device VD. It also comprises a computation module CP adapted to compare the stored reference RWS with any brain wave AW as acquired at a verification device VD connected to the end-user device EUD.
  • a memory MEM storing a reference brain wave scheme RWS and a communication interface Cl to connect with a verification device VD.
  • CP adapted to compare the stored reference RWS with any brain wave AW as acquired at a verification device VD connected to the end-user device EUD.
  • the invention thus provides a very robust system of authentication which is highly secure and effective. In particular, protection against impersonation is provided. It is also very convenient for the end-user as it consists in a single step multi-factor authentication.

Abstract

La présente invention concerne un procédé d'authentification d'un utilisateur final, ledit procédé étant mis en œuvre avec un dispositif d'utilisateur final ayant une mémoire pour stocker de manière sécurisée un schéma d'ondes cérébrales de référence relatif à une pensée personnelle de l'utilisateur et avec un dispositif de vérification ayant une interface informatique cérébrale pour acquérir des ondes cérébrales de l'utilisateur final, ledit procédé comprenant l'étape consistant, pour les deux dispositifs d'utilisateur final et de vérification, à se connecter l'un à l'autre, à comparer le schéma d'ondes cérébrales de référence stocké avec les ondes cérébrales acquises, à authentifier l'utilisateur final dès que les ondes cérébrales acquises correspondent au schéma d'ondes cérébrales de référence stocké.
PCT/EP2019/086855 2018-12-21 2019-12-20 Procédé d'authentification d'un utilisateur final à l'aide d'ondes cérébrales WO2020128076A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN201811048680 2018-12-21
IN201811048680 2018-12-21

Publications (1)

Publication Number Publication Date
WO2020128076A1 true WO2020128076A1 (fr) 2020-06-25

Family

ID=69105857

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2019/086855 WO2020128076A1 (fr) 2018-12-21 2019-12-20 Procédé d'authentification d'un utilisateur final à l'aide d'ondes cérébrales

Country Status (1)

Country Link
WO (1) WO2020128076A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090063866A1 (en) * 2007-08-29 2009-03-05 Jiri Navratil User authentication via evoked potential in electroencephalographic signals
US20180012009A1 (en) * 2016-07-11 2018-01-11 Arctop, Inc. Method and system for providing a brain computer interface
US9892576B2 (en) * 2013-08-02 2018-02-13 Jpmorgan Chase Bank, N.A. Biometrics identification module and personal wearable electronics network based authentication and transaction processing

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090063866A1 (en) * 2007-08-29 2009-03-05 Jiri Navratil User authentication via evoked potential in electroencephalographic signals
US9892576B2 (en) * 2013-08-02 2018-02-13 Jpmorgan Chase Bank, N.A. Biometrics identification module and personal wearable electronics network based authentication and transaction processing
US20180012009A1 (en) * 2016-07-11 2018-01-11 Arctop, Inc. Method and system for providing a brain computer interface

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JOHN CHUANG, I THINK, THEREFORE I AM: USABILITY AND SECURITY OF AUTHENTICATION USING BRAINWAVES

Similar Documents

Publication Publication Date Title
JP7421766B2 (ja) 公開キー/プライベートキーバイオメトリック認証システム
US20190133474A1 (en) Biometric identification by garments having a plurality of sensors
US6185316B1 (en) Self-authentication apparatus and method
US9646261B2 (en) Enabling continuous or instantaneous identity recognition of a large group of people based on physiological biometric signals obtained from members of a small group of people
US20180068105A1 (en) System and method for supplying security information
US7131009B2 (en) Multiple factor-based user identification and authentication
Karimian et al. Evolving authentication design considerations for the internet of biometric things (IoBT)
CN102265289B (zh) 用于通过生物测定评估提供记录装置特权的方法和系统
Zheng et al. Finger-to-heart (F2H): Authentication for wireless implantable medical devices
US8239685B2 (en) Biometric authentication method
CN105740682B (zh) 一种计算机系统及其用户的身份识别方法和系统
US20140093144A1 (en) More-Secure Hardware Token
CN106992956B (zh) 一种实现设备间认证的方法、装置和系统
CN105590046B (zh) 基于特征识别的身份认证方法
CN101420301A (zh) 人脸识别身份认证系统
CN109478290A (zh) 基于指纹扫描来认证或识别用户的方法
EP4262151A2 (fr) Système de clé publique biométrique fournissant des justificatifs d'identité révocables
CN102176712A (zh) 一种身份认证的方法及数据卡
CN106230845A (zh) 一种可灵活配置的多因素用户认证方法
Islam Heartbeat biometrics for remote authentication using sensor embedded computing devices
Chenchev et al. Authentication Mechanisms and Classification: A Literature Survey
US9923891B2 (en) Human body communication device with secure access
WO2020128076A1 (fr) Procédé d'authentification d'un utilisateur final à l'aide d'ondes cérébrales
US10853516B2 (en) Methods and apparatus using human electrocardiogram to protect electronic data
US20200019690A1 (en) Biometric authentication system and biometric authentication method using frequency response characteristics of biometric signal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19832132

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19832132

Country of ref document: EP

Kind code of ref document: A1