Abstract: A method of recognizing an injury pattern on a fingerprint is disclosed. The method comprises the steps of providing biometric information to a contact imager; imaging and characterizing the biometric information; comparing an image of the biometric information against previously stored templates; upon a comparison result of the comparison, determining an injury pattern; wherein upon an injury pattern determination, performing a comparison against a stored template based on features extracted from the biometric data and the damage data.

Abstract: The present invention provides a method and a system for establishing a communications path (the “pipe” 75) over a communications network (45) between a Personal Security Device (PSD 40) and a Remote Computer System (50) without requiring means for converting high-level messages such as API-level messages to PSD-formatted messages such as APDU-formatted messages (and inversely) to be installed on a local Client (10) in which a PSD (40) is connected.

Abstract: This invention provides a privilege delegation mechanism, which allows a privilege and associated control attributes to be delegated from a security token to another security token or an intelligent device such as a computer system. The privilege may be in the form of an attribute certificate, a key component of a cryptographic key, a complete cryptographic key, digital certificate, digital right, license or loyalty credits. The purpose of the delegation is to allow another security token or computer system to act as a surrogate for the security token or to access a resource which requires components from both units before access is permitted. Attributes associated with the delegated privilege control the scope and use of the privilege. The delegation may allow the surrogate to perform authentications, access data or resources included on another security token or computer system. Authentications are performed prior to transferring of the delegable privileges.

Abstract: A method of hash string extraction from biometric information is disclosed. The method comprises the steps of providing a biometric information sample in the form of a fingerprint for example, extracting features from the biometric information sample and encoding the features based on their location within the biometric information sample; and, generating a string of values based on the extracted features and their determined locations. The method further comprises the steps of hashing the string of symbols to produce a plurality of hash values for comparing the plurality of hash values against a stored hash value for identifying a user.

Abstract: A method of securing security data stored on a computer system is disclosed. The method comprises providing a data key to the computer system. The data key is used for transforming the security data in a reversible fashion to produce an encoded secure data such that the data key is required in order to perform a reverse transform and extract the security data from the encoded secure data. The encoded secure data are stored secure data in a fashion such that a user authorization process is used to retrieve the encoded secure data. Furthermore, the encoded secure data are stored such that the data key and the user authorization process in combination provide access to the security data and such that the stored data within the computer system is encoded.

Abstract: An authentication mechanism for use with biometric systems which optimizes data extraction on areas or regions having a high probability of matching a reference biometric template, allows a reduction in both the size and number of data packet transmissions to be made to a biometric matching engine and includes data packet transmission prioritization.

Abstract: Provided is a biometric imaging device for imaging a biological feature, which includes a sensor for detecting an environmental parameter other than relating to surface topology of the biological feature. The detected environmental parameters like temperature and humidity levels are utilized in image reconstruction to eliminate erroneous structures caused by the environmental conditions. There is also provided a biometric imaging device, which includes a preparation device for use prior to sensing a biometric image. The preparation device is used for conditioning a parameter of the biometric information source, and/or for cleaning the biometric information source.

Abstract: A system and method of securely supporting password change is disclosed. The method performed by the system includes the steps of detecting an occurrence of a password change operation in execution on a system and receiving a new password by the system; detecting the new password when provided; storing data indicative of the new password in a database independent of the password database of the system for later retrieval; and providing the data indicative of the new password from the independent database to the password database.

Abstract: Biometric imaging devices and methods of processing images of biometric surfaces that are captured using the imaging device including capturing an image of a biometric surface presented by an individual by a sensor of the imaging device, either as a single image or as a plurality of overlapping image portions that are combinable to form a single composite image. The imaging device also includes a memory buffer for retrievably storing image data relating to the image of the biometric surface. A processor of the imaging device is provided for analyzing the stored image data to determine a location of a feature of interest and for providing an output image of a known size and shape for use by a host system that is in communication with the imaging device for identifying the individual.

Abstract: An authentication mechanism for use with biometric systems which optimizes data extraction on areas or regions having a high probability of matching a reference biometric template, allows a reduction in both the size and number of data packet transmissions to be made to a biometric matching engine and includes data packet transmission prioritization.

Abstract: A security framework for a host computer system which allows a host to control access to a compliant security token by ensuring enforcement of established security policies administered by a middleware application. Processing between the host computer system and the security token is performed using one or more modular security application agents. The modular security application agents are counterpart applications to security applications installed in the security token and may be retrieved and installed upon to ensure compatibility between counterpart token and host security applications. The security policies are a composite of host security policies and token security policies which are logically combined by the middleware application at the beginning of a session.

Abstract: In accordance with the invention there is provided a method of authorizing an individual comprising the steps of: receiving authorization data from the individual; determining based on previously stored data, at least a processor for performing an authorization process; using the at least a processor and the authorization data, performing the authorization process to one of authorize an individual and fail to authorize the individual; and wherein stored data results in different determined processors for different authorization operations and wherein at least some of the authorization operations are determined for performance by a same server processor.

Abstract: A method for matching biometric data on an authentication server is disclosed. An authentication server is provided having biometric template data stored thereon. A plurality of workstation processors in communication with the authentication server is also provided. A sensed biometric image is provided to a processor out of the plurality of workstation processors from an individual. From the authentication server to the processor, co-ordinate data relating to a plurality of non-contiguous features of the template data are provided. Characteristic data is extracted from the biometric image, the characteristic data for correlation with the provided coordinate data allowing for a subsequent alignment of the biometric image within a known frame of reference relative to the template data on the basis of the provided data and the other data.

Abstract: A method for matching biometric data on an authentication server is disclosed. An authentication server is provided having biometric template data stored thereon. A plurality of workstation processors in communication with the authentication server is also provided. A sensed biometric image is provided to a processor out of the plurality of workstation processors from an individual. From the authentication server to the processor, co-ordinate data relating to a plurality of non-contiguous features of the template data are provided. Characteristic data is extracted from the biometric image, the characteristic data for correlation with the provided co-ordinate data allowing for a subsequent alignment of the biometric image within a known frame of reference relative to the template data on the basis of the provided data and the other data.

Abstract: A method and apparatus for authenticating a user In dependence upon biometric Input information is disclosed. According to the method when a user is identified, their biometric information or data derived therefrom is automatically stored. The data is then used in subsequent user identification attempts as a template. The original templates are not replaced but those templates that are automatically stored are replaced at intervals.

Abstract: A biometric sensing device includes sensing arrays for sensing a biological surface swiped across the sensing arrays in an arbitrary direction. This device allows for simultaneously sensing different features of a biological surface where the features have the smallest distinguishable features of different size. Using the technique of interleaving partial images, the resolution of the biometric sensing device is increased. Therefore, a small and robust biometric sensing device is provided, which allows for sensing high resolution images.

Abstract: Disclosed is a method for detecting a latent fingerprint image provided to a biometric input device of a fingerprint based security system. First and second images of the fingerprint are captured during a time period interval ?t. At least one of the first and second images are analyzed to identify an extractable feature within a global reference frame, the extractable feature usable for authenticating an individual. The first and second images are compared one with the other to determine differences indicative of motion about the identified extractable feature within a local reference frame during the time period interval ?t. Absent motion about the identified extractable feature being detected, the fingerprint is registered as a latent fingerprint and cannot be used to authenticate the individual who is seeking authorization.

Abstract: A method and system for authenticating an end user to one or more remote computer systems using a communications pipe to send authentication codes from a personal security device to one or more remote computer systems and limiting authentication transactions to a secure hub.

Abstract: Provided is a method of transforming an image of a biometric surface comprising the steps of sensing a biometric surface to provide biometric image data, receiving data relating to a plurality of parameters for use in transforming image data different parameters for resulting in differently transformed image data for a same biometric image data, the data received from another processor, transforming the biometric image data in accordance with the received data to provide transformed biometric image data in a format relating to the received data, and providing the transformed biometric image data as output image data having the format, wherein the transformed biometric image data is different for different parameters enabling provision of images of a same biometric surface having different image formats. There is further provided a biometric imaging device for executing the above described method, as well as memory for storing data, relevant to the above-described method.

Abstract: An integrated security system which seamlessly assimilates with current generation logical security systems. The integrated security system incorporates a security controller having standard network interface capabilities including IEEE 802.x and takes advantage of the convenience and security offered by smart cards and related devices for both physical and logical security purposes. The invention is based on standard remote authentication dial-in service (RADIUS) protocols or TCP/IP using SSL, TLS, PCT or IPsec and stores a shared secret required by the secure communication protocols in a secure access module coupled to the security controller. The security controller is intended to be a networked client or embedded intelligent device controlled remotely by to an authentication server. In another embodiment of the invention one or more life cycle management transactions are performed with the secure access module.