Abstract: Systems and methods are provided herein for only including portions of a user's environment that have been approved by a user in a video conference while excluding portions that have not been approved. This may be accomplished by a device receiving a policy identifying one or more approved objects of a scene of a video stream. The device may then generate a filtered video stream by only including portions of the scene that comprise the one or more objects that were approved by the policy in the filtered video stream. The filtered video stream may be combined with other video streams to generate a video conference that is transmitted and/or stored by one or more devices participating in the video conference.

Abstract: Systems and methods are provided herein for only including portions of a user's environment that have been approved by a user in a video conference while excluding portions that have not been approved. This may be accomplished by a device receiving a policy identifying one or more approved objects of a scene of a video stream. The device may then generate a filtered video stream by only including portions of the scene that comprise the one or more objects that were approved by the policy in the filtered video stream. The filtered video stream may be combined with other video streams to generate a video conference that is transmitted and/or stored by one or more devices participating in the video conference.

Abstract: Systems and methods are provided herein for only including portions of a user's environment that have been approved by a user in a video conference while excluding portions that have not been approved. This may be accomplished by a device receiving a policy identifying one or more approved objects of a scene of a video stream. The device may then generate a filtered video stream by only including portions of the scene that comprise the one or more objects that were approved by the policy in the filtered video stream. The filtered video stream may be combined with other video streams to generate a video conference that is transmitted and/or stored by one or more devices participating in the video conference.

Abstract: Systems and methods are provided herein for providing privacy while allowing interactions with virtual representations of sensitive objects. This may be accomplished by an extended reality (XR) system receiving information associated with a real-world environment of a user. The XR system may transmit the received information to one or more devices (e.g., server, XR device, etc.) for processing. Before transmitting the received information, the XR system can use the received information to identify and categorize objects in the real-world environment to identify sensitive objects. To protect the privacy of the sensitive objects, the XR system transforms features of the sensitive objects using one or more transform keys prior to transmitting the information to the one or more devices. The XR system may also update the transform keys after a first time period to further protect the privacy of the sensitive objects.

Abstract: Systems and methods are provided herein for providing privacy while allowing interactions with virtual representations of sensitive objects. This may be accomplished by an extended reality (XR) system receiving information associated with a real-world environment of a user. The XR system may transmit the received information to one or more devices (e.g., server, XR device, etc.) for processing. Before transmitting the received information, the XR system can use the received information to identify and categorize objects in the real-world environment to identify sensitive objects. To protect the privacy of the sensitive objects, the XR system transforms features of the sensitive objects using one or more transform keys prior to transmitting the information to the one or more devices. The XR system may also update the transform keys after a first time period to further protect the privacy of the sensitive objects.

Abstract: Systems and methods are provided herein for providing privacy while allowing interactions with virtual representations of sensitive objects. This may be accomplished by an extended reality (XR) system receiving information associated with a real-world environment of a user. The XR system may transmit the received information to one or more devices (e.g., server, XR device, etc.) for processing. Before transmitting the received information, the XR system can use the received information to identify and categorize objects in the real-world environment to identify sensitive objects. To protect the privacy of the sensitive objects, the XR system transforms features of the sensitive objects using one or more transform keys prior to transmitting the information to the one or more devices. The XR system may also update the transform keys after a first time period to further protect the privacy of the sensitive objects.

Abstract: The present disclosure generally relates to a method for authenticating a user using an electronic device, where the electronic device comprises a biometric sensing system as well as a first, a second and a third control unit. The present disclosure also relates to a corresponding electronic device and to a computer program product.

Abstract: Mechanisms for requesting, by a client device, registration of identified data at a sensor reader. A request command is sent from the client device and to the sensor reader pertaining to a registration operation to be performed on identified data at the sensor reader. A security policy is assigned to the identified data by the sensor reader. A first security protected object and a second security protected object of the identified data are created by the sensor reader and based on the request command and the security policy. The second security protected object is sent, by the sensor reader, to the client device. The first security protected object is sent, by the sensor reader, towards the trusted server. The trusted server, upon reception of the first security protected object, verifies that the sensor reader that created the first security protected object has a security trusted relationship with the trusted server.

Abstract: The invention relates to methods and devices for updating encrypted biometric data of a user at a trusted network node. In an aspect of the invention a method performed by a first client device is provided of updating encrypted biometric data of a user, the encrypted biometric data to be updated having been previously captured by the first client device and registered at a trusted network node. The invention relates to methods and devices for updating encrypted biometric data of a user at a trusted network node. In an aspect of the invention a method performed by a first client device is provided of updating encrypted biometric data of a user, the encrypted biometric data to be updated having been previously captured by the first client device and registered at a trusted network node.

Abstract: The invention relates to methods and devices for enabling authentication of a user based on biometric data. In an aspect of the invention, a method performed by a client device of enabling authentication of user of the client device with a network node over a secure communication channel based on biometric data is provided.

Abstract: The present disclosure generally relates to a method for authenticating a user using an electronic device, where the electronic device comprises a biometric sensing system as well as a first, a second and a third control unit. The present disclosure also relates to a corresponding electronic device and to a computer program product.

Abstract: A network node is configured to enable authentication of a user of a client device based on biometric data captured by the client device. The network node receives, from the client device, a request to authenticate a user that includes a first set of transformed biometric data transformed with a first secret feature transform key shared with the client device; fetches, from a secure end-user repository, a second set of enrolled transformed biometric data associated with the first set of transformed biometric data and a second secret feature transform key with which the second set of biometric data was transformed at enrolment of the transformed biometric data; and submits the second set of transformed biometric data and the second secret feature transform key over a secure communication channel to the client device.

Abstract: In an aspect of the invention, a network node configured to enable authentication of a user of a client device based on biometric data captured by the client device is provided, which network node receives a request to authenticate a user of a client device, the authentication request comprising a user identifier, fetch at least one set of enrolled transformed biometric data corresponding to the user identifier and a secret feature transform key with which the biometric data was transformed at enrolment of the transformed biometric data at the network node, and submit the transformed biometric data and the secret feature transform key over a secure communication channel to the client device.

Abstract: In an aspect of the invention, a network node configured to enable authentication of a user of a client device based on biometric data captured by the client device is provided, which network node receives a request to authenticate a user of a client device, the authentication request comprising a user identifier, fetch at least one set of enrolled transformed biometric data corresponding to the user identifier and a secret feature transform key with which the biometric data was transformed at enrolment of the transformed biometric data at the network node, and submit the transformed biometric data and the secret feature transform key over a secure communication channel to the client device.

Abstract: The present disclosure generally relates to a method for authenticating a user by means of an electronic device, where the electronic device comprises a first and a second control unit adapted to process a biometric representation from a biometric sensor. Preferably, the second control unit comprises a secure element and/or a secure block adapted to provide a secure processing environment. The present disclosure also relates to a corresponding electronic device and to a computer program product.

Abstract: The invention relates to methods and devices for enabling authentication of a user based on biometric data. In an aspect of the invention a method performed by a trusted network node is provided for enabling authentication of a user of a second client device based on biometric data captured by a first client device.

Abstract: A network node is configured to enable authentication of a user of a client device based on biometric data captured by the client device. The network node receives, from the client device, a request to authenticate a user that includes a first set of transformed biometric data transformed with a first secret feature transform key shared with the client device; fetches, from a secure end-user repository, a second set of enrolled transformed biometric data associated with the first set of transformed biometric data and a second secret feature transform key with which the second set of biometric data was transformed at enrolment of the transformed biometric data; and submits the second set of transformed biometric data and the second secret feature transform key over a secure communication channel to the client device.

Abstract: Mechanisms for requesting, by a client device, registration of identified data at a sensor reader. A request command is sent from the client device and to the sensor reader pertaining to a registration operation to be performed on identified data at the sensor reader. A security policy is assigned to the identified data by the sensor reader. A first security protected object and a second security protected object of the identified data are created by the sensor reader and based on the request command and the security policy. The second security protected object is sent, by the sensor reader, to the client device. The first security protected object is sent, by the sensor reader, towards the trusted server. The trusted server, upon reception of the first security protected object, verifies that the sensor reader that created the first security protected object has a security trusted relationship with the trusted server.

Abstract: The present disclosure generally relates to a method for authenticating a user by means of an electronic device, where the electronic device comprises a first and a second control unit adapted to process a biometric representation from a biometric sensor. Preferably, the second control unit comprises a secure element and/or a secure block adapted to provide a secure processing environment. The present disclosure also relates to a corresponding electronic device and to a computer program product.

Abstract: Methods and devices for updating biometric template protection keys can include updating at least one stored feature transformation key with which a set of biometric data of a user initially has been transformed at a first client device at which the biometric data of the user was captured and enrolled with a network node, which set of transformed biometric data of the user is stored at a biometric data verification node that does not have access to the feature transformation key. The method comprises generating random data, computing at least one new feature transformation key based on said random data, replacing the at least one stored feature transformation key with the computed at least one new feature transformation key, and transmitting the generated random data to the biometric data verification node, which uses the generated random data to update the at least one set of transformed biometric data.