Abstract: A method and system for secure call Dual-Tone Multi-Frequency (DTMF) signaling includes entering (202) dial string of a telephone number of a destination device, assigning (210, 212) the dial string to a predefined string having a total length that is greater than the dial string such that there will be at least one leading hexadecimal bit in the predefined string length that is not used when the entered dial string is converted to a hexadecimal, converting (214) the dial string to hexadecimal, reversing the order of the hexadecimal, and placing the reversed hexadecimal at the beginning of the predefined string, appending (216) “one” bits to the predefined string length indicating how many nibbles of the predefined string length are unused, if any, and appending the remaining intervening unused bits in the predefined string length to “zero” bits, and sending (226) the encoded string length.

Abstract: A method is provided for identifying and verifying a person using hand biometrics with an anti-spoofing measure. The method comprises acquiring (51) a first image (10) of a hand in a first configuration, acquiring (52) a second image (30, 40) of the hand in one of the first and a second configuration for comparison with the first image (10), determining (52) whether a person can be identified from at least one of the first image (10) and the second image (30, 40), and determining (55) from a comparison of the second image (30, 40) with the first image (10) whether the hand is a counterfeit.

Abstract: Disclosed are methods for extracting and using information about an entity that has a presence in a number of information domains. The entity has separate identifiers in each of several domains. Various techniques are described that bind together the identifiers of the entity across the domains. The results of the binding are provided to an interested party that can review information extracted about the entity's behavior in the multiple domains. The interested party is not given access to information that would compromise the confidentiality of the entity. A trusted broker has access to information about the behavior of the entity in the several domains. The broker analyzes that information and provides the analysis to the interested party, again without compromising the confidentiality of the entity. An “incentivizer” works with the broker to extract from the domains information that would be useful in binding together the different identifiers of the entity.

Abstract: Disclosed are methods for extracting and using information about an entity that has a presence in a number of information domains. The entity has separate identifiers in each of several domains. Various techniques are described that bind together the identifiers of the entity across the domains. The results of the binding are provided to an interested party that can review information extracted about the entity's behavior in the multiple domains. The interested party is not given access to information that would compromise the confidentiality of the entity. A trusted broker has access to information about the behavior of the entity in the several domains. The broker analyzes that information and provides the analysis to the interested party, again without compromising the confidentiality of the entity. An “incentivizer” works with the broker to extract from the domains information that would be useful in binding together the different identifiers of the entity.

Abstract: Disclosed are methods for extracting and using information about an entity that has a presence in a number of information domains. The entity has separate identifiers in each of several domains. Various techniques are described that bind together the identifiers of the entity across the domains. The results of the binding are provided to an interested party that can review information extracted about the entity's behavior in the multiple domains. The interested party is not given access to information that would compromise the confidentiality of the entity. A trusted broker has access to information about the behavior of the entity in the several domains. The broker analyzes that information and provides the analysis to the interested party, again without compromising the confidentiality of the entity. An “incentivizer” works with the broker to extract from the domains information that would be useful in binding together the different identifiers of the entity.

Abstract: Disclosed are methods for extracting and using information about an entity that has a presence in a number of information domains. The entity has separate identifiers in each of several domains. Various techniques are described that bind together the identifiers of the entity across the domains. The results of the binding are provided to an interested party that can review information extracted about the entity's behavior in the multiple domains. The interested party is not given access to information that would compromise the confidentiality of the entity. A trusted broker has access to information about the behavior of the entity in the several domains. The broker analyzes that information and provides the analysis to the interested party, again without compromising the confidentiality of the entity. An “incentivizer” works with the broker to extract from the domains information that would be useful in binding together the different identifiers of the entity.

Abstract: Automatic recognition apparatus (100, 700) includes multiple automatic recognition subsystems (102, 104, 106) that are cable of producing estimates of the probability that a subject matches a particular identity, a probability estimate combiner (108) that receives estimates from the multiple automatic recognition subsystems (102, 104, 106) and produces a combined estimate, and a decayer that (111) that decreases the certainty of the combined estimate over time while avoiding changing estimates to values that would suggest strong information contrary to the initial values of the combined estimates.

Abstract: A method and device for using a partial public key in a cryptosystem. The cryptosystem may be based on a group, such as an elliptic curve over a finite field. The device includes a first memory for storing system parameters of the cryptosystem and a second memory for storing a portion of a public key of the cryptosystem. The device receives the complete public key, or the remainder of the public key, via communication with another device. The received portion of the public key is used to form a validated public key. A processor of the device uses the validated public key for encrypting messages and/or verifying signatures. The size of the second memory is reduced since only part of the public key is stored.

Abstract: A method and apparatus for modifying a color of an electronics housing (104) based on the device security, authentication, and/or authorization is provided herein. During operation a device (100) will repeatedly gather a current security status and then modify a color or pattern of the housing based on the security status. Because the color of an electronics device indicates the current security, authentication, and/or authorization level, a user of the device can easily determine their security, authentication, and/or authorization level.

Abstract: Automatic recognition systems (100) includes multiple automatic recognition subsystems (102, 104, 106) that are cable of producing estimates of the probability that a subject matches a particular identity and a probability estimate combiner (108) that receives estimates from the multiple automatic recognition subsystems (102, 104, 106). The probability estimate combiner (108) has a number of properties which allow good use to be made of the individual estimates.

Abstract: Systems and methods for providing secure identity authentication amongst devices using identity information contained therein to facilitate data synchronization amongst the user devices, wherein the identity information in the devices are compared for authentication but not actually transmitted or exposed for unauthorized access to such information and to the devices.

Abstract: Authentication is performed to a confidence level (CL) desired by a verifier (220). A prover (210) picks and sends certain same size, square matrices to the verifier (220). A random request bit is sent (234) from the verifier (220) to the prover (210) after the receipt of a certain square matrix. Depending on the request bit, calculations are made (244, 264) by the verifier (220) to determine if the matrices sent from the prover are verifiable. The prover (210) is iteratively authenticated by the verifier (220). Iterations are continued until (320) a count of the iterations (IL) reaches a number sufficient to achieve the desired confidence level (CL). After a delay, more iterations can achieve a higher confidence level by building on previous result of authentication without having to begin at zero. During this delay, the verifier (220) can perform tasks in reliance on the result of authentication. Digital logic can perform the authentication.

Abstract: The identity of a user of a mobile device is verified by the mobile device accessing the location of the mobile device over recent time to obtain a current route, comparing a feature of the current route to characteristic features of previous routes stored on the mobile device. The user is verified if the feature of the current route matches a characteristic feature of previous routes. The previous routes may be obtained by tracking the location of the mobile device over time to obtain a number of routes, identifying characteristic features of the routes, and storing the characteristic features of the routes.

Abstract: A method is provided for identifying and verifying a person using hand biometrics with an anti-spoofing measure. The method comprises acquiring (51) a first image (10) of a hand in a first configuration, acquiring (52) a second image (30, 40) of the hand in one of the first and a second configuration for comparison with the first image (10), determining (52) whether a person can be identified from at least one of the first image (10) and the second image (30, 40), and determining (55) from a comparison of the second image (30, 40) with the first image (10) whether the hand is a counterfeit.

Abstract: Communication and validation of information transfer from a transmitter to a receiver is achieved by generating a cipher (400) from a message m (410) using parameters of an elliptic curve, a generator point P (406) on the elliptic curve and a public key Q (416) of the receiver. The cipher includes a first element that is the product kP of a random number k (404) with the generator point P and a second element that is the product of m and the x-coordinate of the product kQ. The message m is generated from two mathematically independent representations of the information and, optionally, a random number. The cipher is communicated to the receiver and decoded to recover a message m? (502). A validation token (500) is generated by the receiver and passed to the transmitter, which validates communication of the information to the receiver if the product mkQ is equal to the validation token.

Abstract: Automatic recognition apparatus (100, 700) includes multiple automatic recognition subsystems (102, 104, 106) that are cable of producing estimates of the probability that a subject matches a particular identity, a probability estimate combiner (108) that receives estimates from the multiple automatic recognition subsystems (102, 104, 106) and produces a combined estimate, and a decayer that (111) that decreases the certainty of the combined estimate over time while avoiding changing estimates to values that would suggest strong information contrary to the initial values of the combined estimates.

Abstract: Automatic recognition systems (100) includes multiple automatic recognition subsystems (102, 104, 106) that are cable of producing estimates of the probability that a subject matches a particular identity and a probability estimate combiner (108) that receives estimates from the multiple automatic recognition subsystems (102, 104, 106). The probability estimate combiner (108) has a number of properties which allow good use to be made of the individual estimates.

Abstract: A method and device for using a partial public key in a cryptosystem. The cryptosystem may be based on a group, such as an elliptic curve over a finite field. The device includes a first memory for storing system parameters of the cryptosystem and a second memory for storing a portion of a public key of the cryptosystem. The device receives the complete public key, or the remainder of the public key, via communication with another device. The received portion of the public key is used to form a validated public key. A processor of the device uses the validated public key for encrypting messages and/or verifying signatures. The size of the second memory is reduced since only part of the public key is stored.

Abstract: Methods and system for managing secure access to data by a user in a network are disclosed. The method includes receiving (402, 404) a key and a biometric sample of the user transmitted by a user device (104) at a server (102). The method also includes decrypting (406) an encrypted biometric profile (212) corresponding to the user by using the key, to yield an unencrypted biometric profile. The method further includes authenticating (408) the user by using the biometric sample of the user and the unencrypted biometric profile corresponding to the user. The method further includes discarding (410) the key, the biometric sample of the user, and the unencrypted biometric profile corresponding to the user after authentication.

Abstract: A method and system for registering a user device in a domain of a domain authority (106) using biometric information is provided. The method includes sending (402) a request (by the user device) to the domain authority for joining the domain. The user device making the request is then authenticated (400) and the biometric information of the user is then requested (406). Further, the method includes authenticating (412) the biometric information of the user. The security information of the domain is transferred (414) to the user device once the authentication of the user device and the biometric information are both successful.