Abstract: A biometric data sample is taken and compared with stored biometric data. If the biometric data sample matches stored data, access to a secure data storage module is enabled. The secure data storage module contains data necessary for successful communication with a server, as detailed further below. Accordingly, a biometric data match enables sensitive data retrieval, and ultimately secure communication with another device. In a preferred embodiment, the Subscriber Identity Module (SIM) in a GSM phone provides stored biometric data and processing capabilities for the matching function within a cellular phone. By storing biometric data on the SIM (a type of smart card) and performing the biometric matching process on the SIM, the need to transmit or store biometric data in a way that leaves it available for retrieval or tampering is minimized.

Abstract: The present invention provides biometrically enhanced certificates or other data structure or data item containing biometric information, by adding fields containing biometric information derived from a user to a conventional Public Key Certificate. A biometrically enhanced certificate, therefore, provides a digital identity that binds a public key not just to a name, but to a physical property or properties of the person or entity who is the subject of the certificate. In one embodiment, biometric certificate fields comprising biometric data are incorporated into private extensions of an X.509 identity certificate. In another embodiment, biometric certificate fields comprising biometric data are incorporated into an X.509 attribute certificate.

Abstract: The present invention provides systems and methods utilizing tokens to assign or mitigate risk. A software token is provided that associates a secret—such as a private key or password—with risk factors involved in protecting that secret from illicit access. The token may include an indication or calculation of the “overall risk of compromise” (OROC), generally represented as an overall trust metric, associated with the secret. This token can then be used to inform system operators or third parties of the confidence of a given system transaction that depends on the secret. A third party can then take whatever actions it deems appropriate according to the estimated risk. For example, in one embodiment of the present invention, the risk factor is used to deny a transaction if the risk is deemed to great—that is if the risk factor is greater than a predetermined (or sufficient) value.