Methods, Systems, and Products for Authenticating Users
Enhanced biometric authentication combines a user's inherent biometric data with the user's password, code, or other secret glyph. For example, the user's finger makes an input on a touchpad. An image of a fingerprint is extracted from the input, along with the user's password, code, or other secret glyph. In one input, then, the user's finger serves two authentication schemes for increased security.
Latest AT&T Patents:
- Zero Trust Network Access and Virtual Private Network Client Offloading
- METHODS, SYSTEMS, AND DEVICES TO PROTECT PERSONAL IDENTIFIABLE (PI) DATA WHEN A USER UTILIZES AN AVATAR IN A VIRTUAL ENVIRONMENT
- METHODS, SYSTEMS, AND DEVICES FOR MANAGING AVATARS ACROSS DIFFERENT SOFTWARE APPLICATIONS
- METHODS, SYSTEMS, AND DEVICES FOR ADJUSTING AN AVATAR BASED ON SOCIAL MEDIA ACTIVITY
- ALTITUDE DETERMINATION ACCORDING TO CROWD SOURCED BAROMETRIC PRESSURE MEASUREMENTS
This application is a continuation of U.S. application Ser. No. 14/541,198 filed Nov. 14, 2014 and since issued as U.S. Pat. No. ______, which is a continuation of U.S. application Ser. No. 13/737,984 filed Jan. 10, 2013 and since issued as U.S. Pat. No. 8,912,882, which is a continuation of U.S. application Ser. No. 12/537,949 filed Aug. 7, 2009 and since issued as U.S. Pat. No. 8,384,514, with all applications incorporated herein by reference in their entireties
BACKGROUNDField of the Disclosure
The present invention relates to the field of biometric authentication and more particularly to an enhanced device and process for biometric authentication.
Description of the Related Art
A concern with any security system is authentication, i.e., granting access to authorized persons and denying access to unauthorized persons. Successful authentication occurs when a system correctly determines that a user is who he claims to be, usually by the user providing at least one self-identifying security token. Many electronic systems will use a person's knowledge, for example of a password, as a security token. Increased security may also be achieved by requiring as a token something in the user's possession, such as a digital certificate. Some security systems will use biometric data, such as fingerprints or retinal scans, as a security token.
In one aspect, a disclosed method for achieving enhanced biometric authentication includes combining a user's inherent biometric data with the user's knowledge of a secret pattern. A touchpad may be provided on which the user may use a finger to perform a plurality of strokes that form a distinct pattern. Image stabilization may be used to extract a readable fingerprint from the strokes. The pattern and finger print are matched to a stored profile. A user may train a device to recognize written letters. The user can then enter a password on a touch pad with his finger. If the fingerprint and password both match, the user is authenticated.
In the following description, details are set forth by way of example to facilitate discussion of the disclosed subject matter. It should be apparent to a person of ordinary skill in the field, however, that the disclosed embodiments are exemplary and not exhaustive of all possible embodiments. Throughout this disclosure, a hyphenated form of a reference numeral refers to a specific instance of an element and the un-hyphenated form of the reference numeral refers to the element generically or collectively. Thus, for example, widget 12-1 refers to an instance of a widget class, which may be referred to collectively as widgets 12 and any one of which may be referred to generically as a widget 12.
Mechanical component 114 is provided to a mechanics processing engine 140, which creates a mechanical characterization 142. Similarly, biometric component 112 is provided to a biometric processing engine 130, which creates a biometric characterization 132. In some embodiments, a characterization is a reduced profile or other type of representation of the raw data contained in the composite input 120. Profile reduction may be accomplished, for example, by a heuristic model or by any of the other numerous methods known in the art for matching biometric data.
The characterizations 132, 142 are provided to an authentication engine 150, which also receives an authentication template 160. An authentication template 160 is a stored characterization profile, containing both a mechanical component 164 and a biometric component 162. Authentication template 160 may be generated in advance of the attempted authentication. There may also be a tolerance 152 associated with authentication template 160. Tolerance 152 may indicate the degree of allowable difference between characterizations 132, 142 and the corresponding components 162, 164.
Authentication engine 150 compares characterizations 132, 142 to components 162, 164 of authentication template 160. If both characterizations match the respective components of authentication template 160 within tolerance 152, the user is authenticated, and an authentication 170 is provided. In some cases, feedback 180 may also be provided to indicate whether or not the user was successfully authenticated.
Because composite input 120 includes a mechanical component 114 (
Characterization algorithm 362 creates a biometric characterization 132 of biometric component 112 and provides biometric characterization 132 as an output. In the case of a fingerprint, for example, the biometric characterization 132 generated by characterization algorithm 362 may include data representative of or indicative of the fingerprint. The data may be compliant with a standardized format for representing fingerprints.
In one embodiment, a user trains biometric authentication device 100 with sample inputs of a plurality of glyphs. Authentication may then comprise a step of presenting the user with one or more randomly-selected glyphs and receiving a composite input 120 corresponding to each glyph. Advantageously, this may pose difficulties for a non-authentic user, because he cannot learn a password as part of composite input 120.
In one exemplary application of the method of
To the maximum extent allowed by law, the scope of the present disclosure is to be determined by the broadest permissible interpretation of the following claims and their equivalents, and shall not be restricted or limited to the specific embodiments described in the foregoing detailed description.
Claims
1. A method, comprising:
- receiving, by a device, a time-based input to a touch-sensitive pad, the time-based input requesting authentication associated with a user of the touch-sensitive pad;
- determining, by the device, a satisfaction of a double authentication during the time-based input to the touch-sensitive pad; and
- authenticating, by the device, the user of the touch-sensitive pad in response to the satisfaction of the double authentication.
2. The method of claim 1, further comprising determining an image of a fingerprint during the time-based input to the touch-sensitive pad.
3. The method of claim 1, further comprising capturing an image of a fingerprint during the time-based input to the touch-sensitive pad.
4. The method of claim 1, further comprising determining positions associated with the time-based input to the touch-sensitive pad.
5. The method of claim 1, further comprising retrieving a template associated with the double authentication.
6. The method of claim 1, further comprising retrieving a template associated with the device.
7. The method of claim 1, further comprising retrieving a template associated with the user.
8. A system, comprising:
- a hardware processor; and
- a memory device, the memory device storing instructions, the instructions when executed causing the hardware processor to perform operations, the operations comprising:
- receiving a time-based input to a touch-sensitive pad, the time-based input associated with a double authentication scheme;
- determining a satisfaction of the double authentication scheme based on the time-based input to the touch-sensitive pad; and
- authenticating a user of the touch-sensitive pad in response to the satisfaction of the double authentication scheme.
9. The system of claim 8, wherein the operations further comprise segregating the time-based input into an image of a fingerprint and a mechanical component.
10. The system of claim 9, wherein the operations further comprise determining a first match associated with the double authentication scheme, the first match between the image of the fingerprint and a template for the authentication.
11. The system of claim 10, wherein the operations further comprise determining a second match associated with the double authentication scheme, the second match between the mechanical component and the template.
12. The system of claim 9, wherein the operations further comprise determining a password as the mechanical component.
13. The system of claim 9, wherein the operations further comprise determining a trace as the mechanical component.
14. The system of claim 9, wherein the operations further comprise determining a character as the mechanical component.
15. The system of claim 9, wherein the operations further comprise determining a combination of characters as the mechanical component.
16. The system of claim 9, wherein the operations further comprise determining a letter as the mechanical component.
17. The system of claim 9, wherein the operations further comprise determining a stroke as the mechanical component.
18. A computer readable memory storing instructions that when executed cause a hardware processor to perform operations, the operations comprising:
- receiving a time-based input to a touch-sensitive pad, the time-based input associated with a double authentication scheme;
- matching an image of a fingerprint captured during the time-based input to a template associated with the double authentication scheme;
- matching a mechanical component determined during the time-based input to the template associated with the double authentication scheme; and
- determining a satisfaction of the double authentication scheme in response to the image of a fingerprint and the mechanical component matching the template.
19. The computer readable memory of claim 18, wherein the operations further comprise determining a password as the mechanical component.
20. The computer readable memory of claim 18, wherein the operations further comprise determining a character as the mechanical component.
Type: Application
Filed: Oct 14, 2016
Publication Date: Feb 2, 2017
Applicant: AT&T Intellectual Property I, L.P. (Atlanta, GA)
Inventors: Brian M. Novack (St. Louis, MO), Daniel L. Madsen (Castro Valley, CA)
Application Number: 15/293,333