Biometrics is the science of identifying individuals based upon physiological or behavioral characteristics. In recent years, automated biometric systems have been developed that can be used to identify, or to verify, the identity of individuals. These systems are now being marketed not just to law enforcement, but to individuals and corporations that need to provide some measure of access control to computer systems or physical facilities. They are also being incorporated into encryption packages that are intended to protect personal files, private information and financial transactions.
Virtually all biometric products on the market today share a significant vulnerability. This vulnerability is serious enough to prevent the use of biometric technology in a number of otherwise useful circumstances. The vulnerability involves template reversal. A biometric system must store information, called a template, about authorized users in order to identify those users. One can use the template information stored on a system to create a false input to the biometric system that will grant access.
U.S. Pat. No. 6,035,398 entitled “CRYPTOGRAPHIC KEY GENERATION USING BIOMETRIC DATA,” discloses a system for generating an encryption key using biometric data. The system first generates a template from the biometric, as discussed above. The system next hashes features, or a subset of features, of the biometric to create an encryption key. In an alternative embodiment, ghost points are combined with the template and the ghost points are extracted as the encryption key. The template and key together are used for verification. The present invention does not use this method for encryption or authentication. U.S. Pat. No. 6,035,398 is hereby incorporated by reference into the specification of the present invention.
U.S. Pat. No. 6,181,803 entitled “APPARATUS AND METHOD FOR SECURELY PROCESSING BIOMETRIC INFORMATION TO CONTROL ACCESS TO A NODE,” discloses a system that compares captured biometric data with a stored biometric record, or template, to regulate access to a terminal or area. Several readings of the biometric are taken and a composite is created prior to comparing the readings to the template. This is to account for poor resolution of cameras acquiring the biometric readings. The present invention does not create a composite of the presented biometrics at the time of authentication, and therefore does not infringe this patent. U.S. Pat. No. 6,181,803 is hereby incorporated by reference into the specification of the present invention.
U.S. Pat. No. 6,317,834 entitled “BIOMETRIC AUTHENTICATION SYSTEM WITH ENCRYPTION MODELS,” discloses a system that creates a biometric template for each user on the system. The template is then combined with a password created by the user to encrypt the model, the password being discarded by the system after encryption. To access the secured resource the user must present both his biometric and the appropriate password, which are combined to decrypt the model. The present invention does not create an encryption key from a password and biometric, and therefore does not infringe this patent. U.S. Pat. No. 6,317,834 is hereby incorporated by reference into the specification of the present invention.
The difficulty in producing a secure biometric system is that biometrics are not constant, even for an individual. From measurement to measurement there is always some difference. Thus, if one were to use a biometric as a password, when the user returned and attempted access, he would provide slightly different inputs to the system and would be rejected. It is therefore desirable in the art to have a system that allows use of a biometric for secured access while accounting for the inherent variations in the biometric. It is further desirable to have a biometric security system that overcomes the security vulnerabilities of prior art systems.