1. Field of the Invention
The present invention generally relates to a system that uses a biometric input device in combination with a manually actuated input device. An authentication section authenticates the biometric input to generate a data access allowance function or a data access prevention function based on non-authentication of the biometric input.
2. Description of the Related Art
Mobile cell phones and MP3 (Moving Picture Experts Group-1 Audio Layer 3)/MPEG (Moving Picture Experts Group) media player devices currently available include significant amounts of data storage. For example, many media players are available with an 80 GB hard disk drive. Additionally, several cellular phones and media players include up to 10 GB of flash memory for data storage. The amount of storage space in these mobile devices is expected to increase over time. As a consequence, people are storing sensitive data on these devices. This includes corporate and personal email, records of financial transactions, licensed music and movies, copies of government issued documents, financial and legal data, etc.
There is a need to protect the data on these devices since these small portable devices can be easily lost or misplaced. Additionally, since the devices often contain sensitive data, they may be stolen with the intent to retrieve the sensitive data. In the event a device is lost or stolen, the user wants to make it very difficult for the finder of the device to be able to obtain access to the data stored on the device. In order to meet this objective, the data on these devices may be encrypted with strong encryption techniques.
Present methods used to protect data on mobile devices include a numeric keypad lock typically provided on cell phones, and alphanumeric passwords on other mobile devices provided with keypads or thumb-pads. In most cases, data on the device is not itself encrypted but access to the data is prevented by disabling a data accessing application until an authorized password is supplied. The keypad based security schemes for mobile devices can typically be broken through brute force techniques. In some cases, the device may lock the user out after a few tries, but since the adversary has physical possession of the device he can attack it by bypassing this software and directly examining the storage device. For example, a storage card or hard disk drive inside the device may be removed and read from another system.
In the simplest security schemes, sometimes used on resource limited mobile devices, a password entered by a user is compared against a stored password, and if they match, the device allows access to the data on the device. This scheme is weak from the perspective of an attacker who can gain access to the data on the storage device and determine the correct password. In some cases, passwords are transformed by a one-way hash function and the resulting hashes are stored on the mobile device. When a user logs in with a password, the entered password is hashed and checked with the hash associated with the registered password for the user. An attacker who knows the hash function and the hash output can determine the password by trying different combinations of passwords and checking the resulting hashes. This task is able to be accomplished on a powerful computer fairly quickly. Alternatively, the attacker may simply bypass the password check altogether and access at the data directly by examining the memory contents.
Therefore, a safe way to protect stored data is through encryption using a strong encryption routine requiring very long passwords. However, when a user wants to use the device in a situation, he will need to supply a very long password. The stronger the encryption desired by the user, the longer a password will need to be supplied by the user which most likely will interfere with the user's normal operation of the media playback device. The playback device may be automatically locked after a predetermined period of non-use, but once the device is locked, the user must supply the password again. If the device is locked too often, the user will be easily annoyed since he must enter a long password again to regain operation of the device.
Thus, there exists a need for a device, system and method where encrypted data is stored in a data memory/storage device, and decryption of the encrypted stored data is accomplished by a user inputting a strong decryption key that the user can enter quickly and easily on the electronic device, (e.g., mobile phone, media playback device, etc.).