Securing computer systems and electronic transactions is becoming more and more important as we enter the electronic age. Existing password and cryptographic techniques seem well on their way to solving the security problems of computer systems, electronic commerce, and electronic transactions. These solutions ensure that the set of digital identification keys associated with an individual person can safely carry on electronic transactions and information exchanges. Little, however, has been done to ensure that such identification keys can only be used by their legitimate owners. This is a critical link that needs to be made secure if secure computer access, electronic commerce, home banking, point of sale, electronic transactions, and similar mechanisms are to become truly secure.
Today, passwords handle most of these issues. For example, most electronic transactions, such as logging into computer systems, getting money out of automatic teller machines, processing debit cards, electronic banking, and similar transactions require passwords. Passwords are an imperfect solution because as more and more systems attempt to become secure, a user is required to memorize an ever expanding list of passwords. Additionally, passwords are relatively easily obtained by observing an individual when he or she is entering the password. Moreover, there is no guarantee that users will not communicate passwords to one another, lose passwords, or have them stolen. Thus, passwords are not considered sufficiently secure for many functions.
More and more often, fingerprint identification is considered. Fingerprints have the advantage of being unique to an individual person, requiring no memorization, and being relatively difficult to appropriate. Thus, some secure systems are switching to fingerprint recognition. Fingerprint recognition generally requires a user to place his or her finger on a fingerprint sensing device. Each fingerprint consists of a unique arrangement of ridges and grooves. The fingerprint sensing device transmits an analog image of the user's fingerprint, via a coaxial cable, to a computer system. The computer system then matches the fingerprint to a database of fingerprint templates in the computer system.
Public access information networks, such as the Internet, are being used to distribute a wide variety of information. However, public networks such as the Internet are not secure and there is a danger of information being copied or intentionally misrouted as it is being transmitted. Further, transmitted information, if it is protected at all, is usually protected by a traditional password scheme which is not able to verify that the person using the password is authorized to do so. Therefore, there is a need for a secure way to distribute information over a network which protects against possible information copying or misrouting and which can verify that only an authorized user can access the information.