Application Field
The present invention relates to the field of the methods, based on acquisition and electronic processing of biometric data, for the recognition of users of services the fruition of which requires a registration and an authorization. Particularly, the invention relates to a method of registration and recognition of users of POS (Point Of Sale) and ATM/cash dispenser services, as well as a method for delivering such services.
The invention also relates to a recognition system which carries out the above method, and POS and ATM systems comprising such a recognition system.
Description of the Prior Art
In the context of the offering of services the fruition of which requires a recognition and an authorization, the need and the convenience to use recognition and/or identity verification and/or authorization methods based on acquisition and electronic processing of biometric data are increasingly perceived.
In particular, such a need is felt in the field of services related to commercial payments, for example, services of the POS (Point Of Sale) type, or services usually provided by banks for the automatic withdrawal of money from bank accounts, for example, services of the cash dispenser/ATM (Automated Teller Machine) type.
In the known POS and/or ATM systems, a holder of a card (credit card or cash card) accesses a service through two steps, the first of which involves the use of the card itself, the second of which is a confirmation of the identity of the card holder, by typing a numeric/alphanumeric identification code, for example, a PIN or password. The identity confirmation (subject to a prior process of identity verification or “authentication”) provides that the recognition system first recognizes the user, through conventional card-based methods, then retrieves the pre-registered identification code (PIN or password) of the recognized user, then compares the registered identification code and the one typed in by the user.
In this framework, it is possible to envisage replacing the identification code with a biometric datum of the user.
In this regard, several solutions for a verification of the identity of a user based on the acquisition and processing of biometric data are known, derivable particularly from the field of the identity verification for security purposes (for example, to permit or not entrance to restricted access areas, or to confidential data in an information system).
The known solutions referred to are varied, both with respect to the biometric datum that is used (for example, fingerprint, or eye iris, or electrocardiographic or breath frequencies/patterns, or voice, or typing frequency/pressure on a keyboard), and with respect to the algorithms used for performing comparison and recognition (usually, analytical “pattern matching” algorithms).
A first problem which arises, if one wished to apply such known solutions to the identity verification in the context of POS/ATM, is to have sufficiently quick, convenient, and simple acquisition procedures so as they are “attractive” for the user. This requirement, by itself, already excludes most of the aforementioned known solutions.
A second problem, even more hindering with respect to the needs felt in the context of POS/ATM services, relates to the fact that the above-mentioned solutions relate to the function of identity verification or authentication, in the meaning explained above, but do not satisfy the need for a “recognition” of the user. In fact, for a “recognition service”, the user has to be identified without he/she has to previously introduce his/her presentation, for example by inserting a credit or cash card. The need to have a recognition service is felt as crucial, for POS/ATM services, having the basic objective to even avoid the need to use a card.
Now, an identity verification service involves a mere “one-to-one” comparison between the acquired biometric data of the user and previously registered biometric data of the same user.
On the contrary, a recognition service involves a “one-to-many” comparison between acquired biometric data of the user and a plurality of previously registered biometric data, belonging to all the registered users registered for a given service. Such a plurality may be very numerous: in the context of POS/ATM services, the number of registered users (for example, client of a bank) is typically of hundreds of thousands or millions individuals.
Such quantitative data indicate how significant is the difference between the requirements to be met by a biometric method for an identity verification compared to the requirements to be met by a biometric method for a recognition, and allow to understand the reason why the solutions developed for the former field are completely unfeasible in the latter one.
The main problem that arises relates to the times for the recognition, which requires a large number of comparisons, rather than only one, before obtaining a result, which makes unfeasible the idea of simply iterating many times in sequence the application of the biometric methods of identity verification (such as those mentioned above) as a recognition method.
In view of this problem, no feasible solutions are found, not even resorting to solutions that are known in other fields, for example, those based on the acquisition of fingerprints of a person to be recognized and on the scanning a database of fingerprints to find a match. Such solutions, which are used, for example, for legal investigations, entail in the known implementations, in the absence of drastic improvements, recognition times (i.e., duration of the recognition process) which are longer, by several orders of magnitude, with respect to the recognition times required in the POS/ATM field, which are acceptable if they last at most a few seconds.
Furthermore, the solutions mentioned above do not always ensure a degree of recognition reliability that is sufficient for POS/ATM applications.
In fact, it shall be noticed that the POS/ATM services, being related to payments or money transfers, require a very high recognition reliability degree, comparable to that provided by the current card-based solutions with a confirmation by means of a PIN/password. This is a stringent requirement for the providers of such services, for example, banks.
The objective of eliminating PIN/password and also the card, while maintaining a degree of recognition reliability sufficient for such applications, and relying on biometric data, is a still unsolved technical challenge.
With regard to the requirement of reliability, it is important to notice that the recognition at a POS/ATM terminal, as stated above, is currently carried out by means of a password/PIN, which are identification codes that may be defined as “exact”, since they can be regenerated in an identical manner, deterministically, upon each recognition event.
On the contrary, biometric data are identification codes that may be defined as “non-exact” (or “not exact”), wherein an absolute, deterministic identity between the registered datum and the datum acquired during recognition phase cannot be achieved. The fact of obtaining from non-exact identification codes reliability recognition results comparable to those that may be obtained from exact identification codes is a technical object that cannot be achieved by the prior art.
The requirements of reliability and speed, imposed by a recognition method in the POS/ATM field, are not even solved by solutions recently proposed to make the acquisition of the biometric data easy and quick, such as the solutions based on the acquisition of images of the user's hand palm.
For example, the patent application US 2012/0057763 illustrates a system of such a type, employing deterministic algorithms (SITF, convolution processes) to extract a plurality of biometric characteristics from the acquired image. The application is the one of an identity verification, in which the single “one-to-one” comparison required is carried out through a plurality of single comparisons.
The patent application US 2010/0045788 illustrates a further system of such a type, using analytical algorithms (for example, Kong algorithm, based on Gabor filters) in order to express an approximate assessment, of “pattern similarity”, for example, by means of a function “distance”. Such a system also performs comparisons on a plurality of biometric characteristics.
Generally, the systems of the above-mentioned type employ analytical algorithms (for example representing by means of equations the hand surface and detecting characteristic points on the hand surface) which approximate as a number, such as a “distance”, a “degree of similarity” in an identity comparison check. Therefore, in order to obtain an acceptable reliability degree for an identity verification, they are “forced” to perform several comparisons, on a plurality of biometric characteristics, for each single “matching” comparison.
This involves an increase in the amount of data to be stored, for each acquired image, and an increase in the number of elementary comparisons that are necessary for each single identity verification.
For these reasons, even if it is possible to try to apply such systems in the context of a “one-to-many” recognition service (in the meaning illustrated above), such solutions cannot be applied (actually, their application is not even conceivable) in the context of services requiring the recognition of a user among thousands, or hundreds of thousands, or even millions users, such as those contemplated herein.
In order to obviate the above-mentioned problems, possible improvements relating to the rapidity of the single comparison are useful, but not decisive. In fact, it has already been noticed that the recognition methods, due to their own nature, must have a very high degree of reliability as regards the recognition precision. Such a goal requires that each comparison between the acquired datum and each of the registered data (“non-exact” codes) is performed very accurately, by means of advanced algorithms, which implies that the reduction in the processing times for a single comparison cannot be compressed beyond certain limits.
In brief, it can be stated that a biometric recognition method such as to meet the needs of an application in the field of POS/ATM must have several characteristics: simplicity and rapidity of acquisition of the biometric datum; processing speeds such as to allow a very fast recognition; high precision and recognition reliability.
No one of the solutions of the prior art, mentioned above, is capable of meeting at the same time all the aforementioned needs, and not even of providing a performance trade-off which is close to what is required.
Therefore, the object of the present invention is to devise and provide a method for a registration and quick recognition of a user, which is improved so as to meet the above-mentioned needs, and capable of obviating the drawbacks described herein above with reference to the prior art. It is also an object of the present invention to devise and provide a method of delivering a service, employing the above-mentioned recognition method, which proves to be particularly efficient. The achievement of the object indicated above further allows achieving the further objects of devising and providing a system for a quick recognition of a user, and POS and ATM systems, which systems are, in turn, improved so as to meet the above-mentioned needs, overcoming the above-mentioned drawbacks related to the prior art.