Modern society demands that people may be identified for many reasons. These include limiting access to bank accounts, limiting access to certain facilities such as a security area, a computer room, a police department, or a military facility, limiting which people are authorized to pick up a child from a day care center, limiting access to government welfare checks and health benefits, determining which prisoner to parole, and limiting access to adult activities such as electronic gambling. This has led to increasing use of identification cards, passwords, and PIN numbers to supplement, in those instances where automated identification is either necessary or desirable, those situations where human recognition is either unavailable or will not suffice. This obviously results in an increasing array and assortment of various cards, passwords, and PIN numbers that active participants in today's increasingly electronic society must carry with them (or ideally must memorize) to be able to access the functions and capabilities requiring such identification and verification.
Biometrics is the study of biological phenomena, and in the area of personal identification, some chosen characteristic of a person is used to identify or verify that person's identity. Biometric identification has gained interest in recent years because certain personal characteristics have been found to be substantially unique to each person and difficult to reproduce by an impostor. Further, the recording and analysis of biometric data is generally susceptible to automation owing to the increased use of computer-controlled electronics and digital recording techniques. Biometric systems are automated methods of verifying or recognizing the identity of a living person on the basis of some physiological characteristic like a fingerprint or iris pattern, or some aspect of behavior like handwriting or keystroke patterns.
The biometric identifying characteristic may be biologically determined as with a fingerprint, or it may be some characteristic that is learned or acquired, such as handwriting or voice patterns. Ideally, the characteristic should be unique for every person and unvarying over the time frame during which the person may be tested for identification. The characteristic should also be difficult to duplicate by an impostor in order to secure against erroneous identification.
Some of the biometric characteristics most investigated today for use in a personal identification system include fingerprints, hand or palm prints, retina scans, signatures and voice patterns. Hand or palm print techniques typically evaluate the shape of a person's hand or other significant features such as creases in the palm, but these techniques may be fooled by templates or models of the hand of an authorized person. Retina scanning techniques evaluate the pattern of blood vessels in a person's retina. A drawback of this technique is that the blood vessel pattern may vary over time, e.g., when alcohol is in the blood stream or during irregular use of glasses or contact lenses. Also, a user may feel uneasy about having his or her eye illuminated for retina scanning or the possibility of eye contamination if there is contact between the eye and the scanning apparatus. Signatures can be forged easily and must usually be evaluated by a human operator, although work has been done on automated systems that evaluate the dynamics of a person's handwriting, such as the speed and the force of hand movement, pauses in writing, etc. Using voice patterns as the identifying characteristic encounters difficulties owing to the wide variations in a person's voice over time, the presence of background noise during an evaluation and the potential for an impostor to fool the system with a recording of the voice of an authorized person.
The most commonly used biometric characteristic and the one that has been the most investigated and developed is, of course, the fingerprint. Up until now, the technology of personal identification through fingerprint analysis has been used mainly in law enforcement, and this long term experience with fingerprint analysis has developed a large amount of information about fingerprints and has confirmed the uniqueness of a person's fingerprints. Historically, in law enforcement, fingerprints have been recorded by inking the fingerprint and making a print on a card for storage.
A fingerprint identification system is described in an article entitled “Vital Signs of Identity” by Benjamin Miller (IEEE Spectrum, February 1994, pp. 22-30). The system for recognizing fingerprints requires the user to press a finger onto a glass or Plexiglas platen. Image sensors under the platen and a charge-coupled device (CCD) array capture the fingerprint image. A custom computer system and software analyses the digitized image and converts it to an approximately 1 K mathematical characterization which is compared against data stored in the local terminal or in networked versions of the system in a remote personal computer.
Rather than requiring a user to explicitly engage with verification devices, transparent verification attempts to identify the identity of a user not only unobtrusively, but during a transaction and using normal user interactions with the system. For example, a voice recognition system which also is able to identify a user by his voice pattern provides a capability of identifying a user as the user is speaking a request or command to the system, rather than as an explicit identification action or request by the user.
U.S. Pat. No. 5,229,764 to Matchett et al. describes a continuous biometric authentication matrix. This system activates and analyzes the biometric data from a plurality of biometrically-oriented personal identification devices at intermittent intervals and selectively allows or prevents continued use of a particular protected system or device by a particular individual. The system acts as a continuously functioning gate between a system to be protected and a prospective user. Many of the biometrically-oriented personal identification devices in the Matchett system attempt some degree of transparent verification and include thumbscan, digital photo, voice prints, fingerprints and others. One such device is a joystick device shown in FIG. 7 incorporating a thumbscan sensor on the top end of the joystick. In FIG. 8A a computer mouse is depicted carrying a hand geometry reader in a mouse casing. The hand geometry reader is wired through the mouse and its leads run back to the rest of the scanning unit along the same conduit PG as that of the mouse. FIG. 8B depicts a mouse having a thumbscan unit sensor incorporated into its side. The thumbscan sensor may be oriented relative to a mouse casing adapting it either for right-handed persons or left-handed persons or both. A mouse lead is modified or replaced to carry both the mouse data and the sensor data.
A pointing device such as a computer mouse, joystick, or trackball, includes two principal components: a positional indicator allows movement by a user to be communicated as user positional information to an attached system (e.g., a computer system) to allow, for example, a pointer to be moved around a window or a screen of a graphical user interface; and input switches or buttons so that a user can provide selection information to the system which corresponds to a particular location to which the positional indicator has been moved. Both kinds of information are communicated through a typically small cable to the system to which the pointing device is attached. Alternatively, infrared beams and RF interfaces have also been used to allow for wireless pointing devices, particularly a wireless mouse.
Notwithstanding these devices, there is a need for additional and improved verification devices and capabilities for electronic systems, particularly those verification devices that provide for transparent continuous verification during normal user interactions with the system.
As all fingerprints are unique, which makes them ideal for personal identification. In addition, unlike passwords, PIN codes and/or smart cards, fingerprints are impossible to lose or forget, and they can never be stolen. Therefore, reading and comparing fingerprints is a reliable and widely used technique for personal identification or verification to provide a controlled access to a secured environment. In particular, a common approach to fingerprint-based user identification involves scanning one or more fingers for a fingerprint and storing the unique characteristics of the fingerprint image. The characteristics of a fingerprint may be compared to information for reference fingerprints already in a database to determine proper identification of a person, such as for verification purposes.
Prior art biometric sensors such as fingerprint sensors for reading fingerprints are known to those skilled in the art. As in most fingerprint sensors, when activated, it is desirable that the fingerprint may be properly read. For instance, a typical electronic fingerprint sensor is based upon illuminating the finger surface using visible light, infrared light, or ultrasonic radiation. The reflected energy is captured with some form of camera, for example, and the resulting image is framed, digitized and stored as a static digital image. Then, a fingerprint image and the fingerprint details may be used to determine a match with a database of reference fingerprints.
However, a fingerprint-based identification system having fingerprint sensor(s) may be fooled by an image of the fingerprint. Thus, compromising access to a secured environment. For example, presentation of a photograph or printed image of a fingerprint rather than a fingerprint from a user's finger may deceive optical sensing. Accordingly, a fingerprint sensor reading only a fingerprint may be unreliable in providing controlled access to a secured application, system, or device.
One solution includes the combination of a card bearing user information, along with sensing of the fingerprint from a user's finger to verify the identity of the card bearer. For example, fingerprint information may be encrypted onto a card so that a comparison of the information read from the card can be made to a fingerprint from a user's finger of the card bearer. Accordingly, the identity of the user and card bearer can be verified, such as for authorizing an access to a secured application. Such use of a fingerprint sensor may reduce fraud while providing access to a secured application.
A problem with this technology has been that such conventional systems are relatively complicated and require the use of a separate card reader, such as for reading a magnetic stripe carried by the card, as well as a separate fingerprint reader to obtain the fingerprint from the user's finger. Accordingly, such a dual sensor system is relatively expensive and may be complicated. Therefore, what is required is a solution that enables increased security without the expense of additional hardware.
Another problem with this technology has been that in fingerprint-based access control systems, authorization or access by an authorized person, other than the person with the matching fingerprint, can be difficult to implement using a conventional fingerprint sensor. Therefore, what is also required is a solution that provides for improved security.
One unsatisfactory approach, in an attempt to solve the above-discussed problems typically involves using a large and bulky sensor integrated with a fingerprint sensor. However, a disadvantage of this approach is that a relatively large and/or bulky fingerprint sensor results having cumbersome peripherals to carry around. Therefore, what is also needed is a solution that meets the above-discussed requirements in a more effective manner.
Heretofore, the requirements of providing more secure access to a controlled environment without compromising security and/or portability referred to above have not been fully met. What is needed is a solution that simultaneously addresses all of these requirements.