The present invention relates generally to systems and techniques for accurately and reliably identifying a specific individual to enable a secure transaction to be conducted by or with the individual. More particularly, the invention relates to improved systems and techniques for uniquely identifying an individual for secure access to the individual""s personal information or to the sensitive information of an organization or thing with which a transaction is to be conducted by or with the individual.
Rapid advancement of computer technology has led to smaller devices, capable of storing and manipulating increasingly greater amounts of data, at faster speeds. Computer and computer network advances likewise have led to their increased usage in conducting transactions between individuals and organizations or institutions, from banking to credit and debit purchasing to personal data transfer and so forth. Transactions may be conducted by an individual directly with a specific organization by dial-in to the particular organization""s computer network phone number where available, or by use of a more general computer network such as the Internet, where huge numbers of worldwide web (www) pages are available to enable individual call-up and communications, including transactions, to take place via computer modem and Internet access provider facilities. Other transactions may be conducted on a more personal basis, such as by insertion of an identification card (e.g., a so-called xe2x80x9csmart cardxe2x80x9d containing one or more integrated circuit chips) to make purchases or to gain access and entry to a facility, or by entering a preselected personal identification number (PIN), or by simply pressing a button. To provide and maintain appropriate security in completing the transaction, it may be essential for the system to assess and verify the identity of the individual seeking entry or access, which may necessitate the use of sophisticated fingerprint or ophthalmic (e.g., iris) identification techniques.
Clearly, in some instances neither the individual nor the organization or other entity or thing involved in a transaction is concerned about matters of security of information sought or obtained in the course of the transaction. For example, airlines desire to make information regarding flight schedules, airport terminals and air fares between cities readily available to actual and potential customers over the Internet through a specific web site, and the individual customer is generally fully prepared to furnish name, address and telephone/facsimile (fax) number information through that medium to enable receipt of communications from the airline. As another example, each driver of a vehicle may be able to pre-program his or her seat adjustment preferences so that by simply pushing a button an automatic readjustment is made to one""s personal preferences after the car has been driven by another driver, and neither any driver nor the vehicle itself xe2x80x9ccaresxe2x80x9d that anyone can select any of the pre-programmed settings. In many instances, however, it is desirable to be considerably more discreet, and indeed, to practice great security in supplying or allowing access to sensitive information in pursuit of or in the course of a transaction.
The term xe2x80x9ctransactionxe2x80x9d is generally used throughout this patent application in the broad sense of a communicative action or activity involving two parties or things, or a party and a thing, that reciprocally affect or influence each other, or that unilaterally affects or influences the other. Thus, a transaction may be a prelude for an individual to gain entry (i.e., be permitted access) to a secure area, such as that within a company or a governmental agency, or an airport security gate, for example, or the carrying out of a transfer of money such as the withdrawal of cash from an automated teller machine (ATM) or the payment of a bill by debiting one""s bank account, or the delivery of sensitive information such as personal information of the user or confidential business information of an organization, or the reliable identification of a particular patient in a hospital without resort to the wearing of an identification bracelet, to cite a few examples without limitation.
Beyond merely limiting access to computer data and networks, security control is a major issue in all aspects of an organization""s research and development and know-how information, and in the sensitive personal property of individuals. While security checks that involve the use of identification cards that carry embedded integrated circuit chips or magnetically coded information are quite common, higher levels of security require more sophisticated personal identification techniques which are highly personal to the individual, such as the aforementioned fingerprint or handprint or iris comparison and matching techniques, to identify authorized users. And as noted above, personal identification may also be used to transmit or automate certain personal preferences or settings in the everyday use of appliances or machinery such as television and stereo channel or band or related selections, computer and software settings and selections, telephone settings, automobile settings such as remote entry and seat adjustments, remote garage door opening commands, and so forth.
In some instances, the need to provide the information required for access or entry, whether by placing a finger on a sensing mechanism, or by entering a PIN number or a card number, or by inserting a smart card into a slot, is viewed by the user as an annoyance or an imposition despite a recognition that security may be important if not essential. If the user has forgotten a PIN number among a multitude of PIN numbers used for various institutions, access will be denied. On the other hand, use of a single PIN number for a multitude of potential transactions, or keeping a record of PIN number(s) in one""s wallet or purse, can allow penetration and carrying out of otherwise secure transactions by an unauthorized person who has obtained access to that information by theft, including computer hacking.
It would clearly be desirable to provide advanced systems and techniques for personal identification which are installed and operated reliably, quickly, efficiently, inexpensively, safely, and with relative simplicity, and which are less intrusive or physically interactive, in comparison to presently used and heretofore proposed personal identification systems and techniques. Certainly, the capability of a security system to distinguish one individual from another and to recognize or identify a specific individual without the need for complex hardware and/or software is a worthy goal.
It is a principal aim of the present invention to provide such advanced systems and techniques for personal identification in situations where virtually any level of security may be required or desired, but where the highest levels of security may require an additional system or method of verifying the identity of the individual seeking entry into or access to a transaction.
The present invention is directed toward a personal identification system which utilizes electrical characteristics or properties of the human body to enable transmission of encoded electrical or electronic signals to identify and recognize the individual or a code selected by the individual, for security purposes. The body transmission system is sometimes referred to herein as the xe2x80x9cbody link.xe2x80x9d
In broad terms, the present invention resides in a personal identifier for a security system, in which the identifier includes a coded signal generating device adapted to be carried on the body of a person identified thereby, and which utilizes the body of the person carrying the device as a transmission link for the coded signal generated thereby, to interact with an identity recognition system. The body utilization is achieved by coupling the coded signal to the electrical conductivity (or impedance) circuit of the user""s body. The invention may alternatively be viewed in the broad context of a personal identifier for authorizing secure transactions, in which a personal identification generator is adapted to be worn in direct physical and electrical contact with the body of the wearer, to interact by touch of the wearer with an identity recognition system, and in which a personal identification signal of the generator is communicated to the recognition system through a transmission link provided by the body""s electrical conductivity.
More particularly, according to the invention a system of personal identification selectively and automatically enables a specified operation or transaction to be performed according to preset instructions, by means of a transmitter adapted to be worn on the body of a person. The transmitter is implemented to transmit an electrical signal that uniquely identifies its origin for reception by a recognition system adapted to perform the specified operation upon recognition of said origin as an authorized mandate. Means are provided for maintaining the transmitter in close physical and electrical contact with the body of the wearer so that the body acts as a transmission link for the signal. The latter means is preferably an article commonly worn on the body, such as a wristwatch or other article of jewelry, suitable for housing the transmitter. A wristwatch is most preferred because the transmitter is battery powered, and a wristwatch typically employs a battery which may be used to power the transmitter. Other commonly worn articles that may be fashioned to incorporate the transmitter include a finger ring, a bracelet, a necklace, a pendant, or an amulet, which are cited by way of example and not of limitation.
Alternatively, the means for maintaining the transmitter in close physical and electrical contact with the body of the wearer may conveniently be an article which serves as an aid to one of the human senses of the wearer, such as a pair of eyeglasses, and more specifically the metal frame of the eyeglasses, or a metal surface of a hearing aid. Still another alternative is to incorporate the transmitter into a hermetically sealed metal case adapted to be implanted in the body of the wearer.
The transmitter is adapted to allow selective encoding, preferably digital encoding, of the signal to provide the unique identification of origin. To conserve battery energy, means may be provided for automatically activating and deactivating the transmitter rather than allowing it to operate continuously. For example, a detector may be used to sense when the body of the wearer is positioned to provide a transmission link to the recognition system, e.g., when the wearer touches an electrical contact with his finger, which inputs the signal to the recognition system. In a preferred embodiment, a predetermined minimum change in electrical impedance of the transmission link is produced by the touching, which indicates the establishment of an electrical connection to the recognition system, and the sensing of at least this change initiates activation of the transmitter. Similarly, a predetermined minimum change in electrical impedance of the transmission link after activation may be sensed as indicative of termination of the electrical connection to the recognition system, and used to initiate deactivation of the transmitter. Alternatively, the transmitter may be deactivated automatically upon passage of a predetermined time interval following activation of the transmitter, i.e., when a timer which is part of the transmitter circuit times out.
To provide a microminiature transmitter and related circuitry, it is preferably implemented in integrated circuit form by the use of conventional semiconductor processing and fabrication techniques. This enables the device to be produced in a size that is readily fitted within even a relatively small article of jewelry such as a finger ring, which can also accommodate the battery, and which further assures that a metal surface of the article that conducts the transmitted signal is in close physical and electrical contact with the wearer""s body.
In a method according to the invention for automatically performing a transaction upon recognition of the identity of a user as being authorized to enter into the transaction, an electrical signal transmission unit is provided to be worn on the body of the user by incorporating said signal transmission unit into a wearable article that makes firm electrical and physical contact of the signal transmission unit with the body, so that a signal generated by the signal transmission unit will be broadcast throughout the body via a communication link created by the natural electrical conductivity of the body. The generated signal is encoded, preferably digitally, in a manner to identify a selected unique descriptor of the user. An identity recognition system related to the transaction to be performed is provided for interacting with the signal transmission unit, and has an electrical contact surface through which the encoded generated signal is inputted to the identity recognition system when touched by the user""s body (e.g., a finger) while wearing the article. This allows the selected unique descriptor to be evaluated by the identity recognition system to verify authorization for the transaction to be performed.
In the method, the signal generator is activated only upon each new touching of the electrical contact surface of the identity recognition system by the user""s body, and is deactivated after the encoded generated signal has been evaluated.
The transaction to be performed may be any of various commonly encountered types in which some level of security is desired or required. The security requirement may be of a minimum level which is satisfied by merely assuring that the transmitter wearer is initiating the transaction with the identity recognition system. That is, it may be sufficient that an encoded signal alone which is among those that can be recognized is detected by the recognition system, which will occur if the electrical contact for the recognition system is touched by the transmitter wearer, to initiate the transaction or operation that has been programmed into a related unit. At a considerably higher level of security, it may be necessary or desirable to engage in a further verification (i.e., beyond the detection of a recognizable encoded signal) that the wearer is indeed the person (or among a class of persons) authorized to initiate the transaction sought to be performed.
An example of the types of transactions which may be initiated and performed upon recognition of a personal ID, which may be as simple as a PIN number selected by the user or as complex as a numerical sequence that is pre-programmed as the code carried by the signal to describe a particular characteristic or feature of the user or of completely arbitrary format, include allowing access to a restricted area containing sensitive information for selective retrieval therefrom. Other examples are the allowing of access to a computer and to a software program therein; or the selection of a pre-programmed routine constituting a personal preference of the identified user; or the selection of a program preference of the identified user from among the programs available on a broadcast entertainment set; or the selection of at least one among a plurality of electro-mechanical settings constituting personal preferences of the identified user in a vehicle; or the keyless unlocking or opening of a door (a vehicle door, a front door of a house, a garage door, etc.); or the identification of the identified user as a patient in a health care facility such as a hospital, clinic, surgical center, treatment center, rehabilitation center or doctor""s office, to verify scheduling of procedures designated to be carried out on or for the identified user, and to enable retrieval of personal data from computer records for the identified user.
In the method of the invention, each new touching of the electrical contact surface which is part of the identity recognition system by the wearer initiates a mutual exchange of information between the signal transmission unit and the identity recognition system. For example, this may begin as a xe2x80x9chandshakexe2x80x9d procedure which is indicative of the initial verification of the coded signal. As noted above, if the transaction involves a heightened level of security, the identity of the user may be subjected to additional scrutiny with a higher order identity recognition system. Nevertheless, an advantage of the present invention is that such additional verification can be performed concurrently with the step of evaluating the unique descriptor within the coded signal by a single comparison of the two, to eliminate a need for multiple comparisons of a series of physical characteristics of the user relative to a data base of such characteristics. Examples of conventional higher order identity recognition systems include fingerprint, iris or voice detection.
Accordingly, it is another broad aim of the invention to provide a system and method for allowing one to initiate and even complete a transaction automatically through the mere touching of a single electrical contact pad, which, by that medium alone, recognizes the entry of a code that personally identifies the user as being an authorized user, including one among a multiplicity of persons in a class of authorized users.
A more specific aim of the invention is to provide a wearable device that generates an encoded signal which is transmitted through the body itself as a communication link so that when the user touches a contact pad associated with an identity recognition system, the encoded signal is evaluated to initiate (or reject) a desired transaction.