In many industries employees/workers share computer devices, like smart phones or tablet computers to reduce the number of devices and thus the costs for purchasing and maintaining these devices. For example, a large store can provide a pool of devices for its sales staff. A factory can provide a set of devices for each shift. In this and other scenarios, security is a very large concern. Sales staff could forget to log out before they return the device to the pool or hand it over to a co-worker. Automatic time-out mechanisms provide some protection in that regard, but this it is not enough to allow sharing of devices in areas which much higher security requirements, like government agencies, military institutions, the banking industry, to name a few.
Even if devices are not shared with employees/workers, a device can get stolen or lost, and unauthorized people could get access to the data stored on the device or retrieve it from server connections. To prevent the unauthorized use of a device at all times the identity of the user must be established at all times and if this is not the case then the device must be inoperable. This invention addresses this problem by proposing a secure pen (Smart Pen) that is the only way to operate the device and that authenticates the current user at all times while operating the device.
There are input devices with integrated finger print readers, like keyboards and mouses. But none of them allow the authentication of the user at all times. A secure application would force a user to re-authenticate using the finger print reader over and over after a perceived inactivity. In addition these devices are used on desktop or laptop computers and are usually just some of a variety of input devices on these systems. With the Smart Pen “user activity” is maintained while the user holds the input device in a natural manner, unaware in doing so.
U.S. Pat. No. 6,728,881 to Somayajulu Karamchetty describes an authorization system uses card and signature devices to provide access to a machine. The devices include capacitance grids positioned on different surface regions of the devices to convert fingerprint images of at least two fingers into electrical signals. An images processor in the device processes the electrical signals detected from the fingerprints to produce electrical images of the user's fingerprints. The devices store fingerprint information and encrypted user identification data. An authenticating processor compares the user's fingerprints detected on the capacitance grids with authorized user's previously recorded fingerprint's and the user's name and identification data to produce an authenticating signal if there is a match of the fingerprint images. Signature storage and identification can be provided to store and authenticate the uses' electronic signature.
U.S. Patent Application publication number 20130298224A1 to Mark Heilpern describes an electronic device may include a finger sensor to sense a user's finger. The electronic device may also include a processor coupled to the finger sensor to perform multiple applications, acquire finger-matching biometric data of the user's finger from the finger sensor, and authenticate the user based upon a match between the acquired finger-matching biometric data and finger-enrollment biometric data. The processor may also start a given application, from among the applications thereof, based upon the authentication. The processor may treat the authentication as valid for a threshold time period
U.S. Patent Application publication number 20080166028A1A1 to Joseph Turek describes a method and system that decreases the rejection rate in fingerprint capturing and authentication by a pressure actuated fingerprint sensing module. The biometric device for fingerprint recognition of a user comprises a fingerprint sensing module for capturing the fingerprint image of the user at a pre-specified pressure, or a pre-specified pressure range. The fingerprint sensing module comprises a fingerprint capturing module, a pressure sensing module, a sensor memory and a sensor controlling module. The fingerprint capturing module captures the fingerprint when the pressure applied by the finger reaches the pre-specified pressure, or when the applied pressure falls within the pre-specified pressure range. The pressure sensing module measures the pressure applied on the fingerprint capturing module. The sensor memory stores a pre-defined set of pressures or pressure ranges. The sensor controlling module actuates the capture of the fingerprint image at a pre-specified pressure or in a pressure range.
U.S. Patent Application publication number 20080166028A1A1 to Ronald Doyle describes a method, system, computer program product, and method of doing business by improving security of a computing device. Continuous authentication of a user of the computing device, which may be (for example) a portable or personal computing device (also known as a “pervasive computing device”), is performed. The disclosed techniques also improve the security of operations or transactions carried out with such computing devices. Biometric sensors are preferably used for obtaining identifying information from users of computing devices, and this obtained information is compared to previously-stored biometric information which identifies the legitimate owner of the device. If the information matches, then it can be assumed that this user is the device owner, and a security-sensitive transaction is allowed to proceed so long as the biometric input is uninterrupted. Otherwise, when the obtained information does not match, or when there is an interruption in the biometric input, then the device may be in the wrongful possession of an impostor. A transaction may therefore be prevented or aborted, or in other cases perhaps simply marked as suspect or not authenticated; or, it may be desirable to completely deactivate the computing device.
Although there have been several developments in technology that enhances the security of computing devices there remains a need for a smart pen system that can restrict access to security sensitive devices while continuously authenticating the user.