The use of personal devices to store user information for electronic transfer between a source and the owner of the personal device is commonplace. The most common form of such a personal device is a credit card that stores information relating to the user's financial details such that by merely transferring information between the credit card and a merchant, a financial transaction can be completed without the need for any physical exchange of money between the user and the merchant.
Similarly, many passports contain electronic chips which store personal information about the passport holder which can be simply exchanged between an appropriate reading device at a passport checking station to receive and review the personal information about the passport holder. Such a transfer of information is both convenient and simple so as to greatly improve processing of passport holders at airports and other appropriate checking stations.
The ability to store a variety of personal information conveniently on a personal device, such as a card, provides for a convenient and simple system for exchange of information between parties. However, such systems also increase the potential for such personal information to be easily acquired and used by other parties without the owner's knowledge or authorisation. This is commonly referred to as identity theft and enables other parties who acquire the personal information of the card owner to use this information to access the card owner's bank account details or similar private possessions and engage in criminal activity.
A variety of solutions have been proposed to make personal devices, such as credit cards, more secure and prevent identity theft. Such solutions have incorporated the provision of passwords in association with the devices such that the device can only be used after they are activated by the entry of a unique code or password. Similarly, some devices have also incorporated the provision of a sensor device to obtain a biometric reading from the user, such as a fingerprint reading, which can be compared with a stored biometric reading to determine whether the user is authorised to use the card.
The present Applicant has proposed an improved means for using biometric information to prevent fraud in the usage of smart cards and the like in their co-pending International PCT Patent Application No. PCT/A112013/000834. This application discloses an improved method for controlling the exchange of information and activating the card upon determination of a match between the biometric information detected and that stored within the device.
A problem with most existing systems that read biometric information in order to validate a transaction is that they typically employ fingerprint reading technologies that can be simply bypassed or circumvented to access the data. Thus there is a need to provide a more secure means for obtaining a variety of different biometric information from a user to validate the user so as to prevent unauthorised access to information.
The above references to and descriptions of prior proposals or products are not intended to be, and are not to be construed as, statements or admissions of common general knowledge in the art. In particular, the above prior art discussion does not relate to what is commonly or well known by the person skilled in the art, but assists in the understanding of the inventive step of the present invention of which the identification of pertinent prior art proposals is but one part.