The present invention concerns apparatus and methods for controlling access to activation of quite varied instrumentalities, for the purpose of allowing such access for only authorized persons. More specifically it concerns such a system for quickly, easily and automatically controlling authorized person access to a very wide variety of instrumentalities which a user may wish to activate, including, for example, electronic financial account systems, confidential data storage systems, electric appliances, and numerous other items of personal property, including, for example, vehicles, electronic door locks, and firearms.
In recent years there has been a great increase in criminal and fraudulent activities involving counterfeiting of personal identity, including, for example, credit card fraud, use of stolen or counterfeited bank checks, and other schemes by which a seller of goods or services, or a bank or other financial institution, is deceived as to the identity of a person to whom a sale is made, or to whom funds are provided.
Though sellers and banks often require a buyer to produce photographic identification, particularly in face-to-face sales transactions where checks are given or credit cards are used, or where checks are cashed, an increasing number of criminals have obtained equipment allowing production of authentic-looking but counterfeit photographic personal identification documents, e.g. counterfeit drivers licenses, in which a photograph of the criminal is accompanied by valid identifying information about another person. And opportunities for fraud and criminal acts are even greater where no face-to-face transaction occurs, e.g. in use of credit cards to charge items ordered by phone. Criminals have often obtained credit card numbers and other valid identifying information on card holder fraud victims in varied ways, e.g. by stealing mail containing credit card bills or payments.
Conventional identification numerical codes, e.g. social security numbers and bank account numbers, offer no real security, for authentication of one's identity. One's bank account number is inherently disclosed to all of the persons and firms to whom one issues checks, and thus may easily come into possession of a criminal who prepares counterfeit checks. And one's social security number is also widely known, and generally accessible to anyone with a computer and internet access.
Though it is a fairly common practice to require that a person desiring to make a financial or sales transaction first manually input a personal identification number (“PIN”) into an apparatus of the financial system involved, the use of PINs has serious disadvantages. Many people have difficulty in remembering PINs, and so it is a common practice for PINs to be written on cards carried in wallets or purses, so that the PINs are accessible to unauthorized persons if these are lost are stolen. Or, when a customer enters a PIN in a terminal at a sales counter in a crowded store when making a purchase, sales persons or other customers may be able to observe the entry so as to learn the PIN. So, there is a serious security problem in use of the PIN approach for identity authentication. And, there are applications for the present invention, detailed below, in which even the brief time delay required for manual entry of a PIN may have serious disadvantages—in at least one case a literally fatal disadvantage.
Clearly there is a growing need for a very secure system, an apparatus and method, always available to an authorized person when he/she desires a transaction, to allow only that person to quickly and automatically activate a financial or other instrumentality which is to perform a useful function for that person.
The useful applications of such a system go far beyond use in sales or other financial transactions, and cover also a very wide variety of non-financial instrumentalities which the authorized person may regularly activate. For example, any item of personal property which performs some useful or desirable function, could be made subject to activation by only an authorized person, by such a system. Examples could include, but are not limited to motor vehicles, firearms, electric appliances, electric locks, sound systems, television sets, cameras, tape recorders, camcorders, and VCRs.
In order to be operable only by the authorized person through use of such a system, an instrumentality needs to itself possess one key element of the system, which might be generally described as “smart means”, for recognizing personal identity authentication information to be provided by other elements of the system, and for allowing activation of the instrumentality only by the authorized person.
There is a need for such a system which may be used with any “smart” item of functional personal property, for a reason going far beyond the need to reduce criminal and fraudulent activity in financial transactions: All such items of smart personal property will be useless to thieves, because they simply will not function as intended after theft. So, as more and more items of personal property are manufactured and marked as being smart items, such a system offers the real possibility of eliminating the theft of all such items of functional personal property.
The need that such a system be always available to the authorized person, and the security need, are both served, in the present invention, by the approach of using a Personalized Authenticated Controller means apparatus (hereafter “PAC”), which authenticates identity of the authorized person and communicates with the smart instrumentality through a communication means, and using a PAC of a form which, in some versions of the invention, may be worn by the user, in contact with his body. Note that the term “his” is used only for brevity herein with reference to a user, without any intended limitation as to user gender.
The security need is met, with redundancy, by two features of the invention. In forms of the invention used by having the user make hand contact with the smart instrumentality, the communication means, allowing communication of identity authentication information between the PAC and the smart instrumentality, is, in one form of the invention, a means for allowing wave communication entirely through body tissues of the user, so that such communications may not readily be observed or interfered with by others.
And, in case the worn form of the PAC is removed from contact with the user's body, e.g. in being temporarily removed for bathing, another and redundant security feature is that the PAC includes means to both sense said removal and require re-authentication of identity when the PAC is once again in contact with a person's body.
The security need is also met, with redundancy, by use of a PAC which has means to continually determine that the PAC is worn by the user, e.g. by continually sensing unique identifying body characteristics of the user, e.g. retinal patterns, and/or periodically requiring the user to enter identifying information. This feature offers redundancy in relation to the means for sensing removal of the worn form of PAC and requiring re-authentication of identification after removal, since it will alternatively serve the security need even if there is a malfunction of, or intentional defeat of, the means for sensing removal of the PAC from the user's body.
Another security advantage of the invention is that the authorized person identity authentication signal, sent by the PAC to the instrumentality, will be a signal which will not contain the information which was received by the PAC from the user and used by the PAC to determine that the user is the authorized person. So, e.g., if the user enters a code number into the PAC, that code number never leaves the PAC.
The need for speed in allowing the user to activate the smart instrumentality is met by the present invention, because the PAC continually has the ability to instantly inform the smart instrumentality, at any time, not only that the user has issued an activation command for activation of the smart instrumentality, but also that he is the authorized person, rather than an unauthorized person. Serving the need for speed of identity authentication and smart instrumentality activation is particularly important in the case of such a system for use with a smart handgun. The smart handgun of course offers the great safety advantage that it may not be fired by the owner's child, or by an intruder who seeks to use it against its owner. But if the owner, wearing the PAC, picks up the smart handgun to defend his family against an intruder, the weapon may be fired immediately by the owner, who may thereby save lives of himself and family members. If the owner had to first enter a PIN into an apparatus, to activate the smart handgun, that small time delay might well be fatal to the owner, against an armed intruder.
The need for quick and automatic operation of the present invention, as well as the security need, is served in forms of the invention in which there is no PIN or other identifying information for the user to remember and reenter into the PAC, through inclusion in the PAC, of means to automatically sense unique personal identifying body characteristics of the user, e.g. fingerprint or retinal patterns, or the user's voice profile. In other forms of the invention however, for which it is expected that periodic reentry of PIN or similar identifying information will not pose a problem, the PAC will periodically require re-authentication of identity by such means, but the PAC will, after each such reentry and until the next time reentry is required, remain instantly ready for activation of the smart instrumentality by the authorized person.
Finally, other less restrictive embodiments of the present invention would be suited to specialized needs as well as to transitional adaptation of the concepts and devices. For example, a simpler non-worn but handheld PAC, designed to emit a single authorized person identity authentication signal upon each authentication, could be used to transmit verification of this authentication in order to complete a single transaction. Such a PAC would be suitable for non time-critical occasional uses, but, most importantly, would represent the most rapid pathway of development to make possible secure and authenticated financial transactions and in particular secure and authenticated transactions over the internet. Such a PAC could be built into a personal computer, a computer keyboard, installed between a keyboard and a computer, built into a computer mouse (a natural form for a fingerprint reader), installed between a mouse and the computer, built into the computer motherboard, or built into the computer processor itself.