Credit cards and bank cheque cards as currently used by many millions of people carry information relating to the user in machine readable form, usually in the form of one or more magnetic stripes or other recording medium on or in the card carrying binary or other coded information thereon. This provides a simple method for identifying the account to which a transaction relating to that card is to be debitted. However, there is no means contained in the card for verifying that the person presenting the card is the true owner of the card, other than the signature of the card holder. Such a signature can readily be copied with sufficient accuracy to satisfy the cursory inspection usually given to such signatures at the location of use. It is thus possible for a thief to use a stolen card for a period of time as if he were the true owner thereof. Losses due to theft and fraud of credit cards currently runs at many millions of pounds per annum.
Many attempts have been made to personalise credit and other cards so that it is possible to verify that the person presenting the card is the true owner. Such proposals have in general required the incorporation of a secret code within the magnetic strip or some other medium carried by the card which the presenter has to identify correctly when using the card. For example, bank cards require the identification of a special number (the PIN number) before the card can be accepted. However, many users carry their PIN number written down on a cheque book or the like which they carry with their cheque card to act as an aide memoire, notably where they use more than one bank or credit card. When the card is stolen, the PIN number often becomes available to the thief and he can thus present the card as if he were the true owner. The more complex the PIN or other code to be identified, the greater the security against a thief randomly picking the correct code; but the more likely it is that the owner will carry some form of aide memoire. Furthermore, the use of a PIN number is only possible where the number can be verified on site when the card is presented. This effectively limits the use of the PIN number to locations either linked to the central location from which the PIN number was issued, for example to banks which are linked via a data transmission network, or to locations having means for keying in data on the PIN number and verifying that against the card. Many locations, e.g. retail stores or garages, do not have these facilities.
It has been proposed to use a photograph of the card user as a supplement to or in place of the PIN number on a card to increase the security thereof, but sophisticated photographic and other techniques have enabled acceptable forgeries to be produced readily. Furthermore, verification of the identity of the presenter's photograh is again often cursory.
It has also been proposed to incorporate coded information e.g. in binary coded form, about the person's fingerprint on the card and to compare this information with a corresponding record held in a data base. In one form of such a proposal, the whole of the fingerprint image is stored upon the card and when verification is required it is necessary to display both the presenter's fingerprint and the print extracted from the record on the card for visual comparison. In an attempt to mechanise the comparison of the fingerprint with the stored data, it has been proposed to store the data either on site at the location where identification is required or at a remote location which is accessed from the verification site. In the former case, the amount of data required to enable identification to be carried out means that records of only a few people can be stored on site. Where a remote data store is used, this can store data for a large number of people, but the verification time is then far longer than members of the public would accept and, again, the system is of use only at those locations which have access to the remote data base.
It has also been proposed to record only some of the data relating to the identity, orientation and position of certain characteristics of a person's fingerprint on the card and to compare that with the corresponding finger print presented by the user. Whilst this may reduce the amount of data required to be stored on the card, the accuracy of that method is stated by one source to be as low as 2%, making it unacceptable for many commercial operations unless it is supplemented by some other form of identity check carried out at the same time.
The need to relate the identity of a person to a document purporting to identify or relate to that person arises in a wide number of other circumstances, for example to control access to high security areas in buildings, at polling stations during elections, at immigration checks at air ports and the like, and in general at any location where a lock mechanism is used to prevent unauthorised access to a locus or use of a device. The need for a simple and accurate method for identifying or relating a person to a document or other object is thus widespread and of increasing importance. So far, despite all the previous proposals, no satisfactory solution to the problem has been proposed.
I have now devised a system by which the identity of a person can be rapidly and accurately verified or related to a document or other thing presented by that person, but which can be adapted for use wherever such relation or verification is required without the need for a complex and costly data base either on site or at a remote location. Furthermore, since the information used in the verification is based on physical characteristics of the person's body, notably the ridge pattern on his finger, the user does not have to carry any PIN number or other aide memoire.