Security systems control access to places and data by requiring those desiring access to be identified and authenticated. Biometric security systems use biometric data, such as a fingerprint, thumbprint, or retina scan, for identification and authentication. Initially the security system registers the user by storing his biometric information. Subsequently, to gain access to the system, the user must present his biometric information to be identified and authorized by the system. The biometric information can be presented, for example, by scanning a finger or thumb or retina, or by presenting a device on which the information has been stored. A variety of products exist which capture fingerprint biometric information and compare it to previously captured biometric information stored in the security system. The stored information resides either in a database on the system's network, or on a mobile biometric device, such as a smart card, that is carried by the user. Additionally, there are mobile biometric devices that capture the fingerprint biometric information and compare it to biometric information residing on the device, and then transmit a predefined credential identifier to the system in lieu of the biometric information.
One problem with the above approaches is that, since a user's biometric information must be stored either within a database in the security system or on a device the user carries, the stored information could be stolen or altered. Another problem is that the information can only be accessed by the specific system that stores the information or the credential identifier, so that the user's biometric information cannot be shared among various systems to authenticate the user.