Companies and their customers seek the best of both worlds when it comes to online transactions—convenience and security. With the rise of smart phones and other mobile devices, wearable devices, Internet of Things (IoT) products, vehicles, home automation, robotics and drones, all capable of accessing and completing transactions on the internet, the need for security is growing. However, for most customers, the process of remembering a myriad of passwords for different sites and/or applications presents a burden, especially as these sites increasingly require more complex passwords or other authentication means in an effort to protect customers.
One solution to the security inconvenience problem is the use of an intermediary, trusted website to authenticate the user. Social media websites are one example of some providers of said third party authentication options. This still requires the user to login, or be logged in, to one of these intermediary sites at the time of the authentication request. While this may lower the number of passwords for the customer to remember, it also heightens the potential risk in case of cellphone or laptop theft, or hacking of one of these intermediary sites where only a password or other set of weak forms of authentication may exist.
Another solution is the use of biometric data to validate the identity of a user of a device. The advantages of biometric data as an authentication source are clear: the user is not required to remember an alphanumeric sequence or carry a token, the biometric data cannot be easily replicated, and unauthorized access to the user's protected accounts and information is prohibited. The biometric data used for matching may be on the device, or in the cloud. Each offer differing benefits in regard to speed, assurance and accuracy. The embodiments of the invention will be described with respect to fingerprints and fingerprint data, as fingerprints provide a unique and reliable biometric sample for authentication. However, one skilled in the art would understand that other biometric data could also be used with the systems and methods described, for example iris patterns, eye vein patterns, palm prints, face, DNA, etc.
Each person has a unique set of fingerprints, defined by the unique pattern of friction ridges on the surface of finger. As these friction ridges come together on a fingerprint, they form identifiable patterns that are distinctive between individuals. There is various elements of data used from the fingerprint in authenticating a user, ridge flow, ridge correlation, minutiae points, micro-minutiae points and others. Within these patterns may be a myriad of identifiable features unique to an individual such as a core, a bridge, a crossover, a bifurcation, a rod end, an island, an enclosure, or other feature. Determining whether one fingerprint matches another fingerprint requires comparison of the patterns and features of the enrollment prints to the authentication prints to determine if the user submitting the authentication is the same or different from the enrolled user. However, todays devices are incorporating smaller and smaller fingerprint sensors, which capture only a partial print, determining whether a submitted print matches a previously taken template becomes more difficult, and the chance of error increases. Either the user or service provider must sacrifice security, and accept a higher rate of error, or a user must sacrifice convenience, and provide a series of partial prints.