In the relevant art, biometry is accomplished using conventional client/server models in which a biometric sample is obtained using a biometric scanner attached to a local client, initially extracted and pre-processed by the local client and the processed result sent to a server for additional processing and verification. An example of a biometric authentication system is disclosed in U.S. Pat. No. 6,256,737, to Bianco, et al. The initial sample extraction performed by the client typically converts a grayscale or color image into a smaller digital output file. The digital output file is then processed using a biometric template by obtaining data points from one or more predefined regions of the digital output file which is then compared against a stored reference.
The biometric template is divided into a public portion and a private portion. The public portion of the template is generally used to determine the quality of the biometric sample, correct variations in sampling geometry and to extract data points for comparison against the data points contained in the private portion of the template. The reference data points included in the private portion of the biometric template are obtained during an initial enrollment session using equivalent biometric templates and processing algorithms.
The private template portion requires security measures equivalent to or greater than those used to protect a personal identification number (PIN.) As such, a user's biometric template is generally stored in a biometric database associated with a remote authentication server rather than storing a user's biometric template locally. Use of the client for storage of biometric templates or performing verifications is strongly disfavored since a surreptitiously installed rogue application could be used to track data points that result in successful verifications eventually leading to determination of the data points comprising the private template.
In the relevant art, to access a system or resource, an enrolled user provides a biometric sample which is sent to the remote authentication server, processed and used to query the biometric database using a one-to-many relationship. Biometric identifications systems deploying architectures of this type are processing intensive and could become a bottleneck to authentication as the sophisticated processing requirements for biometric authentication may result in access delays when the authentication server receives a large number of access requests in a short period of time, such as would occur at the start of a work day or shift change.
To overcome some of these limitations, a recent innovation stores the biometric template within the secure domain of a security token such as a smart card. An example of which is disclosed in U.S. Pat. No. 6,311,272 to Gressel. The security token securely maintains the biometric template and attempts an initial one-to-one match using the received digitized sample data from the client. This innovation provides more of a distributed processing approach, which alleviates to some extent the processing requirements of a server-based biometric authentication system.
However, due to limitations in available storage space and processing power, the use of a security token alone could result in higher false rejection rates than would be obtained using the greater processing capabilities available on a client/server based biometric authentication system. In addition, the limited processing capabilities makes the security token alone more susceptible to distortions introduced into the biometric sample from a new scar, cut, burn, dirt, skewed sample image, degraded scanner membrane, etc. Furthermore, many security tokens include a maximum number of attempts before a lockout occurs as an additional security feature. Repeated verification failures may be counted toward the lockout, increasing administrative overhead and negatively impacting work productivity.
Thus, it would be highly desirable to have a biometric verification system, which incorporates the robust security features inherent in security tokens and the additional processing capabilities available using a server but is not reliant on a vulnerable client to perform sensitive verification transactions, retains the heuristics of the security token and avoids to the extent possible repeated biometric sampling attempts by the user.