The present invention concerns apparatus and methods for controlling access to activation of quite varied instrumentalities, for the purpose of allowing such access for only authorized persons. More specifically it concerns such a system for quickly, easily and automatically controlling authorized person access to a very wide variety of instrumentalities which a user may wish to activate, including, for example, electronic financial account systems, confidential data storage systems, electric appliances, and numerous other items of personal property, including, for example, vehicles, electronic door locks, and firearms.
In recent years there has been a great increase in criminal and fraudulent activities involving counterfeiting of personal identity, including, for example, credit card fraud, use of stolen or counterfeited bank checks, and other schemes by which a seller of goods or services, or a bank or other financial institution, is deceived as to the identity of a person to whom a sale is made, or to whom funds are provided.
Though sellers and banks often require a buyer to produce photographic identification, particularly in face-to-face sales transactions where checks are given or credit cards are used, or where checks are cashed, an increasing number of criminals have obtained equipment allowing production of authentic-looking but counterfeit -photographic personal identification documents, e.g. counterfeit drivers licenses, in which a photograph of the criminal is accompanied by valid identifying information about another person. And opportunities for fraud and criminal acts are even greater where no face-to-face transaction occurs, e.g. in use of credit cards to charge items ordered by phone. Criminals have often obtained credit card numbers and other valid identifying information on card holder fraud victims in varied ways, e.g. by stealing mail containing credit card bills or payments.
Conventional identification numerical codes, e.g. social security numbers and bank account numbers, offer no real security, for authentication of one""s identity. One""s bank account number is inherently disclosed to all of the persons and firms to whom one issues checks, and thus may easily come into possession of a criminal who prepares counterfeit checks. And one""s social security number is also widely known, and generally accessible to anyone with a computer and internet access.
Though it is a fairly common practice to require that a person desiring to make a financial or sales transaction first manually input a personal identification number (xe2x80x9cPINxe2x80x9d) into an apparatus of the financial system involved, the use of PINs has serious disadvantages. Many people have difficulty in remembering PINs, and so it is a common practice for PINs to be written on cards carried in wallets or purses, so that the PINs are accessible to unauthorized persons if these are lost are stolen. Or, when a customer enters a PIN in a terminal at a sales counter in a crowded store when making a purchase, sales-persons or other customers may be able to observe the entry so as to learn the PIN. So, there is a serious security problem in use of the PIN approach for identity authentication. And, there are applications for the present invention, detailed below, in which even the brief time delay required for manual entry of a PIN may have serious disadvantagesxe2x80x94in at least one case a literally fatal disadvantage.
Clearly there is a growing need for a very secure system, an apparatus and method, always available to an authorized person when he/she desires a transaction, to allow only that person to quickly and automatically activate a financial or other instrumentality which is to perform a useful function for that person.
The useful applications of such a system go far beyond use in sales or other financial transactions, and cover also a very wide variety of non-financial instrumentalities which the authorized person may regularly activate. For example, any item of personal property which performs some useful or desirable function, could be made subject to activation by only an authorized person, by such a system. Examples could include, but are not limited to motor vehicles, firearms, electric appliances, electric locks, sound systems, television sets, cameras, tape recorders, camcorders, and VCRs.
In order to be operable only by the authorized person through use of such a system, an instrumentality needs to itself possess one key element of the system, which might be generally described as xe2x80x9csmart meansxe2x80x9d, for recognizing personal identity authentication information to be provided by other elements of the system, and for allowing activation of the instrumentality only by the authorized person.
There is a need for such a system which may be used with any xe2x80x9csmartxe2x80x9d item of functional personal property, for a reason going far beyond the need to reduce criminal and fraudulent activity in financial transactions: All such items of smart personal property will be useless to thieves, because they simply will not function as intended after theft. So, as more and more items of personal property are manufactured and marked as being smart items, such a system offers the real possibility of eliminating the theft of all such items of functional personal property.
The need that such a system be always available to the authorized person, and the security need, are both served, in the present invention, by the approach of using a Personalized Authenticated Controller means apparatus (hereafter xe2x80x9cPACxe2x80x9d), which authenticates identity of the authorized person and communicates with the smart instrumentality through a communication means, and using a PAC of a form which, in some versions of the invention, may be worn by the user, in contact with his body. Note that the term xe2x80x9chisxe2x80x9d is used only for brevity herein with reference to a user, without any intended limitation as to user gender.
The security need is met, with redundancy, by two features of the invention. In forms of the invention used by having the user make hand contact with the smart instrumentality, the communication means, allowing communication of identity authentication information between the PAC and the smart instrumentality, is, in one form of the invention, a means for allowing wave communication entirely through body tissues of the user, so that such communications may not readily be observed or interfered with by others.
And, in case the worn form of the PAC is removed from contact with the user""s body, e.g. in being temporarily removed for bathing, another and redundant security feature is that the PAC includes means to both sense said removal and require re-authentication of identity when the PAC is once again in contact with a person""s body.
The security need is also met, with redundancy, by use of a PAC which has means to continually determine that the PAC is worn by the user, e.g. by continually sensing unique identifying body characteristics of the user, e.g. retinal patterns, and/or periodically requiring the user to enter identifying information. This feature offers redundancy in relation to the means for sensing removal of the worn form of PAC and requiring reauthentication of identification after removal, since it will alternatively serve the security need even if there is a malfunction of, or intentional defeat of, the means for sensing removal of the PAC from the user""s body.
Another security advantage of the invention is that the authorized person identity authentication signal, sent by the PAC to the instrumentality, will be a signal which will not contain the information which was received by the PAC from the user and used by the PAC to determine that the user is the authorized person. So, e.g., if the user enters a code number into the PAC, that code number never leaves the PAC.
The need for speed in allowing the user to activate the smart instrumentality is met by the present invention, because the PAC continually has the ability to instantly inform the smart instrumentality, at any time, not only that the user has issued an activation command for activation of the smart instrumentality, but also that he is the authorized person, rather than an unauthorized person. Serving the need for speed of identity authentication and smart instrumentality activation is particularly important in the case of such a system for use with a smart handgun. The smart handgun of course offers the great safety advantage that it may not be fired by the owner""s child, or by an intruder who seeks to use it against its owner. But if the owner, wearing the PAC, picks up the smart handgun to defend his family against an intruder, the weapon may be fired immediately by the owner, who may thereby save lives of himself and family members. If the owner had to first enter a PIN into an apparatus, to activate the smart handgun, that small time delay might well be fatal to the owner, against an armed intruder.
The need for quick and automatic operation of the present invention, as well as the security need, is served in forms of the invention in which there is no PIN or other identifying information for the user to remember and reenter into the PAC, through inclusion in the PAC, of means to automatically sense unique personal identifying body characteristics of the user, e.g. fingerprint or retinal patterns, or the user""s voice profile. In other forms of the invention however, for which it is. expected that periodic reentry of PIN or similar identifying information will not pose a problem, the PAC will periodically require re-authentication of identity by such means, but the PAC will, after each such reentry and until the next time reentry is required, remain instantly ready for activation of the smart instrumentality by the authorized person.
Finally, other less restrictive embodiments of the present invention would be suited to specialized needs as well as to transitional adaptation of the concepts and devices. For example, a simpler non-worn but handheld PAC, designed to emit a single authorized person identity authentication signal upon each authentication, could be used to transmit verification of this authentication in order to complete a single transaction. Such a PAC would be suitable for non time-critical occasional uses, but, most importantly, would represent the most rapid pathway of development to make possible secure and authenticated financial transactions and in particular secure and authenticated transactions over the internet. Such a PAC could be built into a personal computer, a computer keyboard, installed between a keyboard and a computer, built into a computer mouse (a natural form for a fingerprint reader), installed between a mouse and the computer, built into the computer motherboard, or built into the computer processor itself.
The invention is an apparatus and method for allowing only an authorized person to immediately activate varied instrumentalities which may include, without limitation, financial transaction systems, motor vehicles, electric appliances and firearms.
Said apparatus has a personalized authenticated controller means (xe2x80x9cPACxe2x80x9d), comprising, in various claims, combinations of the following elements: a user information input means, for allowing input of information into said PAC; a data storage means, for storing data received by said PAC; a PAC microprocessor means, communicating internally with all PAC components, for transferring and formatting data, said PAC microprocessor means further comprising an authorized person identification means, communicating with said data storage means, for continually determining whether said user is said authorized person, through analysis of the most recently received data identifying said user and through comparison of same with reference data identifying said authorized person; and for providing for output from said PAC, of an authorized person identity authentication signal, if and only if said user is said authorized person.
In various claims said PAC further comprises an instrumentality activation means, for allowing said user to send an instrumentality activation signal to said instrumentality, indicating that said user wishes for said instrumentality to carry out said action; a user information output means, for allowing output of information from said PAC; a wearing means, for allowing said user to wear said PAC in contact with said user""s body; a personal characteristics sensor means, for sensing unique identifying personal characteristics of said user, and for communicating data representing said characteristics to said data storage means; and a removal sensor means, communicating with said wearing means and said data storage means, for sensing removal of said PAC from said body of said authorized person and for communicating a removal signal indicative of said removal into said data storage means, and wherein said authorized person identification means further comprises means for determination of whether any said removal signal has been received into said data storage means after receipt of the most recent data identifying said user as said authorized person.
Said apparatus also has a communication means, for sending communications between said PAC and said instrumentality, which communications may be, without limitation, by wave communications of electromagnetic or sound waves; said communication means having, in some claims, communications security means, for reducing the risk of any unauthorized detection of or interference with said communications, which security means may include means for sending said communications through a path passing entirely through a portion of said user""s body, where the portion of said instrumentality receiving said communications is covered by a portion of said user""s body at the end of said path distal from said portion of said user""s body in contact with said PAC, as where said instrumentality is in contact with said user""s hand; and which security means may alternatively or additionally include means for encryption of said communications.
Said apparatus also comprises, in said instrumentality capable of performing action desired by said user, a portion of said instrumentality comprising an authorized person recognition means, communicating with said PAC through said communication means, for allowing activation of said instrumentality upon receipt of said instrumentality activation signal if and only if said PAC is currently being used by said authorized person; which instrumentality authorized person recognition means may further comprise means to determine whether said authorized person identity authentication signal is received from said PAC within a predetermined time interval before or after receipt of said instrumentality activation signal; or means to send an interrogation signal to said PAC after receipt of said instrumentality activation signal, asking for transmission of an authorized person identity authentication signal, and for determining whether said authorized person identity authentication signal is received by said instrumentality authorized person recognition means within a predetermined time interval after transmission of said interrogation signal.
Said method comprises continually determining whether or not a particular person who may seek to activate said instrumentality is the person who is authorized to do so, and allowing said instrumentality to be activated by said person if and only if said person is said authorized person.