[go: up one dir, main page]

WO2018164630A1 - Procédés d'inscription et d'authentification d'utilisateur d'un dispositif électronique - Google Patents

Procédés d'inscription et d'authentification d'utilisateur d'un dispositif électronique Download PDF

Info

Publication number
WO2018164630A1
WO2018164630A1 PCT/SE2018/050217 SE2018050217W WO2018164630A1 WO 2018164630 A1 WO2018164630 A1 WO 2018164630A1 SE 2018050217 W SE2018050217 W SE 2018050217W WO 2018164630 A1 WO2018164630 A1 WO 2018164630A1
Authority
WO
WIPO (PCT)
Prior art keywords
representation
encrypted
enrolment
processor
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/SE2018/050217
Other languages
English (en)
Inventor
Sebastian Weber
David Burnett
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fingerprint Cards AB
Original Assignee
Fingerprint Cards AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fingerprint Cards AB filed Critical Fingerprint Cards AB
Priority to US16/490,166 priority Critical patent/US11366887B2/en
Priority to EP18764726.8A priority patent/EP3593269B1/fr
Priority to CN201880014804.3A priority patent/CN110366726A/zh
Publication of WO2018164630A1 publication Critical patent/WO2018164630A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V10/00Arrangements for image or video recognition or understanding
    • G06V10/94Hardware or software architectures specially adapted for image or video understanding
    • G06V10/95Hardware or software architectures specially adapted for image or video understanding structured as a network, e.g. client-server architectures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/10Human or animal bodies, e.g. vehicle occupants or pedestrians; Body parts, e.g. hands
    • G06V40/12Fingerprints or palmprints
    • G06V40/1365Matching; Classification
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V40/00Recognition of biometric, human-related or animal-related patterns in image or video data
    • G06V40/50Maintenance of biometric data or enrolment thereof

Definitions

  • the present invention generally relates to a method for enrolling a user of an electronic device and to a method for authentication of a user of the electronic device.
  • the invention further relates to such an electronic device.
  • biometric systems are used more and more in order to provide an increased security for accessing an electronic device and at the same time keep the user convenience at an acceptable level.
  • biometric systems include systems for e.g. fingerprint-based authentication, iris-based authentication, and vein-based authentication among others.
  • fingerprint sensors have been successfully integrated in such electronic devices, for example, thanks to their small form factor, high performance and user acceptance.
  • capacitive sensing is most commonly used, in particular in applications where size and power consumption are important.
  • Biometric systems rely on a computing environment which performs the processing of acquired images or other types of data indicative of a biometric feature of the user. Although spoofs are one concern for secure authentication using biometric systems, another concern is that the biometric authentication process itself may be subject to various attacks, such as for example physical tampering, compromising the security and integrity of the biometric system.
  • Devices that employ biometric systems for authentication of a user typically include architectural defenses to increase the difficulty of compromising the logical and physical security of the biometric authentication system.
  • the biometric template extraction and matching software may be run in a more secure computing environment.
  • the security architecture has to provide sufficiently fast authentication procedures in order to meet the market requirements with regards to processing speed.
  • US 2014/0210589 discloses an example of a fingerprint sensor comprising a secure microprocessor for read-out, matching and verification of fingerprint image data.
  • a secure microprocessor for read-out, matching and verification of fingerprint image data.
  • Another object of the present invention is to provide methods for biometric authentication with improved security. Another object is to provide an electronic device with improved biometric authentication security.
  • a method for enrolling a user of an electronic device comprising: a biometry sensor for acquiring sensing signals representative of a biometric feature; a processor for computing an enrolment representation based on the sensing signals; a secure module isolated from the processor for computing an encrypted representation of the enrolment representation, wherein the method comprises: acquiring sensing signals representative of a candidate's biometric feature; based on the sensing signals, determining an enrolment representation by the processor; determining, by the secure module, an encrypted representation of the enrolment representation;
  • the present invention is based upon the realization that improved biometric authentication security is achieved by a layered architecture of the computing environment performing the authentication.
  • the layered architecture may be considered to comprise multiple computing environments. It is realized that by verifying the integrity of the processor which computes the enrolment
  • the data e.g. biometric templates
  • software used by the processor which computes enrolment representations (and verification representations) can be confirmed by the isolated secure module.
  • the integrity of the biometric based decision of authentication is checked by the secure module operating in a separate architectural "layer" from the processor where the decision is taken. Thereby, the overall integrity of a biometric matching event can be controlled, and "biometric non- repudiation" may be provided for the authentication process.
  • the secure module is isolated should be interpreted as that the secure module is separated from the processor by being its own entity.
  • the secure model and the processor are different hardware.
  • the processor and the secure module operate with their own independent processing capability.
  • the secure module and the processor are able to communicate with each other, i.e. the secure module may send data to the processor and receive data from the processor, and the processor may send data to the secure module and receive data from the secure module.
  • the communication may be via e.g. a SPI-port (serial peripheral interface), or other internal or external data buses known in the art, or wireless techniques including near field communication (NFC), Bluetooth, Wifi, or other known means for communication of digital signals.
  • the secure module may be a so-called "secure element".
  • the secure module may advantageously comprise a secure control unit and secure storage unit.
  • the secure storage unit is able to store data, i.e. the secure storage unit may be a "machine-readable media”.
  • the enrollment representation when the encrypted representation has been determined, the enrollment representation may be discarded from the secure module. This advantageously improves the security further since the enrollment template is not stored together with the encrypted representation of the enrolment template.
  • the secure module signs the encrypted representation with a private key unique to the electronic device.
  • the encrypted representation may only be used for authentication in one specific electronic device, thereby improving security further, in particular in cases when the encrypted representation is returned to the processor.
  • signing the encrypted representation with the private key provides improved defense against attempts to swap the entire set of enrolment templates and/or encrypted
  • determining the encrypted representation may comprise determining a hash representation of the enrolment representation.
  • a hash representation is determined by applying a cryptographic hash function on the enrolment representation.
  • the cryptographic hash function may create a bit string in a one-way manner, in other words, it is not possible to reverse the function to find out the enrolment representation.
  • the encrypted representation may be included to send the encrypted representation to the processor, wherein the processor stores the encrypted representation as part of an enrolment template for future verification.
  • the encrypted representation becomes part of the template such that the encrypted representation may become part of an authentication procedure.
  • the biometry sensor may be a fingerprint sensor whereby the biometric feature is a fingerprint pattern.
  • the fingerprint sensor may be implemented using any kind of current or future fingerprint sensing principle, including for example capacitive, optical, or thermal sensing technology. However, at present capacitive sensing is most preferred. Both one and two-dimensional sensors are possible and within the scope of the invention.
  • the electronic device may advantageously be a mobile phone. However, other electronic devices are of course thinkable such as tablets, laptops desktop computers, etc.
  • a measure is detected indicative of the capacitive coupling between each sensing element in an array of sensing elements and a finger surface touching the fingerprint sensor surface.
  • Sensing elements at locations corresponding to ridges in the fingerprint will exhibit a stronger capacitive coupling to the finger than sensing elements at locations corresponding to valleys in the fingerprint.
  • the electronic device may
  • the processor may be operable in a trusted execution environment.
  • a trusted execution environment may be a secure area of a processor, i.e. part of the processing capability of the processor is operable in a secure environment. The security of the trusted execution environment being upheld by software based protection.
  • the processor may perform the steps of the method in a secure area of the processor, or the entire processor may operate in a trusted execution environment.
  • the data i.e. templates, and
  • Trusted execution environments as such are known to the person skilled in the art.
  • a biometry sensor for acquiring sensing signals representative of a biometric feature
  • a processor for computing an verification representation based on the sensing signals
  • a secure module isolated from the processor for computing an encrypted representation of the enrolment representation
  • the method according to the second aspect ensures that the matched enrolment representation is known to the secure module and has not been modified since it was initially observed by the secure module in the enrolment process.
  • the enrolment process may be as described in the first aspect.
  • the pass signal may be provided to the processor, or directly to a main processor of the electronic device, or for example to a terminal to which the biometric authentication allows access, i.e. a card reader for a smart card, the smart card having a biometric authentication system. Furthermore, the pass signal may be provided to an application to which the user is attempting to gain access via the biometric authentication.
  • the method for authenticating a user may comprise: sending, when the match is found between the verification
  • the secure module performs another matching step between the verification representation and the enrolment representation after the encrypted enrolment representations.
  • determining an encrypted representation may comprise determining a hash representation of the enrolment representation or the verification representation.
  • This second aspect of the invention provides similar advantages as discussed above in relation to the first aspect of the invention.
  • an electronic device comprising: a biometry sensor for acquiring sensing signals representative of a biometric feature; a processor configured to compute a
  • a secure module configured to: determine encrypted representations of at least the enrolment representation, and store an encrypted enrolment representation for future authentication.
  • the processor may be configured to determine the enrollment representation, the secure module may be configured to determine and store the encrypted representation of the enrolment representation, wherein when the encrypted representation of the enrolment representation is established, the secure module may be configured to send a success signal to the processor, wherein in response to receiving the success signal the processor may be configured to store the enrolment representation for future authentication.
  • the processor is configured to: determine the verification
  • the secure module is configured to: determine an encrypted representation of the enrolment representation and compare the encrypted representation with at least one stored encrypted representation, and when a match is found between the encrypted representation and a stored encrypted representation, provide a pass signal indicative of successful
  • the processor may be configured to: send, when the match is found between the verification representation and a stored enrollment representation, the enrollment representation and the verification representation to the secure module, wherein the secure module is configured to: compare, when the match is found between the encrypted representation and the stored encrypted representation, the verification representation with the enrolment representation, wherein, the secure module is further configured to provide the pass signal when the verification representation matches the enrolment representation.
  • the electronic device may be a mobile phone such as e.g. a smartphone.
  • the electronic device may equally well be a tablet, a laptop computer, a desktop computer, a smart card, smart watch, etc.
  • the "enrolment representation" and/or the “verification representation” of a fingerprint image may be any information extracted from the fingerprint image, which is useful for assessing the similarity between fingerprint images acquired at different times.
  • the fingerprint image may be any information extracted from the fingerprint image, which is useful for assessing the similarity between fingerprint images acquired at different times.
  • the enrolment/verification representation of the fingerprint image may comprise descriptions of fingerprint features (such as so-called minutiae) and information about the positional relationship between the fingerprint features.
  • the representation of the fingerprint image may be the image itself, or a compressed version of the image.
  • the image may be binarized and/or skeletonized.
  • Authentication may comprise multiple steps, one step being the process thereof of deciding whether a biometric feature comes from the same individual as an enrolled biometric feature. This process is commonly denoted verification.
  • This third aspect of the invention provides similar advantages as discussed above in relation to the first aspect and the second aspect of the invention.
  • the present invention generally relates to methods for enrolling a user of an electronic device and authentication the user of the electronic device.
  • the electronic device comprising a biometry sensor for acquiring sensing signals representative of a biometric feature, and a processor for computing a verification representation based on said sensing signals.
  • the electronic device further includes a secure module isolated from said processor for computing an encrypted representation of said enrolment representation.
  • Figs. 1 schematically exemplify an electronic device according to the present invention, in the form of a mobile phone comprising a biometric sensor in the form of an integrated fingerprint sensor;
  • Fig. 2 schematically shows a fingerprint sensor array comprised in the electronic device in Fig. 1 ;
  • Fig. 3 conceptually illustrates a timing diagram according to an example embodiment
  • Fig. 4 conceptually illustrates a timing diagram according to an example embodiment
  • Fig. 5 conceptually an electronic device according to an embodiment of the invention
  • Fig. 6 is a flow-chart of method steps according to embodiments of the invention.
  • Fig. 7 is a flow-chart of method steps according to embodiments of the invention.
  • the electronic device in the form of a mobile phone 100 with an integrated fingerprint sensor 102 and a display unit 104 with a touch screen interface 106.
  • the fingerprint sensor 102 and the display unit 104 are together arranged at the front side of the mobile phone 100.
  • the fingerprint sensor 102 may, for example, be used for unlocking the mobile phone 100 and/or for authorizing transactions carried out using the mobile phone 100, etc.
  • the fingerprint sensor 102 may of course also be placed on the backside of the mobile phone 100.
  • the mobile phone 100 shown in Fig. 1 further comprises a first antenna for WLAN/Wi-Fi
  • the invention may be applicable in relation to any other type of electronic device, such as a laptop, a remote control, a tablet computer, a smart card, smart watch, or any other type of present or future similarly configured device.
  • the fingerprint sensor 102 is configured to comprise a large plurality of sensing elements, preferably arranged as a two- dimensional array.
  • the two-dimensional array may have sizes depending on the planned implementation and in an embodiment 160x160 pixels are used. Other sizes are of course possible and within the scope of the invention, including two- dimensional array with less pixels as compared to the above example.
  • a single sensing element (also denoted as a pixel) is in Fig. 2 indicated by reference numeral 202.
  • sensing signals representative of a biometric feature of a candidate is firstly acquired by a biometry sensor such as for example a fingerprint sensor 301 , in such case the sensing signals may be representative of an image of the fingerprint pattern of the candidate.
  • the sensing signals e.g. the fingerprint image are sent S302 to a processor (not shown) running an application 303 for computing enrolment representations.
  • the application 303 running on the processor determines S304 an enrolment representation (i.e. an enrolment template) based on the sensing signals.
  • a secure module 305 next receives the enrolment representation S306.
  • the secure module 305 which is isolated from the processor, i.e. the secure module 305 comprises its own processing circuitry (see e.g. Fig. 5), computes and stores S308 an encrypted representation of the enrolment representation.
  • the secure module 305 discards S310 the enrollment representation.
  • the encrypted representation of the enrolment representation may for example be a hash for the enrollment representation.
  • a success signal is sent S312 to the processor running the application 303, the signal being indicative of that the encrypted representation was successfully calculated and stored.
  • the processor stores S314 the enrolment representation as an enrolment template.
  • the enrolment template may be used for subsequent verification.
  • the secure module 305 may return the encrypted representation to the processor, for example if the secure module 305 lacks storage space to store the encrypted representation. In some embodiments, the secure module 305 stores the encrypted representation.
  • FIG. 4 conceptually illustrating a timing diagram of a verification procedure for authentication of a user according to an exemplary embodiment of the invention.
  • An operating system 400, or application 400 may request a scan for a biometric feature, whereby sensing signals representative of a biometric feature of a candidate is firstly acquired S401 by a biometry sensor such as for example a finger print sensor 301 , in such case an image representative of the fingerprint pattern of the candidate is acquired.
  • the sensing signals e.g. the fingerprint image are sent S402 to a processor (not shown) running an application 303 for computing verification representations.
  • the application 303 determines S404 a verification representation (i.e. an enrolment template) based on the sensing signals.
  • the verification representation is compared with at least one stored enrolment representation (e.g. an enrolment template). If a match is found (S408) between the verification representation and an enrolment representation, the enrolment representation is sent S410 to the secure module 305.
  • the matching (S408) may be performed by an application 303' separate from the application 303 used for creating the verification representation. Both applications 303 and 303' may be running on the processor 302.
  • the enrolment representation is provided S410 to the secure module 305.
  • the secure module 305 determines S412 an encrypted representation of the enrolment representation, for example, the encrypted representation may be a hash of the enrolment representation.
  • the secure module 305 attempts to match the encrypted representation of the enrolment representation with a stored encrypted enrolment representation, and if a match is found, a pass signal is provided (S418, S420, S422) indicative that the encrypted enrolment representation matches with a stored encrypted enrolment representation.
  • the pass signal may be provided to the applications 303 or 303', or directly to the application or operating system 400.
  • the pass signal may optionally include a digital signature (including a private key) of the electronic device.
  • the processor 302 running application 303 sends both the enrolment representation and the verification representation S410 to the secure module 305.
  • the secure module may, subsequent to having found S414 a match between the encrypted enrolment representation and a stored encrypted enrolment representation, compare S416 the verification representation with the enrolment representation to confirm the matching result obtained by the processor 302 (e.g. application 303').
  • the processor 302 e.g. application 303'
  • the pass signal indicative of successful authentication is provided (S418, S420, S422). This provides even higher confidence level of the biometric authentication.
  • the processor running the applications 303, 303' is operative in a trusted execution environment.
  • FIG. 5 conceptually illustrating an electronic device 500 comprising a biometry sensor 502 for acquiring sensing signals representative of a biometric feature, and a processor 504 configured to compute a verification representation and an enrolment representations based on sensing signals acquired by the biometry sensor 502.
  • the processor 504 may be running one or more applications configured to compute the representations and performing biometric matching between a verification representation and an enrolment representation.
  • the electronic device 500 further comprises a secure module 508 configured to determine encrypted representations of the enrolment representation, and store an encrypted enrolment representation for future authentication.
  • the secure module 508 comprises a secure storage unit 512.
  • the secure module 508 comprises a secure control unit 510.
  • the secure module comprises its own hardware and is thus separated from the processor 504 running the applications for computing the representations and performing biometric matching between a verification representation and an enrolment representation.
  • the secure module 508 may receive/send data from/to the processor 504 and vice versa, but is otherwise isolated from the processor.
  • the secure module 508 may for example be "secure element".
  • the communication between the processor and the secure module may be via e.g. a SPI-port (serial peripheral interface), or other internal or external data buses known in the art, or wireless techniques including near field communication (NFC), Bluetooth, Wifi, or other known means for communication of digital signals.
  • the processor 504 may be operative in a secure environment such as a trusted execution environment 506.
  • the applications may be run in the trusted execution environment 506 for enhanced security.
  • Fig. 6 illustrates a flow-chart according to embodiments of the invention.
  • the embodiments illustrated by the flow-chart in Fig. 6 relate to a method for enrolling a user of an electronic device.
  • S602 sensing signals are acquired representative of a candidate's biometric feature.
  • an enrolment representation is determined S604 by a processor (e.g.
  • an encrypted representation of the enrolment representation is determined by a secure module (e.g. secure module 305 or 508).
  • the encrypted representation is stored S610 in the secure module.
  • a success signal indicative of successful encryption is provided S612 to the processor.
  • the processor stores S614 the enrolment representation.
  • the enrollment representation is discarded S608 from the secure module.
  • fig. 7 illustrates a flow-chart according to embodiments of the invention.
  • the embodiments illustrated by the flow-chart in Fig. 7 relate to a method for authenticating a user of an electronic device.
  • sensing signals representative of a candidate's biometric feature is acquired.
  • a verification representation based on the sensing signals is determined by a processor.
  • the verification representation is compared S706 with at least one stored enrolment representation.
  • the enrollment representation is sent S708 to a secure module.
  • an encrypted representation of the enrolment representation is determined by the secure module, and the encrypted representation is compared with at least one stored encrypted
  • the verification representation is also send S714 to the secure module.
  • the verification representation may be compared S716 with the enrolment representation subsequent to step S710. When a match is found between the encrypted
  • the pass signal indicative of successful authentication is provided S718.
  • the expression "fingerprint image” should be interpreted broadly and to include both a regular “visual image” of a fingerprint of a finger as well as a set of measurements relating to the finger when acquired using the fingerprint sensor.
  • a control unit of embodiment of the invention may include a microprocessor, microcontroller, programmable digital signal processor or another programmable device.
  • the control unit may also, or instead, include an application specific integrated circuit, a programmable gate array or programmable array logic, a programmable logic device, or a digital signal processor.
  • the processor may further include computer executable code that controls operation of the programmable device. It should be understood that all or some parts of the functionality provided by means of the control unit (or generally discussed as "processing circuitry”) may be at least partly integrated with the fingerprint sensor, or may be part of the electronic device. It should also be understood that the actual implementation of such a control unit may be divided between a plurality of devices/circuits.
  • control functionality of the present disclosure may be implemented using existing computer processors, or by a special purpose computer processor for an appropriate system, incorporated for this or another purpose, or by a hardwire system.
  • Embodiments within the scope of the present disclosure include program products comprising machine-readable medium for carrying or having machine- executable instructions or data structures stored thereon.
  • Such machine-readable media can be any available media that can be accessed by a general purpose or special purpose computer or other machine with a processor.
  • machine-readable media can comprise RAM, ROM, EPROM, EEPROM, CD- ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to carry or store desired program code in the form of machine-executable instructions or data structures and which can be accessed by a general purpose or special purpose computer or other machine with a processor.
  • a network or another communications connection either hardwired, wireless, or a combination of hardwired or wireless
  • any such connection is properly termed a machine-readable medium.
  • Machine-executable instructions include, for example, instructions and data which cause a general purpose computer, special purpose computer, or special purpose processing machines to perform a certain function or group of functions.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Human Computer Interaction (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Collating Specific Patterns (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
  • Image Input (AREA)

Abstract

La présente invention concerne de manière générale des procédés pour inscrire un utilisateur d'un dispositif électronique et pour authentifier l'utilisateur du dispositif électronique. Le dispositif électronique comprend un capteur de biométrie pour acquérir des signaux de détection représentant une caractéristique biométrique, et un processeur pour calculer une représentation de vérification sur la base desdits signaux de détection. Le dispositif électronique comprend en outre un module sécurisé isolé dudit processeur pour calculer une représentation chiffrée de ladite représentation d'inscription.
PCT/SE2018/050217 2017-03-09 2018-03-07 Procédés d'inscription et d'authentification d'utilisateur d'un dispositif électronique Ceased WO2018164630A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US16/490,166 US11366887B2 (en) 2017-03-09 2018-03-07 Biometric authentication
EP18764726.8A EP3593269B1 (fr) 2017-03-09 2018-03-07 Procédés d'inscription et d'authentification d'utilisateur d'un dispositif électronique
CN201880014804.3A CN110366726A (zh) 2017-03-09 2018-03-07 用于登记用户及用于认证电子设备的用户的方法

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201762469158P 2017-03-09 2017-03-09
US62/469,158 2017-03-09
SE1750330 2017-03-20
SE1750330-1 2017-03-20

Publications (1)

Publication Number Publication Date
WO2018164630A1 true WO2018164630A1 (fr) 2018-09-13

Family

ID=63448824

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2018/050217 Ceased WO2018164630A1 (fr) 2017-03-09 2018-03-07 Procédés d'inscription et d'authentification d'utilisateur d'un dispositif électronique

Country Status (1)

Country Link
WO (1) WO2018164630A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021049991A1 (fr) * 2019-09-12 2021-03-18 Fingerprint Cards Ab Dispositif biométrique avec circuit cryptographique
US11424929B2 (en) 2021-01-07 2022-08-23 Bank Of America Corporation Authentication using encrypted biometric information

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020025062A1 (en) 1998-04-07 2002-02-28 Black Gerald R. Method for identity verification
US20060226951A1 (en) 2005-03-25 2006-10-12 Aull Kenneth W Method and system for providing fingerprint enabled wireless add-on for personal identification number (PIN) accessible smartcards
US20130308838A1 (en) * 2012-05-18 2013-11-21 Apple Inc. Efficient Texture Comparison
US20140344921A1 (en) * 2013-05-14 2014-11-20 Dell Products L.P. Apparatus and Method for Enabling Fingerprint-Based Secure Access to a User-Authenticated Operational State of an Information Handling System
US9374370B1 (en) * 2015-01-23 2016-06-21 Island Intellectual Property, Llc Invariant biohash security system and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020025062A1 (en) 1998-04-07 2002-02-28 Black Gerald R. Method for identity verification
US20060226951A1 (en) 2005-03-25 2006-10-12 Aull Kenneth W Method and system for providing fingerprint enabled wireless add-on for personal identification number (PIN) accessible smartcards
US20130308838A1 (en) * 2012-05-18 2013-11-21 Apple Inc. Efficient Texture Comparison
US20140344921A1 (en) * 2013-05-14 2014-11-20 Dell Products L.P. Apparatus and Method for Enabling Fingerprint-Based Secure Access to a User-Authenticated Operational State of an Information Handling System
US9374370B1 (en) * 2015-01-23 2016-06-21 Island Intellectual Property, Llc Invariant biohash security system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3593269A4

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021049991A1 (fr) * 2019-09-12 2021-03-18 Fingerprint Cards Ab Dispositif biométrique avec circuit cryptographique
CN114391149A (zh) * 2019-09-12 2022-04-22 指纹卡安娜卡敦知识产权有限公司 具有加密电路的生物计量装置
US11997199B2 (en) 2019-09-12 2024-05-28 Fingerprint Cards Anacatum Ip Ab Biometric device with cryptographic circuitry
US11424929B2 (en) 2021-01-07 2022-08-23 Bank Of America Corporation Authentication using encrypted biometric information

Similar Documents

Publication Publication Date Title
US11216546B2 (en) Method for fingerprint authentication using force value
US9911026B2 (en) Fingerprint sensor with force sensor
US8903141B2 (en) Electronic device including finger sensor having orientation based authentication and related methods
US9646193B2 (en) Fingerprint authentication using touch sensor data
CN111699490B (zh) 用于电子装置的认证方法
CN110073354A (zh) 用于用户的生物识别认证的电子设备
US11115215B2 (en) Methods and devices of enabling authentication of a user of a client device over a secure communication channel based on biometric data
US20160321441A1 (en) Secure biometric authentication
US20200387589A1 (en) Method and electronic device for authenticating a user
EP3593269B1 (fr) Procédés d'inscription et d'authentification d'utilisateur d'un dispositif électronique
CN112334897B (zh) 认证用户的方法和电子设备
WO2018164630A1 (fr) Procédés d'inscription et d'authentification d'utilisateur d'un dispositif électronique
US20170243043A1 (en) Method and system for controlling an electronic device
CN107408208A (zh) 用于对用户的生物测量进行分析的方法和指纹感测系统
WO2018018787A1 (fr) Procédé et dispositif d'authentification par mot de passe, terminal mobile, et support de stockage informatique
US20200201977A1 (en) Method for authenticating a first user and corresponding first device and system
US20200184056A1 (en) Method and electronic device for authenticating a user
EP3682357B1 (fr) Procédés et dispositifs permettant l'authentification d'un utilisateur d'un dispositif client sur un canal de communication sécurisé en fonction de données biométriques
WO2019236001A1 (fr) Procédé d'authentification d'un utilisateur
US20190080145A1 (en) Fingerprint sensor and method for processing fingerprint information

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18764726

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2018764726

Country of ref document: EP

Effective date: 20191009