Search

US-12626262-B2 - Single step transaction authentication using proximity and biometric input

US12626262B2US 12626262 B2US12626262 B2US 12626262B2US-12626262-B2

Abstract

A system and method provide efficient, secure and highly reliable authentication for transaction processing and/or access control applications in which only biometric input is required from the user. A Personal Digital Key stores a biometric profile that comprises a representation of physical or behavioral characteristics that are uniquely associated with an individual that owns and carries the PDK. The PDK wirelessly transmits the biometric profile over a secure wireless transaction to a Reader for use in a biometric authentication process. The Reader compares the received biometric profile to a biometric input acquired at the point of transaction in order to determine if the transaction should be authorized.

Inventors

  • John J. Giobbi
  • David L. Brown
  • Fred S. Hirt

Assignees

  • PROXENSE, LLC

Dates

Publication Date
20260512
Application Date
20220630

Claims (20)

  1. 1 . A method comprising: automatically acquiring, by a portable user device, a facial image of a user and computing a hash of the facial image using a one-way hash function; comparing, by the portable user device, the hash of the facial image of the user and a biometric profile stored in the portable user device, the biometric profile comprising biometric information transformed by the one-way hash function and a use of the biometric profile for user authentication associated with it a spending limit on a purchase amount of a transaction; responsive to the comparing, determining that the hash of the facial image of the user matches the biometric profile; responsive to determining that the hash of the facial image of the user matches the biometric profile, detecting that the portable user device is within a proximity zone of a reader device, establishing a wireless communication channel between the portable user device and the reader device, receiving a profile history including an identification of a first trusted system that administered an acquisition and storage of the biometric profile and a transaction history including one or more transactions completed using the portable user device from the portable user device via the wireless communication channel, determining that the portable user device is valid based on authenticating the profile history and the transaction history, and determining that the biometric profile is associated with a valid user for the portable user device; and responsive to determining that the portable user device is valid, that the biometric profile is associated with the valid user for the portable user device, and that the purchase amount of the transaction is within the spending limit associated with the use of the biometric profile for user authentication, transmitting transaction information for the transaction from the portable user device to the reader device via the wireless communication channel and initiating, at the reader device, the transaction, the reader device requesting a validation of the transaction information from a second trusted system and performing the transaction using the transaction information responsive to receiving the validation of the transaction information from the second trusted system.
  2. 2 . The method of claim 1 , wherein the reader device is associated with a point of sale terminal and the transaction includes a purchase.
  3. 3 . The method of claim 1 , wherein the reader device is associated with an Automated Teller Machine and the transaction includes a withdrawal from the Automated Teller Machine.
  4. 4 . The method of claim 1 , wherein the biometric profile is stored in an encrypted memory of the portable user device.
  5. 5 . The method of claim 1 , wherein the portable user device includes a biometric scanner to acquire the facial image of the user.
  6. 6 . The method of claim 5 , wherein the biometric scanner includes a camera.
  7. 7 . The method of claim 5 , wherein acquiring the facial image of the user is performed by the biometric scanner.
  8. 8 . The method of claim 1 , wherein acquiring the facial image of the user includes acquiring one or more unique features of a face of the user.
  9. 9 . The method of claim 1 , wherein the portable user device includes at least one of a wearable device or a cellular phone.
  10. 10 . The method of claim 1 , wherein the second trusted system is a third-party system independent of the portable user device and the reader device.
  11. 11 . The method of claim 1 , wherein the transaction information is associated with a default payment option.
  12. 12 . The method of claim 1 , wherein the transaction information is associated with a payment option selected by the user at a time of the transaction from a plurality of payment options.
  13. 13 . The method of claim 1 , wherein the transaction information is associated with an identification code uniquely identifying the portable user device.
  14. 14 . A system comprising: a computing device and a memory including instructions that, when executed by the computing device, cause the system to perform operations including: automatically acquiring, by a portable user device, a facial image of a user and computing a hash of the facial image using a one-way hash function; comparing, by the portable user device, the hash of the facial image of the user and a biometric profile stored in the portable user device, the biometric profile comprising biometric information transformed by the one-way hash function and a use of the biometric profile for user authentication associated with it a spending limit on a purchase amount of a transaction; responsive to the comparing, determining that the hash of the facial image of the user matches the biometric profile; responsive to determining that the hash of the facial image of the user matches the biometric profile, detecting that the portable user device is within a proximity zone of a reader device, establishing a wireless communication channel between the portable user device and the reader device, receiving a profile history including an identification of a first trusted system that administered an acquisition and storage of the biometric profile and a transaction history including one or more transactions completed using the portable user device from the portable user device via the wireless communication channel, determining that the portable user device is valid based on authenticating the profile history and the transaction history, and determining that the biometric profile associated with a valid user for the portable user device; and responsive to determining that the portable user device is valid, that the biometric profile is associated with the valid user for the portable user device, and that the purchase amount of the transaction is within the spending limit associated with the use of the biometric profile for user authentication, transmitting transaction information for the transaction from the portable user device to the reader device via the wireless communication channel and initiating, at the reader device, the transaction, the reader device requesting a validation of the transaction information from a second trusted system and performing the transaction using the transaction information responsive to receiving the validation of the transaction information from the second trusted system.
  15. 15 . The system of claim 14 , wherein the reader device is associated with a point of sale terminal and the transaction includes a purchase.
  16. 16 . The system of claim 14 , wherein the reader device is associated with an Automated Teller Machine and the transaction includes a withdrawal from the Automated Teller Machine.
  17. 17 . The system of claim 14 , wherein the portable user device includes at least one of a wearable device or a cellular phone.
  18. 18 . The system of claim 14 , wherein the portable user device includes a biometric scanner to acquire the facial image of the user.
  19. 19 . The system of claim 18 , wherein the biometric scanner includes a camera.
  20. 20 . The system of claim 18 , wherein acquiring the facial image of the user is performed by the biometric scanner.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS This application is a continuation of U.S. application Ser. No. 15/364,039, filed Nov. 29, 2016, titled “Single Step Transaction Authentication Using Proximity and Biometric Input,” which is a continuation of and claims priority to U.S. application Ser. No. 11/745,249, filed May 7, 2007, titled “Single Step Transaction Authentication Using Proximity and Biometric Input,” which claims the benefit of U.S. Provisional Application No. 60/798,172 titled “Touch Pay” filed on May 5, 2006; U.S. Provisional Application No. 60/798,843 titled “Touch Pay” filed on May 8, 2006; U.S. Provisional Application No. 60/838,788 titled “Personal Digital Key Accessible Storage Device and Processor” filed on Aug. 17, 2006; U.S. Provisional Application No. 60/824,758 titled “Truprox Touch Technology” filed on Sep. 6, 2006; and U.S. Provisional Application No. 60/894,608 titled “TruProx Stored-Photo Extension” filed on Mar. 13, 2007, the entire contents of all of which are herein incorporated by reference. Applicants hereby notify the USPTO that the claims of the present application are different from those of the parent application (U.S. patent application Ser. No. 11/745,249) and any other related applications. Therefore, Applicants rescind any disclaimer of claim scope made in the parent application or any other predecessor application in relation to the present application. The Examiner is therefore advised that any such disclaimer and the cited reference that it was made to avoid may need to be revisited at this time. Furthermore, the Examiner is also reminded that any disclaimer made in the present application should not be read into or against the parent application, the grandparent application or any other related application. BACKGROUND 1. Field of Art The invention generally relates to electronic authentication, and more specifically, to secure authentication using biometric verification. 2. Description of the Related Art Optimizing sales transactions and providing secure access to physical and/or digital assets are challenges faced by many businesses and organizations. Ensuring these processes are safe, efficient and simple is important to merchants, providers, users and consumers alike. Conventionally, technologies such as magnetic cards (e.g., credit cards, debit cards, ATM cards, and employee badges) have been used in attempt to address these needs. More recently, various contactless cards or tokens requiring placement near compatible readers have been used. Each of these technologies, however, has inherent problems in providing secure transaction processing and access control. In particular, the conventional technologies fail to sufficiently ensure that individuals attempting to perform a transaction are associated with the access device and are authorized to do so. Conventional attempts to address this issue include requiring users to provide Personal Identification Numbers (PINs) or passwords in conjunction with account numbers. While in some instances, these options have helped to combat fraudulent activity, these solutions add unwanted complexity and delay to transactions. With the growing need to memorize various PINs and passwords, individuals tend to repeatedly use the same, simple phrase to protect many items, or worse, keep the written phrases in their purse/wallet or next to their computer. Thus, the use of PINs and passwords are often defeated. A technology better suited to address the issue of authenticating users is biometrics. In biometric authentication, physical and/or behavioral characteristics of an individual are analyzed to uniquely identify the individual. For example, biometric characteristics can include fingerprint, retinal, iris, face, palm, DNA, voice or signature characteristics that can each be uniquely associated with the individual. However, traditional biometric authentication solutions also suffer from significant problems. First, traditional biometric authentication techniques typically expose the participating parties to serious liabilities, risks and inefficiencies. Conventional biometric authentication techniques nearly always require users to release personal, private and unchangeable data to a controlling-entity (e.g., a merchant or business authority) or to a third-party relied upon by the controlling-entity. This exposes an individual's personal biometric information to the possibility of theft and fraudulent use. Further, controlling entities must either assume the risks and liabilities of storing this data, or trust the data to a third-party's care. Second, conventional biometric authentication techniques generally require an individual to submit biometric information (e.g., a fingerprint, retinal scan, facial scan, or signature) for storage in a database that can then be later used for comparison with biometric data acquired at the point of transaction. This “enrollment” process is time-consuming, risky, error-prone and considered intr