WO2012178186A1 - Identification and authentication system and method - Google Patents

Identification and authentication system and method Download PDF

Info

Publication number
WO2012178186A1
WO2012178186A1 PCT/US2012/044058 US2012044058W WO2012178186A1 WO 2012178186 A1 WO2012178186 A1 WO 2012178186A1 US 2012044058 W US2012044058 W US 2012044058W WO 2012178186 A1 WO2012178186 A1 WO 2012178186A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
user
card
biometric data
identity
Prior art date
Application number
PCT/US2012/044058
Other languages
French (fr)
Inventor
Vahe BABLOYAN
Original Assignee
Identity Theft Protection Device & Services, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Identity Theft Protection Device & Services, Inc. filed Critical Identity Theft Protection Device & Services, Inc.
Publication of WO2012178186A1 publication Critical patent/WO2012178186A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Definitions

  • the field of the invention relates to identity theft protection using biometric information, and more particularly to a system and method of using identification and authentication inputs to verify the claimed identity of a user for business, legal, financial, law enforcement purposes that may include at least point-of-sale transactions, check cashing transactions, money transfer and exchange transactions, automotive dealership transactions, airline ticket and boarding transactions, medical services transactions and many other transactions.
  • biometric information that is, information associated with measuring one or more unique and unchanging biological characteristics of an individual, either physical or behavioral - has been used to attempt to identify an individual with more assurance.
  • biometric identification systems that use biometric data to identify an individual are primarily useful at small scales.
  • biometric identification systems are scaled to a very large scale such as many millions of records, they are hampered by the inability to rapidly search through such a large volume of records for a match. Since such searches often require rapid matching, large-scale searches become impractical and automated identification systems become quickly overwhelmed when attempting to use them with massive database [006]
  • biometric data when input from units on the field, is often imprecise. As a result of imprecise biometric input data, a search through millions of records of stored biometric information may result in thousands of false positive matches.
  • a further problem with biometric data is the immense effort and time needed to collect uniform, high-quality biometric data for all or almost all members of a population.
  • biometric data has been currently used as authenticating data for verifying identity with relatively small populations of people, such as for example the employees of a business, or the members of a club.
  • a method of creating a database for identity theft protection authentication includes receiving in a verification controller a first identifying information identifying a first identity card issued by a first card organization to authenticate a first transaction, receiving in the verification controller a first biometric data scanned from a user of the first identity card, using the first identifying information as a key to verify a record for the first identity card does not exist in an existing database that is in communication with the verification controller, and adding in the existing database at least one record associating the first identifying information and the first biometric data, said first biometric data then referred to as pre-existing first biometric data.
  • the method may further include receiving in the verification controller the first identifying information received from the first identity card to authenticate a second transaction, receiving in the server second biometric data scanned from the user of the first identity card in support of the second transaction, and using the first identifying information as a key to find and compare the pre-existing biometric data to the second biometric data to authenticate the identity of the user for the second transaction.
  • the method may include sending a result of the comparison to a display on a terminal and may include sending global positioning system (GPS) location information for the first transaction to the verification controller and storing the GPS location information in the existing database.
  • GPS global positioning system
  • the method may include scanning an identity card to obtain the first identifying information and sending the first identifying information to the verification controller using a transceiver.
  • the method may include sending a caution indication for receipt by a transaction display in response to said verifying step indicating a record for the first identity card does not exist in the existing database.
  • the method include determining if data damaged and sending indication of damaged data to an identity card scanner or sending a result of the comparing to a call center.
  • the sending step may also include sending the result of the comparing to a call center in response to the second biometric data matching biometric data of a second user.
  • the first biometric data is biometric data selected from the group consisting of fingerprint data, user signature data and user retinal data.
  • the first identity card is a card selected from the group consisting of a credit card, driver's license card, Medicare card, insurance card, vehicle rental card, entrance security card and an airport security card.
  • Another method of creating a database for identity theft protection authentication includes receiving a first identifying information that identifies a first identity card issued by a first card organization to authenticate a first transaction, receiving a first biometric data scanned from a user of the first identity card, means for verifying a record for the first identity card does not exist in an existing database, and means for adding in the existing database at least one record associating the first identifying information and the first biometric data, said first biometric data then referred to as pre-existing first biometric data.
  • the method may also include receiving the first identifying information received from the first identity card to authenticate a second transaction, receiving second biometric data scanned from the user of the first identity card in support of the second transaction, and means for finding and comparing the pre-existing biometric data to the second biometric data to authenticate the identity of the user for the second transaction.
  • a method of confirming the identity of a user of a plurality of identity cards includes receiving in a local verification controller a first identifying information retrieved from a remotely-located first identity card issued by a first card organization in support of a first transaction, receiving in the local verification controller a first biometric data scanned from a remotely-located user in support of the first transaction, creating at least one record associating the first identifying information to the first biometric data in a database in response to confirmation the at least one record does not yet exist, said first biometric data then referred to as pre-existing first biometric data, and receiving in the local verification controller a second identifying information retrieved from a remotely-located second identity card issued by a second card organization in support of a second transaction, receiving in the local verification controller second biometric data scanned from the remotely-located user in support of the second transaction, using the first and second identifying information as respective keys to locate the first and second pre-existing biometric data in an existing database, respectively, and comparing the first and second pre-
  • the method may also include receiving in the local verification controller location data for the remotely-located user and time of the first transaction.
  • the method may also include sending a result of the comparing to a call center in response to the comparing indicating the second pre-existing biometric data matches a second user, and may include scanning a user's fingerprint to obtain the first biometric data from the remotely-located user.
  • a method is of completing an existing database of authenticating data to reduce identity fraud, includes receiving in a verification controller identifying data that identifies a user, the identifying data manually input from a remotely-located terminal, receiving in the verification controller fingerprint data of the user from the remote terminal, and storing in a database the identifying data, the identifying data logically associated with the fingerprint data, the identifying data used as a key to locate the fingerprint data.
  • it may also include retrieving from a first identity card the identifying data, scanning authenticating data from the user of the first identity card, and sending the authenticating data and identifying data to the verification controller.
  • the method may also include manually inputting the identifying data into the remotely located terminal, scanning a fingerprint of the user using the remotely located terminal; and sending the identifying data and a fingerprint data generated form the scanning to the verification controller to confirm a match between the identifying data and a fingerprint data.
  • the method may include receiving in the remotely-located terminal a matching indication, the matching indication selected from the group consisting of verified indication, caution indication and failure indication.
  • the terminal may be a portable terminal.
  • FIG. 1 is a perspective view illustrating one embodiment of a portable terminal for retrieving and transmitting identifying and authenticating data to a verification controller and for displaying match results to a user;
  • FIG. 2 is a block diagram illustrating one embodiment of functional components used in the portable terminal first illustrated in FIG. 1;
  • FIG. 3 is a diagram illustrating a system by which a verification controller communicates with an existing database to match identifying and authenticating data received from multiple portable terminals;
  • Fig. 4 is a flowchart of one embodiment of a method for authenticating a user's identity using existing databases and multiple identifying inputs;
  • FIG. 5 is a flowchart of an embodiment for building an existing database of identifying and authenticating data by collecting the identifying and authenticating data during a user transaction;
  • FIG. 6 is a flowchart of an embodiment for building an existing database of identifying data by collecting the identifying data and confirming prior authenticating uses without the benefit of retrieved authenticating data;
  • FIG. 7 is a flowchart of an embodiment for using an existing database to match identifying and authenticating data received from a plurality of identity cards issued by a plurality of issuing card organizations to confirm the identity of a single user;
  • FIG. 8 is a flowchart of an embodiment for using an existing database to match identifying data received from a plurality of identity cards issued by a plurality of issuing card organizations without the benefit of retrieved authenticating data.
  • a system and method for creating and using a database to authenticate a transaction involving a common identity card such as a credit card, drivers license card, Medicare card, insurance card, vehicle rental card, entrance security card or airport security card, in a quickly and efficient manner.
  • the method includes receiving in a verification controller first identifying information that identifies a first identity card issued by a first card organization for authentication of a first transaction.
  • the first identifying information might be a credit card number, last name, first name or other identifying information.
  • first biometric data such as a fingerprint, signature or iris may be scanned from a user of the first identity card and provided to the verification controller.
  • the first identifying information may then be used as a key to quickly and efficiently verify that a record for the first identity card does or does not exist in the existing database. If a record does not yet exist, at least one record is then added to the existing database that associates the first identifying information and the first biometric data, the first biometric data then referred to as pre-existing first biometric data, for the biometric data to be easily and quickly accessible in future transactions to confirm the identity of a user for that card.
  • Fig. 1 is a perspective view of one embodiment of a small, mobile, portable terminal 100 for retrieving and transmitting identifying and authenticating data and for displaying match results to a user.
  • a magnetic strip reader 110 or such like such as a barcode reader or radio frequency detector/reader or other present or future data reader, may be used to input and store all or some of the identifying information included in a card or other identification device held by the user and commonly in use, such as a state Driver's License or Identification Card.
  • a fingerprint scanner 120 may be used to input a scan of at least one of the user's fingerprints for temporary storage in the portable terminal 100.
  • Other biometric input devices such as a digital display and signature pad 130, digital camera 140, iris scanner (not shown) and such may optionally be included in the portable terminal to temporarily store other biometric information.
  • LED display 150 is used to display the results of an identity search, with programmable colors and blinking patterns indicating the success, failure, or intermediate results of an identity verification search.
  • the results of an identity search may be displayed in another manner such as using digital display 130 as a Results Display 130 in order to give more information.
  • GPS Global positioning system
  • Transmit/Receive Unit 170 including universal serial bus (USB) port 180 or similar expansion port may be used to transmit through conventional wireless or wired means temporarily stored identification, authentication, and optional GPS data to a controller for identity confirmation.
  • USB universal serial bus
  • Processor 210 preferably controlled by firmware stored and read out of Read-Only Memory ROM 220, coordinates the input, storage, communication, and display of data by the other elements of the portable terminal I 00.
  • Data is transmitted among all elements on conventional bus 230, and data that is to be temporarily stored is stored in Random-Access Memory RAM storage 240.
  • Magnetic strip or similar reader 110 reads data from a commonly held card or other device such as a Driver's License held by the user, and temporarily stores that data in RAM 240.
  • Fingerprint scanner 120 scans a fingerprint of a user and stores the resulting scan in a non- overlapping section of RAM 240.
  • Digital display and signature pad 130 provides a bidirectional bitmapped area within which a user may sign their signature and within which data from digital camera 140 or verification results may be displayed. Results from use of digital signature pad 130 are stored in a non-overlapping section of RAM 240.
  • GPS Unit 160 provides current GPS data and time when the portable terminal 100 is used, and temporarily stores the data in a non-overlapping section of RAM 240.
  • Transmit/Receive Unit 170 is activated by processor 210 to transmit all the data types in a programmed, pre-determined set of packets using at least one wireless or wired communication channel to a remote Verification Controller (shown in Fig. 3) for further processing.
  • Transmit/Receive Unit 170 receives from the aforementioned remote Verification Controller the results of verification, and processor 210 causes the results to be stored in temporary storage RAM 240 and initiates the appropriate color and blinking display on LED Display 150.
  • Fig. 3 illustrates a system by which a verification controller communicates with an existing database to match identifying and authenticating data received from multiple portable terminals.
  • a plurality of portable terminals 100 may be in communication, through existing or future wireless or wired communications networks 310, with Verification Controller 320.
  • Verification Controller 320 contains processes, implemented in hardware, software, firmware, or a combination thereof, which together perform the functions of receiving, searching, comparing and verifying identity.
  • Verification Controller 320 is connected, through communications networks 310, with at least one Existing Database Server 330, which comprises existing or future ubiquitous database records containing pre-stored identifying and authenticating information, such as the DMV database of a state or of multiple states.
  • These ubiquitous Existing Database Servers 330 are or may be organized so that all or part of the pre-stored identification data such as driver's license number is used as a unique database key and the pre-stored biometric authentication data associated with that key, such as a fingerprint scan or digital signature, comprises a part of the database record attached to that key.
  • This organization of data allows that even a massive database such as a large state or multi-state DMV system containing hundreds of millions of records need not be fully searched for matching biometric data. Instead, identification data such as driver's license number may be formed into a database key with which a single record out of millions may be rapidly retrieved.
  • first data comprising unique and unambiguous identifying data associated with a ubiquitous Existing Database Server 330, such as a DMV database, is collected by portable terminal 100 using a means such as by example sliding the magnetic strip of a state Driver's License through magnetic strip reader 110.
  • Alternate data readers such as barcode, other machine readable codes, radio frequency reader, or other technique that exists now or in the future are also applicable.
  • step 420 second data comprising biometric authentication input for the same user is scanned and stored through the use of one or more biometric scanners such as a fingerprint scanner 120, digital signature pad 130, digital camera 140, and such like.
  • biometric scanners such as a fingerprint scanner 120, digital signature pad 130, digital camera 140, and such like.
  • the preferable biometric input units used are chosen from among those whose type of data is already included within the aforementioned ubiquitous Existing Database 330, such as the fingerprint scans, digital signatures, and/or digital images currently included in many state DMV driver's license databases.
  • step 430 third data comprising GPS and time information from GPS Unit 160 giving the location of the portable terminal and the time of identification is optionally created and stored.
  • step 440 said first identifying, second authenticating, and optional third GPS data is sent by Transmit/Receive Unit 170 of portable terminal 100 to Verification Controller 320, which is connected to at least one of the aforementioned ubiquitous Existing Database Servers 330 which contain secure, pre-stored identification and authentication information organized for rapid retrieval as aforementioned.
  • step 450 said first identifying data is configured into a key to search the aforementioned Existing Database Server 330, and pre-stored authentication data is retrieved from the record associated with that key.
  • step 460 a match is performed between the retrieved authenticating data of step 450 and the sent authenticating data of step 440, and the results are communicated to portable terminal I 00.
  • the results of a match can be at least one of: 1) the two authenticating data sets matched above an established threshold of probability, 2) the two data did not match, 3) no record of the identification input data was found, 4) the data was damaged and should be resent, or 5) the match of the sent authentication data with the retrieved authentication data was near the predetermined threshold and a series of new data should be sent for comparison. This last result is in response to the fact that field collection of biometric data is sometimes unstable due to operator error, un-calibrated machines, or such like.
  • the retrieved authenticating data is returned to portable terminal 100 and the match is performed by portable terminal I 00.
  • a permanent record is stored based on aforementioned third GPS data of the location, time, and results of the authentication of identity.
  • step 480 the results of authentication of identity are displayed by LED Display 150 or in another embodiment by digital Results Display 130.
  • FIG. 5 is a flowchart of an embodiment for building an existing database of identifying and authenticating data by collecting the identifying and authenticating data during a user transaction.
  • a “portable terminal” may include a personal computer (“PC”), laptop or smartphone that may have an associated fingerprint scanner accessory or capability.
  • a “terminal” may be a "portable terminal” and may also take the form of an ATM machine inside or outside a bank branch location; may be a kiosk or portable device inside a check-cashing store, automobile dealership, or gas station or other merchant; and may take the form of free-standing or hand-held devices for notarization services, certification services, courier delivery services, Escrow and title services, airline check-in services, and identification services for use by law enforcement.
  • a user may initiate an authentication session (block 500) by swiping a common identity card ("identity card”) such as a credit card, driver's license card, Medicare card, insurance card, vehicle rental card, entrance security card, automatic teller machine (ATM) card, or airport security card through an appropriate device such as the portable terminal illustrated in FIG. 1.
  • identity card such as a credit card, driver's license card, Medicare card, insurance card, vehicle rental card, entrance security card, automatic teller machine (ATM) card, or airport security card
  • Identifying data is scanned by the appropriate component of the terminal reading the identity card, such as identifying data stored on a magnetic strip of the identity card (block 502) or, in some embodiments, an embedded memory on smart card.
  • “scanning” may encompass receiving manual input of data from the user or merchant assisting the user such as through a touch-screen device or buttons on the terminal.
  • identifying data stored on the identity card would depend on the type of card being utilized by the user. For example, a credit card such as Visa ® or Mastercard® may have an associated card number, user's last name, user's first name and such other information as may be added by the issuing card organization. In another example, a Medicare card or insurance card may have the insurance group identification number, the member's first, middle and last name, Rx Group number, medical network and any additional coverage plans purchased by the user. Individually and collectively, the identity card's embedded data may comprise the identifying data.
  • Authenticating data taking the form of one or more forms of biometric data is also obtained from the user (block 504). In one embodiment, the authenticating data is fingerprint data taken from the fingerprint scanner 120 illustrated in Fig. 1.
  • the authenticating data may be a signature taken via the signature pad 130, iris data taken from the digital camera 140 or such other biometric-based information or combination of biometric-based information scanned from the user at the time of the present transaction.
  • the user is prompted to present the finger for scanning that is associated or to be associated with the identity card.
  • the user is prompted to present both the finger and initiate a photo capture on the terminal for a facial recognition routine.
  • the location information (such as GPS coordinates) and time of the transaction is taken (block 506) and stored for later retrieval or for transmission to a verification controller 320 through the communication network 310.
  • the identifying data and authenticating data may be transmitted by the transceiver 170 over the communication network 310 for receipt by the local verification controller (block 508) to authenticate the new transaction.
  • the word "local” is intended to be a location reference co-located with the verification controller and "remotely-located” is a location removed from the verification controller, such as would be found between a credit card processing facility and the user (a consumer) making a purchase with a merchant, respectively.
  • a piece of identifying information such as a last name or identity card account number, may be used as a key to query an existing database 330 to look for a pre-existing identity card record (block 510).
  • the data packet providing the identifying data and authenticating data may be examined to determine if the data is damaged or incomplete (test 512). If an error is found, a "caution" and/or resend request is returned to the portable terminal (block 514, 516). If the data is found to be intact or without error, the query continues to look for an existing record (block 517). [041] In the case where no pre-existing record for the identity card is found from use of the identifying record (block 517), a new identity card record may be established in the existing database (block 518) and the identifying information associated and stored with the authenticating information (such as the user's fingerprint, signature, or iris data, as such is available) (block 520).
  • a "caution” indication may be sent to the portable terminal (block 522) to let the user and/or merchant know that the transaction could not be authenticated or confirmed.
  • the "caution” indication is provided by way of a yellow light or other indication on the portable terminal.
  • the "caution” indication is an audible tone or vibration or may consist of other colors or series of colors.
  • the pre-existing authenticating information i.e. pre-existing biometric data
  • the received authenticating data block 523
  • a "verified" indication is provided if the data matches (blocks 523, 524).
  • an additional query may be presented to the user for answering prior to the verification controller presenting a "verified" indication, such as a request for the user to select the correct personal identifying information from a list of presented choices.
  • the authenticating information may be compared to other biometric records in the preexisting database to search for a positive match with another user of record (block 526).
  • the result may be sent to a call center that has an interest in the fraud (block 528), such as a local police station, security station or credit card fraud detection unit, the transaction may be terminated (if allowed rules established by the identity card issuing organization) (block 530) and a "failure" or "probable fraud” indication returned to the portable terminal (block 532).
  • a "no-match” count may be incremented (block 536) and a "failure” or “no match” indication provided to the portable terminal (block 538) for display of a suitable visual, oral or tactile indication to the user and merchant, such as a red light indication.
  • a no- match count exceeds a certain number Y (block 540)
  • the transaction may be referred to a call center (block 542) that would have an interest in the fraud, such as a local police station, security station or credit card fraud detection unit.
  • a "caution" indication is sent from the verification controller to the portable terminal to display a yellow light to the user and/or merchant attempting to complete the transaction.
  • FIG. 6 illustrates one embodiment of a process for building on an existing database of identifying data by collecting the identifying data and confirming prior authenticating uses without the benefit of retrieved authenticating data, such as fingerprint data.
  • a user initiates an authentication session (block 600) such as by initiating a sale with an on-line vendor, or swiping an identity card through a terminal (portable or not) (block 600). Identifying data for an identity card such as a credit card is input from the user, such as through a keyboard or other input screen (block 602).
  • the content of the identifying data entered by the user would depend on the type of card being utilized by the user. For example, for a credit card may have an associated card number, user's last name, user's first name and such other information as may be requested by the on-line vendor or other third party.
  • the identifying data is transmitted to the verification controller (block 604) where a portion or complete set of the identifying data may be used as a key to look for an existing record for the identity card (test 606). If a record doesn't exist, a new record for the presumably new identity card is established in the existing database (block 608) and the identifying information is associated with new database record (block 610).
  • test 606 the authentication process continues to confirm the provided identifying information matches the pre-existing identity card record (block 612). If the test results in confirmation of the match, the user may be asked to indicate the last use or several last uses of the verification process (block 614). For example, the user may be asked to select the correct answer from a list of several dated previous transactions. If the user verifies the last use (or last uses) of the verification process (test 616), the verification server may send an indication to the terminal that the transaction has been authenticated (block 618) and the terminal may display a suitable message (block 620) such as displaying a green indicator, providing "transaction authenticated" or by providing a similar indication.
  • a suitable message block 620
  • authentication is only capable of being provided to a transaction after a pre-determined number (X) of matching sessions (block 620), such as two or more matching sessions, permanently associates the identity card record to the identifying information (block 622). So, for every matching session, a session increment is made (block 626) to determine the appropriate timing to allow permanent association of the identifying information to the identity card.
  • X pre-determined number
  • a session increment is made (block 626) to determine the appropriate timing to allow permanent association of the identifying information to the identity card.
  • the notice of the presumably fraudulent transaction may be routed to a call center that would have an interest in the fraud (block 632), such as a credit card fraud detection unit, the transaction may be terminated (if allowed by the rules of the issuing card organization) (block 634) and an indication provided to the terminal that the transaction could not be authenticated, such as by displaying a red indicator to the user (block 636)
  • Fig. 7 illustrates one embodiment of a method for using an existing database to match identifying and authenticating data received from a plurality of identity cards issued by a plurality of issuing card organizations to confirm the identity of a single user in a single database.
  • Identifying information for a first common identity card is received for a first user, such as the account number of a common identity card and the card user's last name and first name, along with authenticating information such as fingerprint data or signature data (block 700).
  • a subset of the identifying information, such as the user's last name is used as a key to find an existing record for the first common identity card and the record's pre-existing authenticating information is compared to the received authenticating information in an attempt to confirm the identity of the user (block 702).
  • the remainder of the identifying information received is compared to the remainder of the preexisting identifying information to provide additional robustness to the comparison (block 702). If the comparison indicates no match (test 704), the negative match result may be sent to the sending device (block 706). Otherwise, the positive match result is sent to the data-sending device (block 708).
  • a second transaction using a second common identity card offered by a second card-issuing organization may result in same identifying information (or an overlapping subset of the same identifying information) being received, such as in a verification controller 320 (block 710).
  • a subset of the identifying information such as the user's last name, is used as a key to find an existing record for the second common identity card and the record's pre-existing authenticating information is compared to the received authenticating information in an attempt to confirm the identity of the user for this second transaction (block 710).
  • the remainder of the identifying information received is compared to the remainder of the pre-existing identifying information to provide additional robustness to the comparison (not shown). If the comparison indicates no match (test 712), the negative match result may be sent to the sending device (block 714). Otherwise, the positive match result is sent to the data-sending device (block 716).
  • Fig. 8 illustrates one embodiment of a method of using an existing database to match identifying data received from a plurality of identity cards issued by a plurality of issuing card organizations, but without the benefit of retrieved fingerprint or other authenticating data.
  • Identifying information for a first common identity card is received for a first user, such as the account number of a common identity card and the card user's last name and first name (block 800).
  • fingerprint or other biometric information is not available for authentication of the user and transaction. So, in one embodiment, the user is queried with a possible selection of recent (or last) transactions that have been previously verified using the authentication process described in any of Figs. 5-7, above (block 802).
  • a subset of the identifying information may be used as a key to find an existing record for the first common identity card and the record's indication of previous activity is compared to the user's previous activity selection (block 804) in an attempt to confirm the identity of the user. If the match is positive (test 806), then the result is sent to the user's terminal (i.e. the sending device) (block 808) to enable the terminal to indicate the transaction was authenticated. Otherwise, a negative result is returned to the sending device (block 810) and the sending device may indicate the transaction could not be authenticated. In one embodiment, the negative result may also be returned to the identity card organization to allow the organization to terminate the transaction (not shown). Or, the identity card organization may provide pre-approval for the transaction to be terminate in response to the negative result (not shown).
  • a second transaction using a second common identity card offered by a second card-issuing organization may result in same identifying information (or an overlapping subset of the same identifying information) being received, such as in a verification controller 320 (block 810).
  • a subset of the identifying information such as the user's last name, is used as a key to find an existing record for the second common identity card.
  • the second transaction has the benefit of authenticating data, such as fingerprint data scanned from a finger of the user, and the record's pre-existing authenticating information is compared to the received authenticating information in an attempt to confirm the identity of the user for this second transaction (block 812). If the comparison indicates no match (test 812), the negative match result may be sent to the sending device (block 814). Otherwise, the positive match result is sent to the data-sending device (block 816).
  • each terminal or portable terminal may be "hardened” for waterproof and temperature-proof applications, may be numbered, such as with a serial number for physical and geographic tracking using the GPS capabilities discussed, above, and may include log-in and password protection schemes to prevent unauthorized use of the described inventive systems and methods.
  • the invention should not be limited by the above described embodiment, method, and examples, but by all embodiments and methods within the scope and spirit of the invention.

Abstract

A method of creating a database for identity theft protection authentication, includes receiving in a verification controller a first identifying information identifying a first identity card issued by a first card organization to authenticate a first transaction (block 502), receiving in the verification controller a first biometric data scanned from a user of the first identity card (block 504), using the first identifying information as a key (block 510) to verify a record for the first identity card does not exist in an existing database (block 517) that is in communication with the verification controller, and adding in the existing database at least one record associating the first identifying information and the first biometric data, (blocks 518, 520), the first biometric data then referred to as pre-existing first biometric data.

Description

IDENTIFICATION AND AUTHENTICATION SYSTEM AND METHOD
CROSS-REFERENCE TO RELATED APPLICATIONS
[001] This application claims the benefit of priority to U.S. Provisional Patent Application Serial No. 61/500,142 filed June 23, 2011 that is incorporated by reference for all purposes.
BACKGROUND
[002] Field of the Invention
[003] The field of the invention relates to identity theft protection using biometric information, and more particularly to a system and method of using identification and authentication inputs to verify the claimed identity of a user for business, legal, financial, law enforcement purposes that may include at least point-of-sale transactions, check cashing transactions, money transfer and exchange transactions, automotive dealership transactions, airline ticket and boarding transactions, medical services transactions and many other transactions.
[004] Description of the Related Art
[005] Banks, merchants, law enforcement officers, notaries, attorneys, and others have an ongoing need to verify the identity of a person. Recently, biometric information- that is, information associated with measuring one or more unique and unchanging biological characteristics of an individual, either physical or behavioral - has been used to attempt to identify an individual with more assurance.
[006] However, such identification systems that use biometric data to identify an individual are primarily useful at small scales. When biometric identification systems are scaled to a very large scale such as many millions of records, they are hampered by the inability to rapidly search through such a large volume of records for a match. Since such searches often require rapid matching, large-scale searches become impractical and automated identification systems become quickly overwhelmed when attempting to use them with massive database [006] In addition, biometric data, when input from units on the field, is often imprecise. As a result of imprecise biometric input data, a search through millions of records of stored biometric information may result in thousands of false positive matches. Thus, even if the automated identification systems ultimately rely on human intervention for final determination, the human operator may be presented with thousands of potential matches to evaluate. These factors make it difficult to use massive- databases, such as the DMV driver databases of large states, in a biometric identity matching system.
[007] A further problem with biometric data is the immense effort and time needed to collect uniform, high-quality biometric data for all or almost all members of a population.
[008] For all these reasons and more, biometric data has been currently used as authenticating data for verifying identity with relatively small populations of people, such as for example the employees of a business, or the members of a club.
[009] Yet, identity theft and identity fraud are large and growing problems in today's complex society. According to some reports, over $1 trillion dollars are year are lost by businesses and consumers due to identity theft, with 60% of that amount being lost in the United States, alone. In attempting to verify identity, banks, retailers, and others currently rely on either a pin number, which can be discovered, guessed, stolen, or forgotten, and/or on a human visual match by an employee. In this case, the employee attempts to visually match a picture on, for example, a driver's license or other identification card with the actual person presenting the card. However, old pictures, changing hairstyle or dress, fraudulently changed pictures, and unobservant, untrained, tired, or uncaring employees are some of the reasons why fraudulent use of driver's licenses or other identification often goes unnoticed.
[010] It would be desirable to have a system that can authenticate the vast majority of the entire population of a state or country in a calibrated, high-quality, uniform way, while avoiding the aforementioned problems of long search times, many false positive matches, and the inaccuracies of human intervention.
SUMMARY OF THE INVENTION
[011] A method of creating a database for identity theft protection authentication, includes receiving in a verification controller a first identifying information identifying a first identity card issued by a first card organization to authenticate a first transaction, receiving in the verification controller a first biometric data scanned from a user of the first identity card, using the first identifying information as a key to verify a record for the first identity card does not exist in an existing database that is in communication with the verification controller, and adding in the existing database at least one record associating the first identifying information and the first biometric data, said first biometric data then referred to as pre-existing first biometric data. The method may further include receiving in the verification controller the first identifying information received from the first identity card to authenticate a second transaction, receiving in the server second biometric data scanned from the user of the first identity card in support of the second transaction, and using the first identifying information as a key to find and compare the pre-existing biometric data to the second biometric data to authenticate the identity of the user for the second transaction. In such embodiments, the method may include sending a result of the comparison to a display on a terminal and may include sending global positioning system (GPS) location information for the first transaction to the verification controller and storing the GPS location information in the existing database.
[012] In one embodiment, the method may include scanning an identity card to obtain the first identifying information and sending the first identifying information to the verification controller using a transceiver. Or, the method may include sending a caution indication for receipt by a transaction display in response to said verifying step indicating a record for the first identity card does not exist in the existing database. In certain embodiments, the method include determining if data damaged and sending indication of damaged data to an identity card scanner or sending a result of the comparing to a call center. In such an embodiment, the sending step may also include sending the result of the comparing to a call center in response to the second biometric data matching biometric data of a second user.
[013] In one embodiment, the first biometric data is biometric data selected from the group consisting of fingerprint data, user signature data and user retinal data.
[014] In another embodiment, the first identity card is a card selected from the group consisting of a credit card, driver's license card, Medicare card, insurance card, vehicle rental card, entrance security card and an airport security card.
[015] Another method of creating a database for identity theft protection authentication includes receiving a first identifying information that identifies a first identity card issued by a first card organization to authenticate a first transaction, receiving a first biometric data scanned from a user of the first identity card, means for verifying a record for the first identity card does not exist in an existing database, and means for adding in the existing database at least one record associating the first identifying information and the first biometric data, said first biometric data then referred to as pre-existing first biometric data. The method may also include receiving the first identifying information received from the first identity card to authenticate a second transaction, receiving second biometric data scanned from the user of the first identity card in support of the second transaction, and means for finding and comparing the pre-existing biometric data to the second biometric data to authenticate the identity of the user for the second transaction.
[016] A method of confirming the identity of a user of a plurality of identity cards includes receiving in a local verification controller a first identifying information retrieved from a remotely-located first identity card issued by a first card organization in support of a first transaction, receiving in the local verification controller a first biometric data scanned from a remotely-located user in support of the first transaction, creating at least one record associating the first identifying information to the first biometric data in a database in response to confirmation the at least one record does not yet exist, said first biometric data then referred to as pre-existing first biometric data, and receiving in the local verification controller a second identifying information retrieved from a remotely-located second identity card issued by a second card organization in support of a second transaction, receiving in the local verification controller second biometric data scanned from the remotely-located user in support of the second transaction, using the first and second identifying information as respective keys to locate the first and second pre-existing biometric data in an existing database, respectively, and comparing the first and second pre-existing biometric data to the first and second biometric data scanned from the user to provide first and second identity indications, wherein the identity of a single user is identified using biometric data during first and second transactions using identity cards offered by different card organizations, the first and second identifying information used as first and second keys, respectively, to search the existing database. In such embodiments, the method may also include receiving in the local verification controller location data for the remotely-located user and time of the first transaction. The method may also include sending a result of the comparing to a call center in response to the comparing indicating the second pre-existing biometric data matches a second user, and may include scanning a user's fingerprint to obtain the first biometric data from the remotely-located user.
[017] A method is of completing an existing database of authenticating data to reduce identity fraud, includes receiving in a verification controller identifying data that identifies a user, the identifying data manually input from a remotely-located terminal, receiving in the verification controller fingerprint data of the user from the remote terminal, and storing in a database the identifying data, the identifying data logically associated with the fingerprint data, the identifying data used as a key to locate the fingerprint data. In such a method, it may also include retrieving from a first identity card the identifying data, scanning authenticating data from the user of the first identity card, and sending the authenticating data and identifying data to the verification controller. In one embodiment, the method may also include manually inputting the identifying data into the remotely located terminal, scanning a fingerprint of the user using the remotely located terminal; and sending the identifying data and a fingerprint data generated form the scanning to the verification controller to confirm a match between the identifying data and a fingerprint data. In such embodiments, the method may include receiving in the remotely-located terminal a matching indication, the matching indication selected from the group consisting of verified indication, caution indication and failure indication. The terminal may be a portable terminal.
BRIEF DESCRIPTION OF THE DRAWINGS
[018] The above and other aspects, features, and advantages of the present disclosure will become more apparent in light of the following detailed description when taken in conjunction with the accompanying drawings, in which:
[019] Fig. 1 is a perspective view illustrating one embodiment of a portable terminal for retrieving and transmitting identifying and authenticating data to a verification controller and for displaying match results to a user; and
[020] Fig. 2 is a block diagram illustrating one embodiment of functional components used in the portable terminal first illustrated in FIG. 1; and
[021] Fig. 3 is a diagram illustrating a system by which a verification controller communicates with an existing database to match identifying and authenticating data received from multiple portable terminals; [022] Fig. 4 is a flowchart of one embodiment of a method for authenticating a user's identity using existing databases and multiple identifying inputs;
[023] Fig. 5 is a flowchart of an embodiment for building an existing database of identifying and authenticating data by collecting the identifying and authenticating data during a user transaction;
[024] Fig. 6 is a flowchart of an embodiment for building an existing database of identifying data by collecting the identifying data and confirming prior authenticating uses without the benefit of retrieved authenticating data;
[025] Fig. 7 is a flowchart of an embodiment for using an existing database to match identifying and authenticating data received from a plurality of identity cards issued by a plurality of issuing card organizations to confirm the identity of a single user;
[026] Fig. 8 is a flowchart of an embodiment for using an existing database to match identifying data received from a plurality of identity cards issued by a plurality of issuing card organizations without the benefit of retrieved authenticating data.
DETAILED DESCRIPTION OF THE INVENTION
[027] A system and method is disclosed for creating and using a database to authenticate a transaction involving a common identity card such as a credit card, drivers license card, Medicare card, insurance card, vehicle rental card, entrance security card or airport security card, in a quickly and efficient manner. In one embodiment to be further described below, the method includes receiving in a verification controller first identifying information that identifies a first identity card issued by a first card organization for authentication of a first transaction. The first identifying information might be a credit card number, last name, first name or other identifying information. During the same transaction, first biometric data such as a fingerprint, signature or iris may be scanned from a user of the first identity card and provided to the verification controller. The first identifying information may then be used as a key to quickly and efficiently verify that a record for the first identity card does or does not exist in the existing database. If a record does not yet exist, at least one record is then added to the existing database that associates the first identifying information and the first biometric data, the first biometric data then referred to as pre-existing first biometric data, for the biometric data to be easily and quickly accessible in future transactions to confirm the identity of a user for that card. [028] Fig. 1 is a perspective view of one embodiment of a small, mobile, portable terminal 100 for retrieving and transmitting identifying and authenticating data and for displaying match results to a user. A magnetic strip reader 110 or such like, such as a barcode reader or radio frequency detector/reader or other present or future data reader, may be used to input and store all or some of the identifying information included in a card or other identification device held by the user and commonly in use, such as a state Driver's License or Identification Card. A fingerprint scanner 120 may be used to input a scan of at least one of the user's fingerprints for temporary storage in the portable terminal 100. Other biometric input devices, such as a digital display and signature pad 130, digital camera 140, iris scanner (not shown) and such may optionally be included in the portable terminal to temporarily store other biometric information. LED display 150 is used to display the results of an identity search, with programmable colors and blinking patterns indicating the success, failure, or intermediate results of an identity verification search. In another embodiment, the results of an identity search may be displayed in another manner such as using digital display 130 as a Results Display 130 in order to give more information. Global positioning system (GPS) Unit 160 may optionally be used to provide the location and time where and when the identity search is being conducted. Finally, Transmit/Receive Unit 170 including universal serial bus (USB) port 180 or similar expansion port may be used to transmit through conventional wireless or wired means temporarily stored identification, authentication, and optional GPS data to a controller for identity confirmation.
[029] Referring now to Figs. 1 and 2, exemplary elements of portable terminal 100 are provided. Processor 210, preferably controlled by firmware stored and read out of Read-Only Memory ROM 220, coordinates the input, storage, communication, and display of data by the other elements of the portable terminal I 00. Data is transmitted among all elements on conventional bus 230, and data that is to be temporarily stored is stored in Random-Access Memory RAM storage 240. Magnetic strip or similar reader 110 reads data from a commonly held card or other device such as a Driver's License held by the user, and temporarily stores that data in RAM 240. Fingerprint scanner 120 scans a fingerprint of a user and stores the resulting scan in a non- overlapping section of RAM 240. Digital display and signature pad 130 provides a bidirectional bitmapped area within which a user may sign their signature and within which data from digital camera 140 or verification results may be displayed. Results from use of digital signature pad 130 are stored in a non-overlapping section of RAM 240. GPS Unit 160 provides current GPS data and time when the portable terminal 100 is used, and temporarily stores the data in a non-overlapping section of RAM 240. When all data has been input and checked for validity by processor 210, Transmit/Receive Unit 170 is activated by processor 210 to transmit all the data types in a programmed, pre-determined set of packets using at least one wireless or wired communication channel to a remote Verification Controller (shown in Fig. 3) for further processing. In addition, Transmit/Receive Unit 170 receives from the aforementioned remote Verification Controller the results of verification, and processor 210 causes the results to be stored in temporary storage RAM 240 and initiates the appropriate color and blinking display on LED Display 150.
[030] Fig. 3 illustrates a system by which a verification controller communicates with an existing database to match identifying and authenticating data received from multiple portable terminals. A plurality of portable terminals 100 may be in communication, through existing or future wireless or wired communications networks 310, with Verification Controller 320. Verification Controller 320 contains processes, implemented in hardware, software, firmware, or a combination thereof, which together perform the functions of receiving, searching, comparing and verifying identity. Verification Controller 320 is connected, through communications networks 310, with at least one Existing Database Server 330, which comprises existing or future ubiquitous database records containing pre-stored identifying and authenticating information, such as the DMV database of a state or of multiple states. These ubiquitous Existing Database Servers 330 are or may be organized so that all or part of the pre-stored identification data such as driver's license number is used as a unique database key and the pre-stored biometric authentication data associated with that key, such as a fingerprint scan or digital signature, comprises a part of the database record attached to that key. This organization of data allows that even a massive database such as a large state or multi-state DMV system containing hundreds of millions of records need not be fully searched for matching biometric data. Instead, identification data such as driver's license number may be formed into a database key with which a single record out of millions may be rapidly retrieved. That retrieved record will contain the pre-stored biometric authentication data, such as a fingerprint or digital signature, that was recorded when the driver's license was applied for. [031] Referring now to Figs. 1, 3, and 4, a flowchart of the method of the present invention is provided by which the identity of a user may be authenticated. In step 410, first data comprising unique and unambiguous identifying data associated with a ubiquitous Existing Database Server 330, such as a DMV database, is collected by portable terminal 100 using a means such as by example sliding the magnetic strip of a state Driver's License through magnetic strip reader 110. Alternate data readers, such as barcode, other machine readable codes, radio frequency reader, or other technique that exists now or in the future are also applicable.
[032] In step 420, second data comprising biometric authentication input for the same user is scanned and stored through the use of one or more biometric scanners such as a fingerprint scanner 120, digital signature pad 130, digital camera 140, and such like. The preferable biometric input units used are chosen from among those whose type of data is already included within the aforementioned ubiquitous Existing Database 330, such as the fingerprint scans, digital signatures, and/or digital images currently included in many state DMV driver's license databases.
[033] In step 430, third data comprising GPS and time information from GPS Unit 160 giving the location of the portable terminal and the time of identification is optionally created and stored.
[034] In step 440, said first identifying, second authenticating, and optional third GPS data is sent by Transmit/Receive Unit 170 of portable terminal 100 to Verification Controller 320, which is connected to at least one of the aforementioned ubiquitous Existing Database Servers 330 which contain secure, pre-stored identification and authentication information organized for rapid retrieval as aforementioned.
[035] In step 450, said first identifying data is configured into a key to search the aforementioned Existing Database Server 330, and pre-stored authentication data is retrieved from the record associated with that key.
[036] In step 460, a match is performed between the retrieved authenticating data of step 450 and the sent authenticating data of step 440, and the results are communicated to portable terminal I 00. The results of a match can be at least one of: 1) the two authenticating data sets matched above an established threshold of probability, 2) the two data did not match, 3) no record of the identification input data was found, 4) the data was damaged and should be resent, or 5) the match of the sent authentication data with the retrieved authentication data was near the predetermined threshold and a series of new data should be sent for comparison. This last result is in response to the fact that field collection of biometric data is sometimes unstable due to operator error, un-calibrated machines, or such like. In another embodiment, the retrieved authenticating data is returned to portable terminal 100 and the match is performed by portable terminal I 00.
[037] In another embodiment, in step 470, a permanent record is stored based on aforementioned third GPS data of the location, time, and results of the authentication of identity.
[038] In step 480, the results of authentication of identity are displayed by LED Display 150 or in another embodiment by digital Results Display 130.
[039] Fig. 5 is a flowchart of an embodiment for building an existing database of identifying and authenticating data by collecting the identifying and authenticating data during a user transaction. Although the following description is made in terms of a "portable terminal," it is understood that a "portable terminal" may include a personal computer ("PC"), laptop or smartphone that may have an associated fingerprint scanner accessory or capability. Also, a "terminal" may be a "portable terminal" and may also take the form of an ATM machine inside or outside a bank branch location; may be a kiosk or portable device inside a check-cashing store, automobile dealership, or gas station or other merchant; and may take the form of free-standing or hand-held devices for notarization services, certification services, courier delivery services, Escrow and title services, airline check-in services, and identification services for use by law enforcement. A user may initiate an authentication session (block 500) by swiping a common identity card ("identity card") such as a credit card, driver's license card, Medicare card, insurance card, vehicle rental card, entrance security card, automatic teller machine (ATM) card, or airport security card through an appropriate device such as the portable terminal illustrated in FIG. 1. Identifying data is scanned by the appropriate component of the terminal reading the identity card, such as identifying data stored on a magnetic strip of the identity card (block 502) or, in some embodiments, an embedded memory on smart card. In an alternative embodiment, "scanning" may encompass receiving manual input of data from the user or merchant assisting the user such as through a touch-screen device or buttons on the terminal. The nature of the identifying data stored on the identity card would depend on the type of card being utilized by the user. For example, a credit card such as Visa ® or Mastercard® may have an associated card number, user's last name, user's first name and such other information as may be added by the issuing card organization. In another example, a Medicare card or insurance card may have the insurance group identification number, the member's first, middle and last name, Rx Group number, medical network and any additional coverage plans purchased by the user. Individually and collectively, the identity card's embedded data may comprise the identifying data. Authenticating data taking the form of one or more forms of biometric data is also obtained from the user (block 504). In one embodiment, the authenticating data is fingerprint data taken from the fingerprint scanner 120 illustrated in Fig. 1. Or, the authenticating data may be a signature taken via the signature pad 130, iris data taken from the digital camera 140 or such other biometric-based information or combination of biometric-based information scanned from the user at the time of the present transaction. For example, the user is prompted to present the finger for scanning that is associated or to be associated with the identity card. In another embodiment the user is prompted to present both the finger and initiate a photo capture on the terminal for a facial recognition routine. Also, in another embodiment, the location information (such as GPS coordinates) and time of the transaction is taken (block 506) and stored for later retrieval or for transmission to a verification controller 320 through the communication network 310.
[040] The identifying data and authenticating data (alternatively referred to as ID data and bio data, respectively) may be transmitted by the transceiver 170 over the communication network 310 for receipt by the local verification controller (block 508) to authenticate the new transaction. For purposes of this disclosure, the word "local" is intended to be a location reference co-located with the verification controller and "remotely-located" is a location removed from the verification controller, such as would be found between a credit card processing facility and the user (a consumer) making a purchase with a merchant, respectively. A piece of identifying information, such as a last name or identity card account number, may be used as a key to query an existing database 330 to look for a pre-existing identity card record (block 510). The data packet providing the identifying data and authenticating data may be examined to determine if the data is damaged or incomplete (test 512). If an error is found, a "caution" and/or resend request is returned to the portable terminal (block 514, 516). If the data is found to be intact or without error, the query continues to look for an existing record (block 517). [041] In the case where no pre-existing record for the identity card is found from use of the identifying record (block 517), a new identity card record may be established in the existing database (block 518) and the identifying information associated and stored with the authenticating information (such as the user's fingerprint, signature, or iris data, as such is available) (block 520). A "caution" indication may be sent to the portable terminal (block 522) to let the user and/or merchant know that the transaction could not be authenticated or confirmed. In one embodiment, the "caution" indication is provided by way of a yellow light or other indication on the portable terminal. In an alternative embodiment, the "caution" indication is an audible tone or vibration or may consist of other colors or series of colors.
[042] In the case where a pre-existing record does exist for the identity card in the pre-existing database (block 516), the pre-existing authenticating information (i.e. pre-existing biometric data) is compared to the received authenticating data (block 523) to authenticate the identity of the user and a "verified" indication is provided if the data matches (blocks 523, 524). In an alternative embodiment, an additional query may be presented to the user for answering prior to the verification controller presenting a "verified" indication, such as a request for the user to select the correct personal identifying information from a list of presented choices. In one embodiment, the authenticating information may be compared to other biometric records in the preexisting database to search for a positive match with another user of record (block 526). In such an embodiment, if a positive match is found for another user of record, the result may be sent to a call center that has an interest in the fraud (block 528), such as a local police station, security station or credit card fraud detection unit, the transaction may be terminated (if allowed rules established by the identity card issuing organization) (block 530) and a "failure" or "probable fraud" indication returned to the portable terminal (block 532). If the received authenticating information simply does not match the pre-existing authenticating information associated with the identifying information (test 534), a "no-match" count may be incremented (block 536) and a "failure" or "no match" indication provided to the portable terminal (block 538) for display of a suitable visual, oral or tactile indication to the user and merchant, such as a red light indication. In one embodiment, if a no- match count exceeds a certain number Y (block 540), the transaction may be referred to a call center (block 542) that would have an interest in the fraud, such as a local police station, security station or credit card fraud detection unit. [043] Due to inaccuracies in the scanning process which created the authenticating information, however, such as a flawed or incomplete scan of a fingerprint, signature or iris, the match may statistically indicate a close, but not exact, match to the preexisting authenticating information (test 534) first found, above. In response, in one embodiment, a "caution" indication is sent from the verification controller to the portable terminal to display a yellow light to the user and/or merchant attempting to complete the transaction.
[044] Unfortunately, biometric scanners are not always available at a point-of-sale to authenticate a transaction. Photo matching feature added as backup to fingerprint. Fig. 6 illustrates one embodiment of a process for building on an existing database of identifying data by collecting the identifying data and confirming prior authenticating uses without the benefit of retrieved authenticating data, such as fingerprint data. A user initiates an authentication session (block 600) such as by initiating a sale with an on-line vendor, or swiping an identity card through a terminal (portable or not) (block 600). Identifying data for an identity card such as a credit card is input from the user, such as through a keyboard or other input screen (block 602). The content of the identifying data entered by the user would depend on the type of card being utilized by the user. For example, for a credit card may have an associated card number, user's last name, user's first name and such other information as may be requested by the on-line vendor or other third party. The identifying data is transmitted to the verification controller (block 604) where a portion or complete set of the identifying data may be used as a key to look for an existing record for the identity card (test 606). If a record doesn't exist, a new record for the presumably new identity card is established in the existing database (block 608) and the identifying information is associated with new database record (block 610). However, if a query based on the identifying data results in a match with an existing record (test 606), the authentication process continues to confirm the provided identifying information matches the pre-existing identity card record (block 612). If the test results in confirmation of the match, the user may be asked to indicate the last use or several last uses of the verification process (block 614). For example, the user may be asked to select the correct answer from a list of several dated previous transactions. If the user verifies the last use (or last uses) of the verification process (test 616), the verification server may send an indication to the terminal that the transaction has been authenticated (block 618) and the terminal may display a suitable message (block 620) such as displaying a green indicator, providing "transaction authenticated" or by providing a similar indication.
[045] In one embodiment illustrated in Fig. 6, authentication is only capable of being provided to a transaction after a pre-determined number (X) of matching sessions (block 620), such as two or more matching sessions, permanently associates the identity card record to the identifying information (block 622). So, for every matching session, a session increment is made (block 626) to determine the appropriate timing to allow permanent association of the identifying information to the identity card. Similarly, in some embodiments, after a certain pre-determined number of "no-match" sessions (block 628, test 630), the notice of the presumably fraudulent transaction may be routed to a call center that would have an interest in the fraud (block 632), such as a credit card fraud detection unit, the transaction may be terminated (if allowed by the rules of the issuing card organization) (block 634) and an indication provided to the terminal that the transaction could not be authenticated, such as by displaying a red indicator to the user (block 636)
[046] Fig. 7 illustrates one embodiment of a method for using an existing database to match identifying and authenticating data received from a plurality of identity cards issued by a plurality of issuing card organizations to confirm the identity of a single user in a single database. Identifying information for a first common identity card is received for a first user, such as the account number of a common identity card and the card user's last name and first name, along with authenticating information such as fingerprint data or signature data (block 700). A subset of the identifying information, such as the user's last name, is used as a key to find an existing record for the first common identity card and the record's pre-existing authenticating information is compared to the received authenticating information in an attempt to confirm the identity of the user (block 702). In certain embodiments, the remainder of the identifying information received is compared to the remainder of the preexisting identifying information to provide additional robustness to the comparison (block 702). If the comparison indicates no match (test 704), the negative match result may be sent to the sending device (block 706). Otherwise, the positive match result is sent to the data-sending device (block 708). A second transaction using a second common identity card offered by a second card-issuing organization may result in same identifying information (or an overlapping subset of the same identifying information) being received, such as in a verification controller 320 (block 710). As for the first transaction, a subset of the identifying information, such as the user's last name, is used as a key to find an existing record for the second common identity card and the record's pre-existing authenticating information is compared to the received authenticating information in an attempt to confirm the identity of the user for this second transaction (block 710). In one embodiment, the remainder of the identifying information received is compared to the remainder of the pre-existing identifying information to provide additional robustness to the comparison (not shown). If the comparison indicates no match (test 712), the negative match result may be sent to the sending device (block 714). Otherwise, the positive match result is sent to the data-sending device (block 716).
[047] Fig. 8 illustrates one embodiment of a method of using an existing database to match identifying data received from a plurality of identity cards issued by a plurality of issuing card organizations, but without the benefit of retrieved fingerprint or other authenticating data. Identifying information for a first common identity card is received for a first user, such as the account number of a common identity card and the card user's last name and first name (block 800). In this embodiment, fingerprint or other biometric information is not available for authentication of the user and transaction. So, in one embodiment, the user is queried with a possible selection of recent (or last) transactions that have been previously verified using the authentication process described in any of Figs. 5-7, above (block 802). A subset of the identifying information may be used as a key to find an existing record for the first common identity card and the record's indication of previous activity is compared to the user's previous activity selection (block 804) in an attempt to confirm the identity of the user. If the match is positive (test 806), then the result is sent to the user's terminal (i.e. the sending device) (block 808) to enable the terminal to indicate the transaction was authenticated. Otherwise, a negative result is returned to the sending device (block 810) and the sending device may indicate the transaction could not be authenticated. In one embodiment, the negative result may also be returned to the identity card organization to allow the organization to terminate the transaction (not shown). Or, the identity card organization may provide pre-approval for the transaction to be terminate in response to the negative result (not shown).
[048] A second transaction using a second common identity card offered by a second card-issuing organization may result in same identifying information (or an overlapping subset of the same identifying information) being received, such as in a verification controller 320 (block 810). As for the first transaction, a subset of the identifying information, such as the user's last name, is used as a key to find an existing record for the second common identity card. However, in the embodiment illustrated in Fig. 8, the second transaction has the benefit of authenticating data, such as fingerprint data scanned from a finger of the user, and the record's pre-existing authenticating information is compared to the received authenticating information in an attempt to confirm the identity of the user for this second transaction (block 812). If the comparison indicates no match (test 812), the negative match result may be sent to the sending device (block 814). Otherwise, the positive match result is sent to the data-sending device (block 816).
[049] Although the foregoing systems and methods provide the FASTEST biometric fingerprint identification solution in the world for large-scale searches, those of ordinary skill will understand and appreciate the existence of variations, combinations, and equivalents of the specific embodiment, method, and examples herein. For example, the each terminal or portable terminal may be "hardened" for waterproof and temperature-proof applications, may be numbered, such as with a serial number for physical and geographic tracking using the GPS capabilities discussed, above, and may include log-in and password protection schemes to prevent unauthorized use of the described inventive systems and methods. The invention should not be limited by the above described embodiment, method, and examples, but by all embodiments and methods within the scope and spirit of the invention.

Claims

CLAIMS What is claimed is:
1. A method of creating a database for identity theft protection authentication, comprising:
receiving in a verification controller a first identifying information identifying a first identity card issued by a first card organization to authenticate a first transaction;
receiving in the verification controller a first biometric data scanned from a user of the first identity card;
using the first identifying information as a key to verify a record for the first identity card does not exist in an existing database that is in communication with the verification controller; and
adding in the existing database at least one record associating the first identifying information and the first biometric data, said first biometric data then referred to as pre-existing first biometric data.
2. The method according to claim 1, further comprising:
receiving in the verification controller the first identifying information received from the first identity card to authenticate a second transaction;
receiving in the server second biometric data scanned from the user of the first identity card in support of the second transaction; and
using the first identifying information as a key to find and compare the preexisting biometric data to the second biometric data to authenticate the identity of the user for the second transaction.
3. The method according to claim 2, further comprising:
sending a result of the comparison to a display on a terminal;
4. The method according to claim 2, further comprising:
sending global positioning system (GPS) location information for the first transaction to the verification controller.
5. The method according to claim 4, further comprising:
storing the GPS location information in the existing database.
6. The method according to claim 1, further comprising:
scanning an identity card to obtain the first identifying information; and sending the first identifying information to the verification controller using a transceiver.
7. The method according to claim 1, further comprising:
sending a caution indication for receipt by a transaction display in response to said verifying step indicating a record for the first identity card does not exist in the existing database.
8. The method according to claim 1, further comprising:
determining if data damaged; and
sending indication of damaged data to an identity card scanner.
9. The method according to claim 1, further comprising:
sending a result of the comparing to a call center.
10. The method according to claim 6, wherein said sending further comprises sending the result of the comparing to a call center in response to the second biometric data matching biometric data of a second user.
11. The method according to claim 1 , wherein the first biometric data is biometric data selected from the group consisting of fingerprint data, user signature data and user retinal data.
12. The method according to claim 1, wherein said first biometric data is fingerprint data.
13. The method according to claim 1, wherein said first identity card is a card selected from the group consisting of a credit card, drivers license card, Medicare card, insurance card, vehicle rental card, entrance security card and an airport security card.
14. A method of creating a database for identity theft protection authentication, comprising:
receiving a first identifying information that identifies a first identity card issued by a first card organization to authenticate a first transaction;
receiving a first biometric data scanned from a user of the first identity card; means for verifying a record for the first identity card does not exist in an existing database; and
means for adding in the existing database at least one record associating the first identifying information and the first biometric data, said first biometric data then referred to as pre-existing first biometric data.
15. The method according to claim 14, further comprising:
receiving the first identifying information received from the first identity card to authenticate a second transaction;
receiving second biometric data scanned from the user of the first identity card in support of the second transaction;
means for finding and comparing the pre-existing biometric data to the second biometric data to authenticate the identity of the user for the second transaction.
16. A method of confirming the identity of a user of a plurality of identity cards, comprising:
receiving in a local verification controller a first identifying information retrieved from a remotely-located first identity card issued by a first card organization in support of a first transaction;
receiving in the local verification controller a first biometric data scanned from a remotely-located user in support of the first transaction;
creating at least one record associating the first identifying information to the first biometric data in a database in response to confirmation the at least one record does not yet exist, said first biometric data then referred to as pre-existing first biometric data; receiving in the local verification controller a second identifying information retrieved from a remotely-located second identity card issued by a second card organization in support of a second transaction;
receiving in the local verification controller second biometric data scanned from the remotely-located user in support of the second transaction;
using the first and second identifying information as respective keys to locate the first and second pre-existing biometric data in an existing database, respectively; comparing the first and second pre-existing biometric data to the first and second biometric data scanned from the user to provide first and second identity indications;
wherein the identity of a single user is identified using biometric data during first and second transactions using identity cards offered by different card organizations, the first and second identifying information used as first and second keys, respectively, to search the existing database.
17. The method according to claim 16, further comprising:
receiving in the local verification controller location data for the remotely- located user and time of the first transaction.
18. The method according to claim 16, further comprising:
sending a result of the comparing to a call center in response to the comparing indicating the second pre-existing biometric data matches a second user.
19. The method according to claim 16, further comprising:
scanning a user's fingerprint to obtain the first biometric data from the remotely-located user.
20. A method of completing an existing database of authenticating data to reduce identity fraud, comprising:
receiving in a verification controller identifying data that identifies a user, the identifying data manually input from a remotely-located terminal;
receiving in the verification controller fingerprint data of the user from the remote terminal; and storing in a database the identifying data, the identifying data logically associated with the fingerprint data, the identifying data used as a key to locate the fingerprint data.
21.
The method according to claim 20, further comprising:
retrieving from a first identity card the identifying data;
scanning authenticating data from the user of the first identity card; and sending the authenticating data and identifying data to the verification controller.
22. The method according to claim 20, further comprising:
manually inputting the identifying data into the remotely-located terminal; scanning a fingerprint of the user using the remotely-located terminal; and sending the identifying data and a fingerprint data generated form the scanning to the verification controller to confirm a match between the identifying data and a fingerprint data.
23. The method according to claim 22, further comprising:
receiving in the remotely-located terminal a matching indication, the matching indication selected from the group consisting of verified indication, caution indication and failure indication.
24. The method according to claim 22, wherein the terminal is a portable terminal.
PCT/US2012/044058 2011-06-23 2012-06-25 Identification and authentication system and method WO2012178186A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201161500142P 2011-06-23 2011-06-23
US61/500,142 2011-06-23

Publications (1)

Publication Number Publication Date
WO2012178186A1 true WO2012178186A1 (en) 2012-12-27

Family

ID=47423005

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2012/044058 WO2012178186A1 (en) 2011-06-23 2012-06-25 Identification and authentication system and method

Country Status (1)

Country Link
WO (1) WO2012178186A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9818114B2 (en) 2014-08-11 2017-11-14 Mastercard International Incorporated Systems and methods for performing payment card transactions using a wearable computing device
CN110796212A (en) * 2019-09-23 2020-02-14 中国地质大学(北京) Anti-counterfeiting system and method for identity document
CN110930564A (en) * 2019-12-06 2020-03-27 冯彬荣 Multi-channel entrance guard joint identification method and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090278660A1 (en) * 2008-05-09 2009-11-12 Beisang Arthur A Credit card protection system
US20100305989A1 (en) * 2009-05-27 2010-12-02 Ruicao Mu Method for fingerprinting and identifying internet users
US7904718B2 (en) * 2006-05-05 2011-03-08 Proxense, Llc Personal digital key differentiation for secure transactions

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7904718B2 (en) * 2006-05-05 2011-03-08 Proxense, Llc Personal digital key differentiation for secure transactions
US20090278660A1 (en) * 2008-05-09 2009-11-12 Beisang Arthur A Credit card protection system
US20100305989A1 (en) * 2009-05-27 2010-12-02 Ruicao Mu Method for fingerprinting and identifying internet users

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9818114B2 (en) 2014-08-11 2017-11-14 Mastercard International Incorporated Systems and methods for performing payment card transactions using a wearable computing device
US10242363B2 (en) 2014-08-11 2019-03-26 Mastercard International Incorporated Systems and methods for performing payment card transactions using a wearable computing device
CN110796212A (en) * 2019-09-23 2020-02-14 中国地质大学(北京) Anti-counterfeiting system and method for identity document
CN110796212B (en) * 2019-09-23 2021-04-09 中国地质大学(北京) Anti-counterfeiting system and method for identity document
CN110930564A (en) * 2019-12-06 2020-03-27 冯彬荣 Multi-channel entrance guard joint identification method and system

Similar Documents

Publication Publication Date Title
US9864992B1 (en) System and method for enrolling in a biometric system
JP7279973B2 (en) Identification method, device and server in designated point authorization
US6424249B1 (en) Positive identity verification system and method including biometric user authentication
US6070141A (en) System and method of assessing the quality of an identification transaction using an identificaion quality score
US6040783A (en) System and method for remote, wireless positive identity verification
US11068894B2 (en) Systems and methods for tokenless authentication of consumers during payment transactions
US8799088B2 (en) System and method for verifying user identity information in financial transactions
US7082415B1 (en) System and method for biometrically-initiated refund transactions
US20030177102A1 (en) System and method for biometric authorization for age verification
US20060107067A1 (en) Identification card with bio-sensor and user authentication method
US20070291995A1 (en) System, Method, and Apparatus for Preventing Identity Fraud Associated With Payment and Identity Cards
US20150046328A1 (en) Secured point of sale transaction using fingerprint recognition
US20100280955A1 (en) Systems and methods for verifying identity
JP2004030334A (en) Method, system and program for biometrics authentication service
MXPA05011481A (en) Systems and methods for verifying identities in transactions.
US9058474B2 (en) Biometric device, system, and method for individual access control
US20070198287A1 (en) Method and apparatus allowing individuals to enroll into a known group, dispense tokens, and rapidly identify group members
JP4890774B2 (en) Financial transaction system
WO2009152677A1 (en) Payment system and payment method thereof
US20230177508A1 (en) Contactless Biometric Authentication Systems and Methods Thereof
CN110659908A (en) Data transaction identity verification system
JP2001357337A (en) Method and device for transaction processing using portable terminal device and method and device for customer recognition
KR101334744B1 (en) Loaning method using kiosk system
WO2012178186A1 (en) Identification and authentication system and method
JP2006092491A (en) Personal authentication apparatus, personal authentication system, personal authentication method and personal authentication program

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12802965

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12802965

Country of ref document: EP

Kind code of ref document: A1