Biometric identity registration and authentication
US-2019036917-A1 · Jan 31, 2019 · US
Image processing apparatus, method, and system
US10965452B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10965452-B2 |
| Application number | US-201815989051-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 24, 2018 |
| Priority date | May 31, 2017 |
| Publication date | Mar 30, 2021 |
| Grant date | Mar 30, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An image processing apparatus communicates with a user's portable terminal, where the portable terminal includes an authentication module for biometric authentication. When the image processing apparatus receives verification data issued by a service providing system, the image processing apparatus uses the portable terminal's authentication module for the biometric authentication and requests a device authentication system cooperating with the service providing system to issue an authentication token.
First claim
Opening claim text (preview).
What is claimed is: 1. An image processing apparatus including a communication function that communicates with a portable terminal including an authentication module for biometric authentication and a storage region having tamper resistance, the storage region storing biological information of a user necessary for the authentication module to perform authentication processing and a secret key generated when the biological information is registered, the image processing apparatus comprising: a memory storing instructions; and a processor executing the instructions to cause the image processing apparatus to: transmit, in a case where verification data generated for using a service providing system is received via a network, the verification data to the portable terminal; receive signature data from the portable terminal in response to a success in authentication processing of the user by the authentication module included in the portable terminal, wherein the signature data is generated by the portable terminal using the secret key stored in the storage region and the verification data; transmit a request for device authentication to a device authentication system when the signature data has been received from the portable terminal based on the success in the authentication processing of the user; receive an authentication token for the image processing apparatus from the device authentication system, wherein the authentication token is issued by the device authentication system to ensure a transmission source of the verification data authenticity of the image processing apparatus; and transmit the signature data and the authentication token to the transmission source via the network, wherein the device authentication system is different from the transmission source to which the image processing apparatus has transmitted the authentication token, and wherein, in a case where, at the transmission source, the signature data is verified by a public key corresponding to the secret key, and identification information of the image processing apparatus is obtained by requesting the device authentication system to verify the authentication token, the service providing system provides a service to the image processing apparatus. 2. The image processing apparatus according to claim 1 , wherein the service providing system manages user identification information and device identification information as a service providing destination, and wherein in a case where the signature data is verified by the public key, and the identification information of the image processing apparatus is obtained from the device authentication system, the service providing system provides user identification information corresponding to a user biometrically authenticated in the portable terminal and a service managed in association with the identification information of the image processing apparatus obtained from the device authentication system to the image processing apparatus. 3. The image processing apparatus according to claim 1 , wherein the signature data is transmitted from the image processing apparatus as assertion information via the network, and wherein the authentication token is set in an expanded region of the assertion information. 4. The image processing apparatus according to claim 1 , wherein the request for device authentication is transmitted to the device authentication system in response to an instruction for device authentication from the service providing system. 5. The image processing apparatus according to claim 1 , wherein, in a case where the portable terminal is designated to perform authentication processing according to an operation by the user on the image processing apparatus, the verification data is transmitted from the image processing apparatus to the portable terminal. 6. The image processing apparatus according to claim 1 , wherein the service providing system provides data registered by the user in the service providing system as the service to the image processing apparatus, and wherein the image processing apparatus executes print processing using the provided data. 7. The image processing apparatus according to claim 1 , wherein the service providing system provides data registered by the user in the service providing system as the service to the image processing apparatus, and wherein the image processing apparatus executes forming processing of a three-dimensional shaped object using the provided data. 8. The image processing apparatus according to claim 1 , wherein the biological information is information related to one or more of a fingerprint, a vein, an iris, a voiceprint, and a face image of the user. 9. A method for an image processing apparatus including a communication function that communicates with a portable terminal including an authentication module for biometric authentication and a storage region having tamper resistance, the storage region storing biological information of a user necessary for the authentication module to perform authentication processing and a secret key generated when the biological information is registered, the method comprising: transmitting, in a case where verification data generated for using a service providing system is received via a network, the verification data to the portable terminal; receiving signature data from the portable terminal in response to a success in authentication processing of the user by the authentication module included in the portable terminal, wherein the signature data is generated by the portable terminal using the secret key stored in the storage region and the verification data; transmitting a request for device authentication to a device authentication system when the signature data has been received from the portable terminal based on the success in the authentication processing of the user; receiving an authentication token for the image processing apparatus from the device authentication system, wherein the authentication token is issued by the device authentication system to ensure a transmission source of the verification data authenticity of the image processing apparatus; and transmitting the signature data and the authentication token to the transmission source via the network, wherein the device authentication system is different from the transmission source to which the image processing apparatus has transmitted the authentication token, and wherein, in a case where, at the transmission source, the signature data is verified by a public key corresponding to the secret key, and identification information of the image processing apparatus is obtained by requesting the device authentication system to verify the authentication token, the service providing system provides a service to the image processing apparatus. 10. The method according to claim 9 , wherein the signature data is transmitted from the image processing apparatus as assertion information via the network, and wherein the authentication token is set in an expanded region of the assertion information. 11. The method according to claim 9 , wherein, in a case where the portable terminal is designated to perform authentication processing according to an operation by the user on the image processing apparatus, the verification data is transmitted from the image processing apparatus to the portable terminal. 12. A non-transitory computer readable storage medium that stores a computer program for making a computer execute a method for an image processing apparatus including a communication function which can communicate with a portable terminal comprising an authentication module for biometric authentic
Assignees
Inventors
Classifications
- G06V40/70Primary
Multimodal biometrics, e.g. combining information from different biometric modalities · CPC title
Measures to keep reference information secret, e.g. cancellable biometrics · CPC title
Matching; Classification · CPC title
Matching; Classification · CPC title
Vascular patterns · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10965452B2 cover?
- An image processing apparatus communicates with a user's portable terminal, where the portable terminal includes an authentication module for biometric authentication. When the image processing apparatus receives verification data issued by a service providing system, the image processing apparatus uses the portable terminal's authentication module for the biometric authentication and requests …
- Who is the assignee on this patent?
- Canon Kk
- What technology area does this patent fall under?
- Primary CPC classification G06V40/70. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Mar 30 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).