System for face authentication and method for face authentication
US-12182243-B2 · Dec 31, 2024 · US
Secure off-chip processing such as for biometric data
US9361440B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9361440-B2 |
| Application number | US-96363707-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 21, 2007 |
| Priority date | Dec 21, 2007 |
| Publication date | Jun 7, 2016 |
| Grant date | Jun 7, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In a biometric sensor system and method, storage of acquired biometric data and/or processing of that data may be shifted from specialized secure processing hardware to host system resources for improved speed and reduced cost of biometric sensor devices and systems. Stored data may be encrypted and/or signed by the specialized secure processing hardware and/or software. A database of authorized biometric data (e.g., patterns or key features representing all or a portion of the fingerprints of authorized users) may be stored on the host system either encrypted or non-encrypted or both. Preliminary matching against a database of many enrolled fingerprints may be accomplished by the system processor to ease the processing burden on the specialized secure processing hardware/software. Final match confirmation remains within exclusive control of the specialized secure processing hardware/software in order to prevent data tampering or other efforts to defeat the security provided by biometric identification.
First claim
Opening claim text (preview).
What is claimed is: 1. A biometric authentication system comprising: a host device including a host memory storing therein an encrypted database including a plurality of enrolled encrypted biometric templates and an un-encrypted database including a plurality of enrolled un-encrypted biometric templates; and a system-on-chip biometric device in communication with said host device and including a biometric data acquisition module generating user biometric data, a biometric data encryption engine encrypting the user biometric data, a biometric data decryption engine, and a non-volatile key storage memory coupled to said biometric data encryption and decryption engines and storing a key for use by said biometric data encryption and decryption engines in encrypting and decrypting the user biometric data, the key being permanently stored in said non-volatile key storage memory, and being inaccessible outside of said system-on-chip biometric device; said system-on-chip biometric device transferring the un-encrypted user biometric data to said host device, transferring the encrypted user biometric data to said host device, and causing said host device to store the encrypted user biometric data on said host memory in the encrypted database; said system-on-chip biometric device cooperating with said host device to cause said host device to operate on the un-encrypted user biometric data to generate an untrusted user biometric template, store the untrusted user biometric template in the un-encrypted database on said host memory and verify the untrusted user biometric template as trusted based upon a region of interest, compare the untrusted user biometric template to entries in the un-encrypted database, and when a match is not found, a user is not authenticated, and when the match is found, said system-on-chip biometric device to recall an enrolled encrypted biometric template corresponding to the enrolled un-encrypted biometric template identified as the match and recall the stored encrypted user biometric data from said host device, decrypt the recalled enrolled encrypted biometric template and the recalled stored encrypted user biometric data using said biometric data decryption engine, after decrypting compare the decrypted user biometric data to the decrypted enrolled biometric template, and when a match is found, the user is authenticated. 2. The system of claim 1 wherein said system-on-chip biometric device further comprises a pre-processing module coupled to said biometric data acquisition module and said biometric data encryption engine and processing the user biometric data prior to encryption. 3. The system of claim 1 wherein said biometric data acquisition module comprises a fingerprint scanner determining characteristics of a user fingerprint and generating the user biometric data therefrom. 4. The system of claim 1 wherein the user biometric data comprises a two-dimensional image of a user fingerprint. 5. A biometric authentication system comprising: a host device including a host memory storing therein an encrypted database including a plurality of encrypted enrolled biometric templates and an un-encrypted database including a plurality of enrolled un-encrypted biometric templates; and a system-on-chip biometric device in communication with said host device and including a biometric data acquisition module generating user biometric data, a biometric data encryption engine encrypting the user biometric data, a biometric data decryption engine, a non-volatile key storage memory coupled to said biometric data encryption and decryption engines and storing a key for use by said biometric data encryption and decryption engines in encrypting and decrypting the user biometric data, the key being permanently stored in said non-volatile key storage memory, and being inaccessible outside of said system-on-chip biometric device, a secure biometric template generator coupled to said biometric data decryption engine and generating a user biometric template from the encrypted user biometric data received from said host memory and decrypted by said biometric data decryption engine, and a matcher module coupled to said secure biometric template generator; said system-on-chip biometric device transferring the un-encrypted user biometric data to said host device, transferring the encrypted user biometric data to said host device, and causing said host device to store the encrypted user biometric data in the encrypted database on said host memory; said system-on-chip biometric device cooperating with said host device to cause said host device to operate on the un-encrypted user biometric data to generate an untrusted user biometric template, store the untrusted user biometric template in the un-encrypted database on said host memory and verify the untrusted user biometric template as trusted based upon a region of interest, compare the untrusted user biometric template to entries in the un-encrypted database, and when a match is not found, a user is not authenticated, and when the match is found, said system-on-chip biometric device to recall an enrolled encrypted biometric template corresponding to the enrolled un-encrypted biometric template identified as the match and recall the stored encrypted user biometric data from said host device, decrypt the recalled enrolled encrypted biometric template and the recalled stored encrypted user biometric data using said biometric data decryption engine, after decrypting, compare the decrypted user biometric data to the decrypted enrolled biometric template, and when a match is found, the user is authenticated. 6. The system of claim 5 wherein said system-on-chip biometric device further comprises a pre-processing module coupled to said biometric data acquisition module and said biometric data encryption engine and processing the user biometric data prior to encryption. 7. The system of claim 5 wherein said biometric data acquisition module comprises a fingerprint scanner determining characteristics of a user fingerprint and generating the user biometric data therefrom. 8. The system of claim 5 wherein the user biometric data comprises a two-dimensional image of a user fingerprint. 9. A method of biometric authentication comprising: using a system-on-chip biometric device in communication with a host device to generate user biometric data, and to encrypt the user biometric data, the host device including a host memory storing therein an encrypted database including a plurality of enrolled encrypted biometric templates and an un-encrypted database including a plurality of enrolled un-encrypted biometric templates; permanently storing a key in a non-volatile key storage memory of the system-on-chip biometric device, the key being for use by biometric data encryption and decryption engines in the system-on-chip biometric device encrypting and decrypting the user biometric data at the system-on-chip biometric device, the key being inaccessible outside of the system-on-chip biometric device; transferring the un-encrypted user biometric data to the host device; transferring the encrypted user biometric data to the host device from the system-on-chip biometric device; storing the encrypted user biometric data in the encrypted database; and using the system-on-chip biometric device cooperating with the host device to cause the host device to operate on the un-encrypted user biometric data to generate an untrusted user biometric template, store the untrusted user biometric template in the un-encrypted database on the host memory and verify the untrusted user biometric template as trusted based upon a region of interest, compare the untru
Assignees
Inventors
Classifications
Physics · mapped topic
Physics · mapped topic
Biological data, e.g. fingerprint, voice or retina (network architectures or network communication protocols for supporting authentication of entities using biometrical features in a packet data network H04L63/0861) · CPC title
using biometrical features, e.g. fingerprint, retina-scan (cryptographic mechanisms or cryptographic arrangements for entity authentication using biological data H04L9/3231) · CPC title
- G06F21/32Primary
using biometric data, e.g. fingerprints, iris scans or voiceprints · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9361440B2 cover?
- In a biometric sensor system and method, storage of acquired biometric data and/or processing of that data may be shifted from specialized secure processing hardware to host system resources for improved speed and reduced cost of biometric sensor devices and systems. Stored data may be encrypted and/or signed by the specialized secure processing hardware and/or software. A database of authorize…
- Who is the assignee on this patent?
- Kramer Alan, Apple Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/32. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jun 07 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).