| 发明名称 |
Biometric verification with improved privacy and network performance in client-server networks |
| 摘要 |
The present invention relates to improving the privacy of biometric information used in biometric authentication of identity by retaining all biometric information corresponding to a given user, and conducting all transactions related thereto (i.e., the actual authentication process) on a client (i.e., user) side of the system, thereby maximizing the user's control over biometric information corresponding to himself and preventing the storage of biometric templates on third-party servers outside of the control of the concerned individual. In a particular example of the present invention, security for the biometric information is further enhanced by encrypting the biometric template (used as a comparison reference during authentication, as is known) stored on the client side and completely destroying an original unencrypted version of the template. Also specified is secure storage of encryption keys for encrypting biometric data at the client. In yet a further example of the present invention, authentication is preferably conducted using the encrypted biometric templates. |
| 申请公布号 |
US9189612(B2) |
申请公布日期 |
2015.11.17 |
| 申请号 |
US201414276738 |
申请日期 |
2014.05.13 |
| 申请人 |
|
发明人 |
Konvalinka Ira |
| 分类号 |
G06F21/00;G06F21/32;H04L29/06;H04L29/08 |
主分类号 |
G06F21/00 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of biometric authentication of a client-side authorized smart device user at least occasionally connected to a remote server via a communication network, comprising:
comparison, by the smart device, of an encrypted input biometric template corresponding to a biometric representation operably received by the smart device with an encrypted reference biometric template previously stored on the smart device and corresponding to a biometric representation of the user; and reporting by the smart device to the remote server of user authentication success/failure based on the comparison of the encrypted input biometric template and the previously stored encrypted reference biometric template, wherein previously storing the reference biometric template corresponding to a biometric representation of the user comprises: recording a biometric representation of the user on the client-side smart device; converting the biometric representation of the user into an unencrypted reference biometric template; encrypting the unencrypted reference biometric template, using a revocable hardwired encryption key, to obtain the encrypted reference biometric template; and substantially simultaneously storing the encrypted reference biometric template in a memory of the smart device and permanently deleting the recorded biometric representation of the user and the unencrypted reference biometric template. |
| 地址 |
|
