[go: up one dir, main page]

WO2002005077A2 - Method and system for using biometric sample to electronically access accounts and authorize transactions - Google Patents

Method and system for using biometric sample to electronically access accounts and authorize transactions Download PDF

Info

Publication number
WO2002005077A2
WO2002005077A2 PCT/US2001/021485 US0121485W WO0205077A2 WO 2002005077 A2 WO2002005077 A2 WO 2002005077A2 US 0121485 W US0121485 W US 0121485W WO 0205077 A2 WO0205077 A2 WO 0205077A2
Authority
WO
WIPO (PCT)
Prior art keywords
biometric
biometric sample
account
transaction
software
Prior art date
Application number
PCT/US2001/021485
Other languages
French (fr)
Other versions
WO2002005077A3 (en
Inventor
Franklin L. Mink
James C. Ii Coleman
Original Assignee
Mink & Associates Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mink & Associates Inc. filed Critical Mink & Associates Inc.
Priority to AU2001273249A priority Critical patent/AU2001273249A1/en
Publication of WO2002005077A2 publication Critical patent/WO2002005077A2/en
Publication of WO2002005077A3 publication Critical patent/WO2002005077A3/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • the present application relates to a method and system for using a biometric sample to electronically access accounts, such as financial accounts, and authorize transactions.
  • the present application particularly relates to a method and system for using such a biometric sample as the sole means for initiating the request to access such accounts and authorize such transactions.
  • token such as a credit card or debit card.
  • a token such as a credit card or debit card.
  • a financial account transaction mechanism e.g., credit, debit, deposit, transfer, etc.
  • point of sale and financial accounts e.g., savings, checking, etc.
  • token-based financial transactions have also become an avenue for fraud, mainly associated with lost, stolen and counterfeit credit or debit cards.
  • Debit cards are generally used with a personal identification number (“PIN”), to make it more difficult for fraud associated with a lost, stolen or counterfeit card.
  • PINs personal identification number
  • ATMs Trojan horse automated teller machines
  • the manufactured counterfeit debit cards are then used to deplete the account of the unfortunate cardholder until it has been emptied or overdrawn.
  • Patent 5,109,428 (Igaki et al); U.S. Patent 5,144,680 (Kobayashi et al); U.S. Patent 5,146,102 (Higuchi et al); U.S. Patent 5,180,901 (Hiramatsu); U.S. Patent 5,210,588 (Lee); U.S. Patent 5,210,797 (Usui et al); U.S. Patent 5,222,152 (Fishbine et al); U.S. Patent 5,230,025 (Fishbine et al); U.S. Patent 5,241,606 (Horie); U.S. Patent 5,265,162 (Bush et al); U.S. Patent 5,321,242 (Heath); U.S.
  • Patent 5,325,442 Knapp
  • U.S. Patent 5,351,303 Wiredmore
  • the risk of fraud still exists in this approach because: (1) the biometrics are typically stored in an electronically reproducible format on a token or card; and (2) the comparison or verification process is not isolated from the hardware and software being used directly by the individual attempting to gain access to the account.
  • These systems involve the registration of a prospective buyer using a computer system of some sort, including a registration step by the buyer to provide a PIN, at least one biometric sample, and at least one financial account.
  • the seller of the good or service must also register with the computer system at least one seller financial account and seller identification code.
  • the seller offers a proposed commercial transaction to the buyer (e.g., via an on-line catalog), that includes a seller identification code and price information.
  • the prospective buyer can then signal acceptance of the seller's proposed commercial transaction by adding the buyer's own authentication data comprising a PIN and at least one biometric sample, with the biometric sample being obtained by the system from the buyer's person, to form a commercial transaction message.
  • the commercial transaction message is then forwarded to the computer system, after which the system compares the buyer authentification data, (i.e., biometric sample and PIN) submitted with the message, to a previously registered biometric sample(s) to determine whether authorization and access to the account(s) should be granted or denied. If it is determined that the prospective buyer has the required authorization and access to the account (authentication), the computer system then evaluates the available financial resources to determined whether the requested transaction can be carried out (with a transfer of funds from the buyer's account to the seller's account) or is rejected (e.g., insufficient funds or credit). The results of any of the steps during the transaction process can be displayed to the buyer or seller. See also U.S.
  • buyer authentification data i.e., biometric sample and PIN
  • Patent 5,805,719 (Pare et al), issued September 8, 1998; U.S. Patent 5,764,789 (Pare et al), issued June 9, 1998; U.S. Patent 5,615,277 (Hoffman), issued March 25, 1997; and U.S. Patent 5,613,012 (Hoffman et al), issued March 18, 1997, which disclose similar biometric identification systems.
  • a PIN is not needed for protection from fraud in the context of a transaction authorization system based on biometrics such as fingerprints, since biometric readers can be equipped with technology that eliminates or minimizes the potential for fraud. For example, not only would a correct fingerprint pattern have to be presented, but also the finger used to submit the biometric sample would have to provide a body temperature and display a pulse. Thus, a would-be perpetrator would be unable to access a cardholder's account(s) by simply providing a copy of the cardholder's fingerprint (such as being displayed on a cast of a human finger or somehow overlaid on the perpetrator's own fingerprint), since technology is available with depth perception to prevent such fraud.
  • an alternative biometric method and system for account access and transaction authorization would be desirable that does not require the selection or assignment and memorization of PINs, yet provides sufficient security from the risk of fraudulent access to accounts and authorization of financial transactions of various types.
  • the present invention relates to a method and system for using biometric information to electronically access accounts (e.g., financial accounts) and authorize transactions where the authorized user has provided at least one biometric sample that has been previously recorded or collected to provide access to at least one account and to authorize at least one transaction.
  • This method comprises the steps of: a. submitting at least one biometric sample to initiate a request to electronically access the at least one account and authorize the at least one transaction; b. securely transmitting the submitted biometric sample for comparison to the recorded biometric sample. c. comparing the submitted biometric sample to the recorded biometric sample; d. determining whether the submitted biometric sample matches the recorded biometric sample; e. upon determining whether or not a match exists between the submitted and recorded biometric samples:
  • the present invention can be used with any computer network such as Internet or web-based technologies, cable television network or a wireless telecommunications networks via wireless, wired (or combination of wired and wireless) devices such as cellular phones, personal digital assistants (PDAs), portable computers of various types, desktop computers, ATMs, and the like.
  • any computer network such as Internet or web-based technologies, cable television network or a wireless telecommunications networks via wireless, wired (or combination of wired and wireless) devices such as cellular phones, personal digital assistants (PDAs), portable computers of various types, desktop computers, ATMs, and the like.
  • PDAs personal digital assistants
  • biometric sample e.g., fingerprint, iris scan, etc.
  • the biometric sample typically electronically converted to an algorithm, serves as the account number and PIN for both access to the account and authorization of the transaction (e.g., deposits or withdrawals, debit or credit, etc.).
  • the identified user can optionally be given the opportunity to select the account to be utilized in the intended transaction through at least one user action (e.g., keystroke, voice command, etc.).
  • the type of transaction e.g., debit, deposit, transfer, credit, etc.
  • the amount of financial exchange as dictated by the user or as specified by the selected merchant for the desired commodity, (depending on the type of transaction) is then determined and transmitted to the account issuer. For credit/debit purchases or withdrawal of funds, a debit of available funds or credit is then made from the user account upon determination of sufficient financial resources (e.g., checking account balance, available credit limit, etc.).
  • the authorized account holder/user and/or issuer can be presented with the results of the transaction (e.g., a notice of transaction completion or unnecessary funds to complete transaction).
  • the method and system of the present invention provides a convenient way for accessing financial accounts without the unnecessary complication of remembering account numbers or PINs and allows secure account access and financial transaction authorization while nearly eliminating or minimizing the potential for fraud. This is achieved in the present invention by submitting the biometric sample as the sole vehicle for both electronic access of one or more accounts (e.g., financial accounts) and authorization of the desired electronic transaction or transactions.
  • the method and system of the present invention can also provide simplified access to multiple financial accounts and authorization of financial transactions managed through fast, efficient, accurate and secure submission of biometric measurements, as well as eliminating or minimizing the potential for fraud.
  • FIG. 1 is a block diagram representing an embodiment of a system according to the present invention.
  • Fig. 2 represents a flowchart illustrating the steps that can be carried out according to an embodiment of the method of the present invention in the system of Fig. 1.
  • Fig. 3 represents a flowchart illustrating the steps that can be carried out according to an alternative embodiment of the method of the present invention.
  • Fig. 4 represents a flowchart illustrating the steps that can be carried out according to another alternative embodiment of the method of the present invention.
  • authorized user refers to the individual or group that has been granted access and authorization to the specified account(s) and/or transaction(s).
  • biometric sample refers to any form of unique biometric identifier such as a signature, fingerprint, voice print, palm print, retina scan, iris scan or facial scan, or other suitable biometric identifier.
  • Suitable methods and devices for identifying and reading biometric inputs are disclosed in U.S. Patent 6,012,039 (Hoffman et al), issued January 4, 2000; U.S. Patent 5,870,723 (Pare et al), issued February 9, 1999; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S.
  • Patent 5,805,719 (Pare et al), issued September 8, 1998; U.S. Patent 5,802,199 (Pare et al), issued September 1, 1998; U.S. Patent 5,764,789 (Pare et al), issued June 9, 1998; U.S. Patent 5,615,277 (Hoffman), issued March 25, 1997; and U.S. Patent 5,613,012 (Hoffman et al), issued March 18, 1997, all of which are incorporated by reference.
  • transaction refers to any type of transaction that can be carried out electronically by wired methods, wireless methods or combinations thereof.
  • Transactions that can be carried according to the present invention include financial transactions such as the deposit and withdrawal of funds, credit card transactions, reward systems, and online sales of products and services. See U.S. Patent 6,012,039 (Hoffman et al), issued January 4, 2000; U.S. Patent 5,870,723 (Pare et al), issued February 9, 1999; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S.
  • Typical electronic transactions within the scope of the present invention can be carried out by remote electronic transmission methods, such as by using Local or Wide Area Network (LAN or WAN)-based, Internet-based, web-based, cable television network or wireless telecommunications networks, or other remote transmission methods.
  • LAN or WAN Local or Wide Area Network
  • Internet-based Internet-based
  • web-based web-based
  • cable television network or wireless telecommunications networks or other remote transmission methods.
  • the term "software” refers to any form of programmed machine-readable language or instructions (e.g., object code) that, when, loaded or otherwise installed, provides operating instructions to a machine capable of reading those instructions, such as a computer or biometric reader.
  • Software useful in the present invention can be stored or reside on, as well as be loaded or installed from, one or more floppy disks, CD ROM disks, hard disks or any other form of suitable non-volatile electronic storage media.
  • Software useful in the present invention can also be installed by downloading or other form of remote transmission.
  • the present invention can be carried out by appropriate modification of a variety of biometric identification systems known in the art.
  • Suitable systems for use with the method of the present invention include those disclosed in U.S. Patent 6,012,039 (Hoffman et al), issued January 4, 2000; U.S. Patent 5,870,723 (Pare et al), issued February 9, 1999; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,805,719 (Pare et al), issued September 8, 1998; U.S. Patent 5,802,199 (Pare et al), issued September 1, 1998; U.S.
  • Patent 5,764,789 (Pare et al), issued June 9, 1998; U.S. Patent 5,615,277 (Hoffman), issued March 25, 1997; and U.S. Patent 5,613,012 (Hoffman et al), issued March 18, 1997, all of which are incorporated by reference.
  • System 10 includes a Data Processing Center (DPC) or Centers, typically in the form of a server or main frame computer (or multiple servers or main frame computers depending on the type and number of DPCs involved) indicated generally as 12, an input terminal indicated generally as 14 that communicates with DPC 12 via a communications pathway indicated generally as 16 that can use Internet or web-based transmission methods, cable television network or wireless telecommunications network-based transmission methods, Local or Wide Area Network (LAN or WAN)-based transmission methods, or any other suitable remote transmission method that is wired, wireless or a combination thereof.
  • DPC Data Processing Center
  • Centers typically in the form of a server or main frame computer (or multiple servers or main frame computers depending on the type and number of DPCs involved) indicated generally as 12
  • DPC 12 Data Processing Center
  • an input terminal indicated generally as 14 that communicates with DPC 12 via a communications pathway indicated generally as 16 that can use Internet or web-based transmission methods, cable television network or wireless telecommunications network-based transmission methods, Local or Wide Area Network (LAN or WAN)-
  • Terminal 14 can be a variety of electronic devices such as an ATM machine, personal desktop computer, personal digital assistant (PDA), portable laptop computer, palm pilot, cellular or other portable phone, or the like. 22.
  • Terminal 14 usually includes a display unit indicated as 18 that can be in the form of a LCD display panel (for example, a portable phone or personal digital assistant), a monitor (for example, a desktop computer or ATM machine) or other suitable display unit.
  • a display unit indicated as 18 can be in the form of a LCD display panel (for example, a portable phone or personal digital assistant), a monitor (for example, a desktop computer or ATM machine) or other suitable display unit.
  • Terminal 14 is connected to a biometric input device indicated generally as 20 by a communications pathway indicated generally as 22.
  • communications pathway 22 can use Internet or web-based transmission methods, cable television network or wireless telecommunications network-based transmission methods, Local or Wide Area Network (LAN or WAN)-based transmission methods, or any other suitable remote transmission method that is wired, wireless or a combination thereof.
  • Biometric input device 20 includes a biometric scanner 24.
  • the biometric scanner 24 can be a finger print scanner, voice input device (microphone), palm print scanner, retinal, facial or iris scanner or other suitable biometric scanner. While terminal 14 and biometric input device 20 are shown in Fig.
  • DPC 12 typically has software indicated generally as 26 that resides thereon and controls requests for and access to accounts indicated generally as 28, and in particular is capable of responding to a request initiated by the submission of at least one biometric sample to electronically access account(s) 28 and to authorize at least one transaction, as well as being capable of comparing the submitted biometric sample to the recorded sample to determine whether or not the submitted biometric sample matches the recorded biometric sample.
  • Terminal 14 also typically has software indicated generally as 30 residing thereon that permits interaction between DPC 12 and biometric input device 20, and in particular is capable of securely transmitting the at least one submitted biometric sample from biometric input device 20 to DPC 12 to access accounts 28 and authorize transactions regarding these accounts and is also capable of receiving the determination by the data processing center 12 as to whether or not the submitted biometric sample matches the recorded biometric sample, as well as causing this determination to be displayed on display unit 18 (if display unit 18 is part of terminal 14).
  • software indicated generally as 30 residing thereon that permits interaction between DPC 12 and biometric input device 20, and in particular is capable of securely transmitting the at least one submitted biometric sample from biometric input device 20 to DPC 12 to access accounts 28 and authorize transactions regarding these accounts and is also capable of receiving the determination by the data processing center 12 as to whether or not the submitted biometric sample matches the recorded biometric sample, as well as causing this determination to be displayed on display unit 18 (if display unit 18 is part of terminal 14).
  • Biometric input device 20 can also have software indicated generally as 34 residing thereon that includes device drivers for operating biometric scanner 24, and other capabilities for interfacing with the DPC 12 through terminal 14 (including capability to display the determination by DPC 12 as to whether or not the submitted biometric sample matches the recorded biometric sample if display unit 18 is part of biometric input device 20), and in particular provides the capability to transmit the submitted biometric sample to terminal 14. 3. Method for Implementing System
  • the authorized user provides at least one biometric sample that is recorded or collected beforehand to provide electronic access to at least one account (e.g., financial accounts) and authorize at least one transaction (e.g., purchase of goods or services, withdrawal or deposit of funds, etc.).
  • the authorized user records or registers at least one biometric sample such as a fingerprint, iris scan, etc., with one or more financial institutions such as a bank or credit card company to establish one or more financial accounts such as checking or credit accounts.
  • the biometric sample electronically converted to an algorithm, serves as the authorized account number or PIN for both access to the account and authorization of the transaction such as deposits or withdrawals, debit and credit or the like.
  • Fig. 2 provides a flowchart indicated generally as 100 to illustrate in more detail an embodiment of the method of the present invention for implementing the system shown in Fig. 1.
  • initial step 101 involves the user initiating a request to access at least one account 28 (e.g., credit, debit, checking, or otherwise) of the authorized user on DPC 12 of the account issuer, and authorize at least one transaction (e.g., deposit of funds, withdrawal of funds, or otherwise), by supplying or submitting at least one biometric sample using biometric scanner 24.
  • account 28 e.g., credit, debit, checking, or otherwise
  • at least one transaction e.g., deposit of funds, withdrawal of funds, or otherwise
  • the submitted biometric sample or samples (using scanner 24 of biometric input device 20) is then securely transmitted, for example, in an encrypted form, via communications pathway 22 to terminal 14 and then via communications pathway 16 to DPC 12 of the account issuer.
  • No personal identification code or number is typically required. Indeed, it is preferred in the method of the present invention that initiation of the request to access the account(s) and authorize the transaction(s) is solely by submission of the biometric sample.
  • the transmission of the submitted biometric sample is received by the account issuer and compared against the previously recorded biometric sample in a database of previously collected biometric samples (e.g., biometric signatures) of the account holders on DPC 12. If the submitted biometric sample does not match the recorded biometric sample of an authorized user (NO), the request for access and authorization is denied as shown in step 104. If the supplied biometric sample does match the biometric sample of an authorized user (YES), the request for access and authorization is then granted to the account(s) 28 associated with that biometric sample, as shown in step 105.
  • a database of previously collected biometric samples e.g., biometric signatures
  • next step 105 access to account list
  • conditional access is granted to the list of one or more accounts 28 associated with the biometric sample (e.g., biometric signature).
  • the user selects the account 28 to be utilized in the intended transaction through at least one user action such as a keystroke, voice command, etc, using scanner 24 or some other input device (not shown) that is connected to terminal 14 or connected to biometric input device 20 to transmit the user action stroke.
  • the user action stroke could be by using the alphanumeric or numeric keypad on a portable phone or similar portable device.
  • transaction selection the type of transaction is specified by at least one user action.
  • the data for the specified transaction is then transmitted in step 108 (transmittal of transaction data) to DPC 12 of the account issuer.
  • a debit of available funds or credit is made from the user account upon determination of sufficient financial resources represented by a checking account balance, available credit limit, etc.
  • funds are simply added to an account.
  • the amount of the financial exchange is specified by the user or account holder or is specified by the selected merchant for a desired commodity (depending on the type of transaction).
  • the user can specify the type of transaction (step 107) before being granted conditional access to the list of one or more accounts 28 (step 105) and then selecting the account (step 106).
  • step 109 a check is made to see if there are sufficient resources (e.g., funds or credit) in the authorized user's account to permit the requested transaction. If there are insufficient resources (NO), the transaction is denied and the user is typically notified (for example, by transmission to terminal 14 for display on display unit 18) of this denial (i.e., transaction denied) as shown in step 110. If there are sufficient resources (YES), the transaction is permitted and the user is typically notified (again, for example, by transmission to terminal 14 for display on display unit 18) that the transaction has been successful (i.e., transaction permitted or granted) as shown in step 111.
  • sufficient resources e.g., funds or credit
  • the user can choose an optional pathway in the event the initial user identification is unsuccessful in step 103 or resources are insufficient in step 109. In this optional pathway, the user can try another account in step 112. If step 112 is chosen by the user (YES), the process of initiating the request for the account and transaction is repeated, starting with step 101 (initiation). If the user chooses not to try another account (NO), the process is terminated as shown in step 113.
  • FIG. 3 An alternative embodiment of the method of the present invention is shown in Fig. 3 as a flowchart indicated generally as 200.
  • This alternative embodiment is particularly useful in those situations where the user already knows what account and transaction they wish to select or where there is only one account and/or transaction that can be selected by the user.
  • the particular transaction desired by the user is initially selected (step 201), followed by the desired account (step 202), by a user action stroke as before.
  • the particular order of transaction or account selection is not critical to this alternative method, so that step 202 (account selection) can also occur prior to step 201 (transaction selection).
  • the user then initiates the request for access to the selected account (or accounts) and the selected transaction (or transactions) by submitting the biometric sample (or samples) in step 203.
  • step 204 the submitted biometric sample (using scanner 24 of biometric input device 20) is then securely transmitted as before to terminal 14 and then to DPC 12 of the account issuer.
  • step 205 the transmitted biometric sample is again compared against the previously recorded biometric sample, with access being denied (step 206) if there is no match, or granted if there is a match (step 207).
  • step 208 A check is again made to see if there are sufficient resources (step 208) with the user being notified of insufficient resources (step 209) or sufficient resources (step 210). Where initial user identification is unsuccessful in step 205 or resources are insufficient in step 208, the user would again be given the option of trying another account (step 211) or simply terminating the transaction (step 212).
  • FIG. 4 Another alternative embodiment of the method of the present invention is shown in Fig. 4 as a flowchart indicated generally as 300.
  • This alternative embodiment is particularly useful in those situations where the user logs onto terminal 14, preferably using a submitted biometric sample, and where the transaction being selected by the user is the purchase of particular goods or services offered by an online merchant.
  • the user initiates the request by submitting a biometric sample (step 301), followed by selection of the particular account (step 302) and the particular transaction (step 303).
  • the particular order in which the account (or accounts) or transaction (or transactions) is selected is not critical to this alternative method.
  • the initiated request that includes the submitted biometric sample, selected account(s), and selected transaction(s) is then securely transmitted as before to terminal 14 and then to DPC 12 of the account user (step 304).
  • the transmitted biometric sample is again compared against the previously recorded biometric sample, with access being denied (step 306) if there is no match, or granted if there is a match (step 307).
  • a check is again made to see if there are sufficient resources (step 308) with the user being notified of insufficient resources (step 309) or sufficient resources (step 310). Where initial user identification is unsuccessful in step 305 or resources are insufficient in step 308, the user would again be given the option of trying another account (step 311) or simply terminating the transaction (step 312).
  • the present invention can also be provided in the form of downloadable or otherwise installable software that can be used in system 10, and in particular as the combination of the DPC software component 26 (used with DPC 12), the terminal software component 30 (used with terminal 14) and the biometric software component 34 (used with biometric input device 20).
  • the terminal software component 30 and the biometric software component 34 can also be an integral or single software component that controls or operates both the terminal and biometric input device function of the system.
  • This software can also be provided or associated with a set of instructions for downloading or installation of the software on the system and/or use of the software with the system that are written or printed on one or more sheets of paper, in a multi-page manual, at the location where the software is located for remote downloading or installation (e.g., a server-based web site), on or inside the packaging in which the software is provided or sold, and/or on the electronic media (e.g., floppy disk or CD ROM disk) from which the software is loaded or installed, or any other suitable method for providing instructions on how to load, install and/or use the software.
  • a server-based web site e.g., a server-based web site
  • the electronic media e.g., floppy disk or CD ROM disk

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Collating Specific Patterns (AREA)

Abstract

A method and system for electronically accessing accounts, such as financeal accounts, and authorizing transactions using a biometric sample. This method and system involves a comparison of a previously recorded biometric sample such as a signature, fingerprint, voice print, retina, iris or facial scan collected from the authorized user and stored prior to an intended electronic transaction with the biometric sample submitted to initiate the request to access the account(s) and authorize the electronic transaction. The recorded biometric sample is used as the sole criteria to initiate the request to access the account and authorize the intended electronic transaction. This method and system is particularly suitable for various types of commercial electronic transactions between a buyer and seller, as well as financial transactions involving cash withdrawal and deposit from a user's account.

Description

METHOD AND SYSTEM FOR USING BIOMETRIC SAMPLE TO ELECTRONICALLY ACCESS ACCOUNTS AND AUTHORIZE TRANSACTIONS The present application relates to a method and system for using a biometric sample to electronically access accounts, such as financial accounts, and authorize transactions. The present application particularly relates to a method and system for using such a biometric sample as the sole means for initiating the request to access such accounts and authorize such transactions. BACKGROUND OF THE INVENTION
Many financial transactions currently involve the use of a token, such as a credit card or debit card. Generally, the purpose of the token is to provide the user with access to a financial account transaction mechanism (e.g., credit, debit, deposit, transfer, etc.). Since their beginnings in the 1950s, the use of token-based methods for financial and other commercial electronic transactions has grown significantly, including transactions involving point of sale and financial accounts (e.g., savings, checking, etc.) access applications. However, in addition to their increasing popularity with consumers and legitimate account holders, token-based financial transactions have also become an avenue for fraud, mainly associated with lost, stolen and counterfeit credit or debit cards.
Debit cards are generally used with a personal identification number ("PIN"), to make it more difficult for fraud associated with a lost, stolen or counterfeit card. However, in manufacturing counterfeit cards, PINs have been obtained from unwary cardholders by improper methods ranging from Trojan horse automated teller machines (ATMs) that dispense cash but record the user's PIN, to fraudulent seller point of sale devices that record the PIN, to individuals with binoculars that watch cardholders enter PINs at ATMs. The manufactured counterfeit debit cards are then used to deplete the account of the unfortunate cardholder until it has been emptied or overdrawn. Credit cards do not generally involve the use of a PIN; therefore, a lost or stolen credit card can be readily misused to deplete the credit of the unsuspecting account holder and leave them with charges for goods and services that they never purchased. Counterfeit credit cards can be manufactured by more sophisticated criminals who acquire valid account numbers. The counterfeit credit card is then used in commercial transactions until the credit is depleted. Other examples of fraud can occur due to dishonest cardholders of both debit and credit cards, who report the card as lost or stolen, continue to make purchases or withdraw money and then refuse to accept responsibility for the depleted or overdrawn credit or money resources.
A number of solutions have recently been proposed to address these and other forms of credit or debit card related fraud. One solution for stolen credit card fraud is to include PIN protection on cards issued to account holders. While this would reduce the amount of fraud associated with stolen credit cards, administrative costs would rise for each card issued due to the tendency for cardholders to select their own PIN. Another disadvantage is that the proposed solution does not address the problem of counterfeit cards. So-called "smart cards" using biometric information or a PIN have also been proposed as a means of eliminating card-related fraud. Smart cards that use biometrics involve storing an authenticated biometric sample (e.g., fingerprints, handprints, voiceprints, retinal information, etc.) recorded from the account holder. When the account holder tries to access their account by using the card, they must supply a biometric sample through a biometric reader. The new sample is then compared to the biometric information recorded on the card to determine whether access to the account is to be granted or denied. See, for example, U.S. Patent 4,821,118 (Lafreniere); U.S. Patent 4,993,068 (Piosenka et al); U.S. Patent 4,995,086 (Lilley et al); U.S. Patent 5,054,089 (Uchida et al); U.S. Patent 5,095,194 (Barbanell); U.S. Patent 5,109,427 (Yang); U.S. Patent 5,109,428 (Igaki et al); U.S. Patent 5,144,680 (Kobayashi et al); U.S. Patent 5,146,102 (Higuchi et al); U.S. Patent 5,180,901 (Hiramatsu); U.S. Patent 5,210,588 (Lee); U.S. Patent 5,210,797 (Usui et al); U.S. Patent 5,222,152 (Fishbine et al); U.S. Patent 5,230,025 (Fishbine et al); U.S. Patent 5,241,606 (Horie); U.S. Patent 5,265,162 (Bush et al); U.S. Patent 5,321,242 (Heath); U.S. Patent 5,325,442 (Knapp); and U.S. Patent 5,351,303 (Wilmore), that illustrate this approach. However, the risk of fraud still exists in this approach because: (1) the biometrics are typically stored in an electronically reproducible format on a token or card; and (2) the comparison or verification process is not isolated from the hardware and software being used directly by the individual attempting to gain access to the account.
All of these prior methods that use a token for storage of biometric information also fail to recognize the inherent inconvenience of using token-based methods versus a direct-read biometric-based system. The theme of these prior token-based methods has been to "smarten" the token or card by including more information for identification of the cardholder. The inherent projected additional expense per card associated with implementation on a mass-market scale has led developers of smart card systems to propose the use of such cards to store a great deal more information such as multiple financial or credit card accounts, medical records, electronic cash, etc.
An important disadvantage of the proposed token and smart card systems is that, in the event of a lost or stolen card, the cardholder would suffer inconvenience until the card is replaced, as well as lose real funds if electronic cash was stored on the card. Also, the proposed token-based methods do not significantly diminish the potential for fraud associated with wireless transactions, where account codes and other valuable information can be intercepted, decrypted and used by more sophisticated criminals to access and use the unwary cardholder's financial account. To subvert the obstacles posed by existing and proposed token-based account access and transaction authorization systems, tokenless biometric authorization systems for commercial electronic transactions have been proposed. See, for example, U.S. Patent 5,870,723 (Pare et al), issued February 9, 1999. These systems involve the registration of a prospective buyer using a computer system of some sort, including a registration step by the buyer to provide a PIN, at least one biometric sample, and at least one financial account. The seller of the good or service must also register with the computer system at least one seller financial account and seller identification code. The seller then offers a proposed commercial transaction to the buyer (e.g., via an on-line catalog), that includes a seller identification code and price information. The prospective buyer can then signal acceptance of the seller's proposed commercial transaction by adding the buyer's own authentication data comprising a PIN and at least one biometric sample, with the biometric sample being obtained by the system from the buyer's person, to form a commercial transaction message. The commercial transaction message is then forwarded to the computer system, after which the system compares the buyer authentification data, (i.e., biometric sample and PIN) submitted with the message, to a previously registered biometric sample(s) to determine whether authorization and access to the account(s) should be granted or denied. If it is determined that the prospective buyer has the required authorization and access to the account (authentication), the computer system then evaluates the available financial resources to determined whether the requested transaction can be carried out (with a transfer of funds from the buyer's account to the seller's account) or is rejected (e.g., insufficient funds or credit). The results of any of the steps during the transaction process can be displayed to the buyer or seller. See also U.S. Patent 5,805,719 (Pare et al), issued September 8, 1998; U.S. Patent 5,764,789 (Pare et al), issued June 9, 1998; U.S. Patent 5,615,277 (Hoffman), issued March 25, 1997; and U.S. Patent 5,613,012 (Hoffman et al), issued March 18, 1997, which disclose similar biometric identification systems.
While this proposed system obviates the need for the use of cards or tokens in the context of a commercial transaction, the cardholder must still use a PIN. While U.S. Patent 5,870,723 says that the continued use of a PIN increases security (since entry of a false PIN triggers a silent alarm or otherwise notifies the authorities of an improper attempt to authorize a transaction), the real utility of a PIN in this circumstance is likely to be inconsequential, given human tendencies toward forgetfulness of such details, especially under duress such as threatened violence or harm to one's person. Also, the use of a PIN is not needed for protection from fraud in the context of a transaction authorization system based on biometrics such as fingerprints, since biometric readers can be equipped with technology that eliminates or minimizes the potential for fraud. For example, not only would a correct fingerprint pattern have to be presented, but also the finger used to submit the biometric sample would have to provide a body temperature and display a pulse. Thus, a would-be perpetrator would be unable to access a cardholder's account(s) by simply providing a copy of the cardholder's fingerprint (such as being displayed on a cast of a human finger or somehow overlaid on the perpetrator's own fingerprint), since technology is available with depth perception to prevent such fraud.
Therefore, an alternative biometric method and system for account access and transaction authorization would be desirable that does not require the selection or assignment and memorization of PINs, yet provides sufficient security from the risk of fraudulent access to accounts and authorization of financial transactions of various types.
SUMMARY OF THE INVENTION The present invention relates to a method and system for using biometric information to electronically access accounts (e.g., financial accounts) and authorize transactions where the authorized user has provided at least one biometric sample that has been previously recorded or collected to provide access to at least one account and to authorize at least one transaction. This method comprises the steps of: a. submitting at least one biometric sample to initiate a request to electronically access the at least one account and authorize the at least one transaction; b. securely transmitting the submitted biometric sample for comparison to the recorded biometric sample. c. comparing the submitted biometric sample to the recorded biometric sample; d. determining whether the submitted biometric sample matches the recorded biometric sample; e. upon determining whether or not a match exists between the submitted and recorded biometric samples:
(1) if the submitted biometric sample does match the recorded biometric sample, granting the request to access the at least one account and authorize the at least one transaction; or
(2) if the submitted biometric sample does not match the recorded biometric sample, denying the request to access the at least one account and authorize the at least one transaction. The present invention can be used with any computer network such as Internet or web-based technologies, cable television network or a wireless telecommunications networks via wireless, wired (or combination of wired and wireless) devices such as cellular phones, personal digital assistants (PDAs), portable computers of various types, desktop computers, ATMs, and the like. It allows the authorized user to register with one or more financial institutions (e.g., bank or credit card companies) to establish one or more financial accounts (e.g., checking or credit), with at least one biometric sample (e.g., fingerprint, iris scan, etc.) being recorded or collected for each account by the financial institution as part of the registration process. Unlike prior methods and systems, the biometric sample, typically electronically converted to an algorithm, serves as the account number and PIN for both access to the account and authorization of the transaction (e.g., deposits or withdrawals, debit or credit, etc.).
Upon user identification and granting of access to the account list, the identified user can optionally be given the opportunity to select the account to be utilized in the intended transaction through at least one user action (e.g., keystroke, voice command, etc.). After account selection, the type of transaction (e.g., debit, deposit, transfer, credit, etc.) can be specified by at least one user action. The amount of financial exchange as dictated by the user or as specified by the selected merchant for the desired commodity, (depending on the type of transaction) is then determined and transmitted to the account issuer. For credit/debit purchases or withdrawal of funds, a debit of available funds or credit is then made from the user account upon determination of sufficient financial resources (e.g., checking account balance, available credit limit, etc.). Upon grant/approval or denial/rejection (e.g., in case of insufficient funds or credit) of the electronic transaction, the authorized account holder/user and/or issuer can be presented with the results of the transaction (e.g., a notice of transaction completion or unnecessary funds to complete transaction).
The method and system of the present invention provides a convenient way for accessing financial accounts without the unnecessary complication of remembering account numbers or PINs and allows secure account access and financial transaction authorization while nearly eliminating or minimizing the potential for fraud. This is achieved in the present invention by submitting the biometric sample as the sole vehicle for both electronic access of one or more accounts (e.g., financial accounts) and authorization of the desired electronic transaction or transactions. By using direct yet more secure biometric technology, the method and system of the present invention can also provide simplified access to multiple financial accounts and authorization of financial transactions managed through fast, efficient, accurate and secure submission of biometric measurements, as well as eliminating or minimizing the potential for fraud.
BRIEF DESCRIPTION OF THE DRAWING Fig. 1 is a block diagram representing an embodiment of a system according to the present invention.
Fig. 2 represents a flowchart illustrating the steps that can be carried out according to an embodiment of the method of the present invention in the system of Fig. 1. Fig. 3 represents a flowchart illustrating the steps that can be carried out according to an alternative embodiment of the method of the present invention.
Fig. 4 represents a flowchart illustrating the steps that can be carried out according to another alternative embodiment of the method of the present invention. DETAILED DESCRIPTION OF THE INVENTION 1. Definitions
As used herein, the term "authorized user" refers to the individual or group that has been granted access and authorization to the specified account(s) and/or transaction(s).
As used herein, the term "biometric sample" refers to any form of unique biometric identifier such as a signature, fingerprint, voice print, palm print, retina scan, iris scan or facial scan, or other suitable biometric identifier. Suitable methods and devices for identifying and reading biometric inputs are disclosed in U.S. Patent 6,012,039 (Hoffman et al), issued January 4, 2000; U.S. Patent 5,870,723 (Pare et al), issued February 9, 1999; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,805,719 (Pare et al), issued September 8, 1998; U.S. Patent 5,802,199 (Pare et al), issued September 1, 1998; U.S. Patent 5,764,789 (Pare et al), issued June 9, 1998; U.S. Patent 5,615,277 (Hoffman), issued March 25, 1997; and U.S. Patent 5,613,012 (Hoffman et al), issued March 18, 1997, all of which are incorporated by reference.
As used herein, the term "transaction" refers to any type of transaction that can be carried out electronically by wired methods, wireless methods or combinations thereof. Transactions that can be carried according to the present invention include financial transactions such as the deposit and withdrawal of funds, credit card transactions, reward systems, and online sales of products and services. See U.S. Patent 6,012,039 (Hoffman et al), issued January 4, 2000; U.S. Patent 5,870,723 (Pare et al), issued February 9, 1999; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,805,719 (Pare et al), issued September 8, 1998; U.S. Patent 5,802,199 (Pare et al), issued September 1, 1998; U.S. Patent 5,764,789 (Pare et al), issued June 9, 1998; U.S. Patent 5,615,277 (Hoffman), issued March 25, 1997; and U.S. Patent 5,613,012 (Hoffman et al), issued March 18, 1997, all of which are incorporated by reference, which disclose various types of electronic transactions that can be carried out according to the present invention. Typical electronic transactions within the scope of the present invention can be carried out by remote electronic transmission methods, such as by using Local or Wide Area Network (LAN or WAN)-based, Internet-based, web-based, cable television network or wireless telecommunications networks, or other remote transmission methods.
As used herein, the term "software" refers to any form of programmed machine-readable language or instructions (e.g., object code) that, when, loaded or otherwise installed, provides operating instructions to a machine capable of reading those instructions, such as a computer or biometric reader. Software useful in the present invention can be stored or reside on, as well as be loaded or installed from, one or more floppy disks, CD ROM disks, hard disks or any other form of suitable non-volatile electronic storage media. Software useful in the present invention can also be installed by downloading or other form of remote transmission.
As used herein, the term "comprising" means various components, capabilities and/or steps can be conjointly employed in the present invention. Accordingly, the term "comprising" encompasses the more restrictive terms "consisting essentially of and "consisting of." 2. System
The present invention can be carried out by appropriate modification of a variety of biometric identification systems known in the art. Suitable systems for use with the method of the present invention include those disclosed in U.S. Patent 6,012,039 (Hoffman et al), issued January 4, 2000; U.S. Patent 5,870,723 (Pare et al), issued February 9, 1999; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,838,812 (Pare et al), issued November 17, 1998; U.S. Patent 5,805,719 (Pare et al), issued September 8, 1998; U.S. Patent 5,802,199 (Pare et al), issued September 1, 1998; U.S. Patent 5,764,789 (Pare et al), issued June 9, 1998; U.S. Patent 5,615,277 (Hoffman), issued March 25, 1997; and U.S. Patent 5,613,012 (Hoffman et al), issued March 18, 1997, all of which are incorporated by reference.
Referring to Fig. 1, an embodiment of a system according to the present invention is indicated generally as 10. System 10 includes a Data Processing Center (DPC) or Centers, typically in the form of a server or main frame computer (or multiple servers or main frame computers depending on the type and number of DPCs involved) indicated generally as 12, an input terminal indicated generally as 14 that communicates with DPC 12 via a communications pathway indicated generally as 16 that can use Internet or web-based transmission methods, cable television network or wireless telecommunications network-based transmission methods, Local or Wide Area Network (LAN or WAN)-based transmission methods, or any other suitable remote transmission method that is wired, wireless or a combination thereof. Terminal 14 can be a variety of electronic devices such as an ATM machine, personal desktop computer, personal digital assistant (PDA), portable laptop computer, palm pilot, cellular or other portable phone, or the like. 22. Terminal 14 usually includes a display unit indicated as 18 that can be in the form of a LCD display panel (for example, a portable phone or personal digital assistant), a monitor (for example, a desktop computer or ATM machine) or other suitable display unit.
Terminal 14 is connected to a biometric input device indicated generally as 20 by a communications pathway indicated generally as 22. Like communications pathway 16, communications pathway 22 can use Internet or web-based transmission methods, cable television network or wireless telecommunications network-based transmission methods, Local or Wide Area Network (LAN or WAN)-based transmission methods, or any other suitable remote transmission method that is wired, wireless or a combination thereof. Biometric input device 20 includes a biometric scanner 24. The biometric scanner 24 can be a finger print scanner, voice input device (microphone), palm print scanner, retinal, facial or iris scanner or other suitable biometric scanner. While terminal 14 and biometric input device 20 are shown in Fig. 1 as being separate units or devices, they can also be in the form of an integral unit or device that performs the functions of both the terminal and the biometric input device. In addition, while display unit 18 is shown as being part of terminal 14, it could also be part of the biometric input device 20
DPC 12 typically has software indicated generally as 26 that resides thereon and controls requests for and access to accounts indicated generally as 28, and in particular is capable of responding to a request initiated by the submission of at least one biometric sample to electronically access account(s) 28 and to authorize at least one transaction, as well as being capable of comparing the submitted biometric sample to the recorded sample to determine whether or not the submitted biometric sample matches the recorded biometric sample. Terminal 14 also typically has software indicated generally as 30 residing thereon that permits interaction between DPC 12 and biometric input device 20, and in particular is capable of securely transmitting the at least one submitted biometric sample from biometric input device 20 to DPC 12 to access accounts 28 and authorize transactions regarding these accounts and is also capable of receiving the determination by the data processing center 12 as to whether or not the submitted biometric sample matches the recorded biometric sample, as well as causing this determination to be displayed on display unit 18 (if display unit 18 is part of terminal 14). Biometric input device 20 can also have software indicated generally as 34 residing thereon that includes device drivers for operating biometric scanner 24, and other capabilities for interfacing with the DPC 12 through terminal 14 (including capability to display the determination by DPC 12 as to whether or not the submitted biometric sample matches the recorded biometric sample if display unit 18 is part of biometric input device 20), and in particular provides the capability to transmit the submitted biometric sample to terminal 14. 3. Method for Implementing System
In the method the present invention, the authorized user provides at least one biometric sample that is recorded or collected beforehand to provide electronic access to at least one account (e.g., financial accounts) and authorize at least one transaction (e.g., purchase of goods or services, withdrawal or deposit of funds, etc.). In this preliminary step, the authorized user records or registers at least one biometric sample such as a fingerprint, iris scan, etc., with one or more financial institutions such as a bank or credit card company to establish one or more financial accounts such as checking or credit accounts. The biometric sample, electronically converted to an algorithm, serves as the authorized account number or PIN for both access to the account and authorization of the transaction such as deposits or withdrawals, debit and credit or the like.
Fig. 2 provides a flowchart indicated generally as 100 to illustrate in more detail an embodiment of the method of the present invention for implementing the system shown in Fig. 1. Referring to the Fig. 2, initial step 101 (initiation) involves the user initiating a request to access at least one account 28 (e.g., credit, debit, checking, or otherwise) of the authorized user on DPC 12 of the account issuer, and authorize at least one transaction (e.g., deposit of funds, withdrawal of funds, or otherwise), by supplying or submitting at least one biometric sample using biometric scanner 24.
In the next step 102 (transmission of identification), the submitted biometric sample or samples (using scanner 24 of biometric input device 20) is then securely transmitted, for example, in an encrypted form, via communications pathway 22 to terminal 14 and then via communications pathway 16 to DPC 12 of the account issuer. No personal identification code or number is typically required. Indeed, it is preferred in the method of the present invention that initiation of the request to access the account(s) and authorize the transaction(s) is solely by submission of the biometric sample.
In the next step 103 (user identification successful?), the transmission of the submitted biometric sample is received by the account issuer and compared against the previously recorded biometric sample in a database of previously collected biometric samples (e.g., biometric signatures) of the account holders on DPC 12. If the submitted biometric sample does not match the recorded biometric sample of an authorized user (NO), the request for access and authorization is denied as shown in step 104. If the supplied biometric sample does match the biometric sample of an authorized user (YES), the request for access and authorization is then granted to the account(s) 28 associated with that biometric sample, as shown in step 105.
In the next step 105 (access to account list), conditional access is granted to the list of one or more accounts 28 associated with the biometric sample (e.g., biometric signature). In the next step 106 (account selection and access), the user selects the account 28 to be utilized in the intended transaction through at least one user action such as a keystroke, voice command, etc, using scanner 24 or some other input device (not shown) that is connected to terminal 14 or connected to biometric input device 20 to transmit the user action stroke. For example, the user action stroke could be by using the alphanumeric or numeric keypad on a portable phone or similar portable device. In the next step 107 (transaction selection), the type of transaction is specified by at least one user action. The data for the specified transaction is then transmitted in step 108 (transmittal of transaction data) to DPC 12 of the account issuer. For credit or debit purchases, or the withdrawal of funds, a debit of available funds or credit is made from the user account upon determination of sufficient financial resources represented by a checking account balance, available credit limit, etc. In the case of a deposit, funds are simply added to an account. The amount of the financial exchange is specified by the user or account holder or is specified by the selected merchant for a desired commodity (depending on the type of transaction). Alternatively, the user can specify the type of transaction (step 107) before being granted conditional access to the list of one or more accounts 28 (step 105) and then selecting the account (step 106).
In the next step 109 (sufficient resources?), a check is made to see if there are sufficient resources (e.g., funds or credit) in the authorized user's account to permit the requested transaction. If there are insufficient resources (NO), the transaction is denied and the user is typically notified (for example, by transmission to terminal 14 for display on display unit 18) of this denial (i.e., transaction denied) as shown in step 110. If there are sufficient resources (YES), the transaction is permitted and the user is typically notified (again, for example, by transmission to terminal 14 for display on display unit 18) that the transaction has been successful (i.e., transaction permitted or granted) as shown in step 111.
As shown in Fig. 2, the user can choose an optional pathway in the event the initial user identification is unsuccessful in step 103 or resources are insufficient in step 109. In this optional pathway, the user can try another account in step 112. If step 112 is chosen by the user (YES), the process of initiating the request for the account and transaction is repeated, starting with step 101 (initiation). If the user chooses not to try another account (NO), the process is terminated as shown in step 113.
An alternative embodiment of the method of the present invention is shown in Fig. 3 as a flowchart indicated generally as 200. This alternative embodiment is particularly useful in those situations where the user already knows what account and transaction they wish to select or where there is only one account and/or transaction that can be selected by the user. As shown in Fig. 3, the particular transaction desired by the user is initially selected (step 201), followed by the desired account (step 202), by a user action stroke as before. The particular order of transaction or account selection is not critical to this alternative method, so that step 202 (account selection) can also occur prior to step 201 (transaction selection). The user then initiates the request for access to the selected account (or accounts) and the selected transaction (or transactions) by submitting the biometric sample (or samples) in step 203. In step 204, the submitted biometric sample (using scanner 24 of biometric input device 20) is then securely transmitted as before to terminal 14 and then to DPC 12 of the account issuer. In step 205, the transmitted biometric sample is again compared against the previously recorded biometric sample, with access being denied (step 206) if there is no match, or granted if there is a match (step 207). A check is again made to see if there are sufficient resources (step 208) with the user being notified of insufficient resources (step 209) or sufficient resources (step 210). Where initial user identification is unsuccessful in step 205 or resources are insufficient in step 208, the user would again be given the option of trying another account (step 211) or simply terminating the transaction (step 212). Another alternative embodiment of the method of the present invention is shown in Fig. 4 as a flowchart indicated generally as 300. This alternative embodiment is particularly useful in those situations where the user logs onto terminal 14, preferably using a submitted biometric sample, and where the transaction being selected by the user is the purchase of particular goods or services offered by an online merchant. As shown in Fig. 4, the user initiates the request by submitting a biometric sample (step 301), followed by selection of the particular account (step 302) and the particular transaction (step 303). Again, the particular order in which the account (or accounts) or transaction (or transactions) is selected is not critical to this alternative method. The initiated request that includes the submitted biometric sample, selected account(s), and selected transaction(s) is then securely transmitted as before to terminal 14 and then to DPC 12 of the account user (step 304). In step 305, the transmitted biometric sample is again compared against the previously recorded biometric sample, with access being denied (step 306) if there is no match, or granted if there is a match (step 307). A check is again made to see if there are sufficient resources (step 308) with the user being notified of insufficient resources (step 309) or sufficient resources (step 310). Where initial user identification is unsuccessful in step 305 or resources are insufficient in step 308, the user would again be given the option of trying another account (step 311) or simply terminating the transaction (step 312).
The present invention can also be provided in the form of downloadable or otherwise installable software that can be used in system 10, and in particular as the combination of the DPC software component 26 (used with DPC 12), the terminal software component 30 (used with terminal 14) and the biometric software component 34 (used with biometric input device 20). For some systems, especially those where terminal 14 and biometric input device 20 are integral units or devices, the terminal software component 30 and the biometric software component 34 can also be an integral or single software component that controls or operates both the terminal and biometric input device function of the system. This software can also be provided or associated with a set of instructions for downloading or installation of the software on the system and/or use of the software with the system that are written or printed on one or more sheets of paper, in a multi-page manual, at the location where the software is located for remote downloading or installation (e.g., a server-based web site), on or inside the packaging in which the software is provided or sold, and/or on the electronic media (e.g., floppy disk or CD ROM disk) from which the software is loaded or installed, or any other suitable method for providing instructions on how to load, install and/or use the software.
While specific embodiments of the method and system of the present invention have been described, it will be apparent to those skilled in the art that various modifications thereto can be made without departing from the spirit and scope of the present invention as defined in the appended claims.

Claims

WHAT IS CLAIMED IS:
1. A method for electronically accessing at least one account and authorizing at least one transaction, wherein an authorized user has provided at least one previously recorded biometric sample to provide electronic access to the at least one account and authorize the at least one electronic transaction, the method comprising the steps of: a. submitting at least one biometric sample to initiate a request to electronically access the at least one account and authorize the at least one transaction; b. securely transmitting the submitted biometric sample for comparison to the recorded biometric sample. c. comparing the submitted biometric sample to the recorded biometric sample; d. determining whether or not the submitted biometric sample matches the recorded biometric sample; e. upon determining whether a match exists between the submitted and recorded biometric samples:
(1) if the submitted biometric sample does match the recorded biometric sample, granting the request to access the at least one account and authorize the at least one transaction; or (2) if the submitted biometric sample does not match the recorded biometric sample, denying the request to access the at least one account and authorize the at least one transaction.
2. The method of claim 1 wherein the at least one transaction is the withdrawal or deposit of funds to the at least one account.
3. The method of claim 1 wherein the at least one transaction is the purchase of goods or services through the at least one account.
4. The method of claim 1 wherein the submitted biometric sample is transmitted in encrypted form during step (b).
5. The method of claim 1 wherein the request during step (a) is initiated solely by submission of the at least one biometric sample.
6. The method of claim 1 wherein step (e)(1) further comprises the step of selecting the at least one account through at least one user action.
7. The method of claim 6 wherein the step (e)(1) further comprises the step of selecting the at least one transaction through at least one user action.
8. The method of claim 7 wherein step (e)(1) further comprises the step of determining whether there are sufficient funds or credit in the at least one account selected to permit the at least one transaction selected, and upon making the determination that:
(a) there are sufficient funds or credit in the at least one account selected, permitting the at least one transaction selected; or
(b) there are insufficient funds or credit in the at least one account selected, denying the at least one transaction selected
9. The method of claim 8 wherein the user is notified as to whether the at least one transaction selected has been permitted or denied.
10. A system for electronically accessing at least one account and authorizing at least one transaction, wherein an authorized user has provided at least one previously recorded biometric sample to provide electronic access to the at least one account and authorize the at least one electronic transaction, the system comprising:
(a) a data processing center having at least one account;
(b) data processing center software residing on the data processing center that is capable of responding to a request initiated by the submission of at least one biometric sample to electronically access the at least one account and authorize the at least one transaction and is capable of comparing the submitted biometric sample to the recorded sample to determine whether or not the submitted biometric sample matches the recorded biometric sample;
(c) an input terminal in communication with the data processing center and a biometric input device;
(d) input terminal software residing on the input terminal that is capable of securely transmitting the at least one submitted biometric sample from the biometric input device to the data processing center and is capable of receiving the determination by the data processing center as to whether or not the submitted biometric sample matches the recorded biometric sample; (e) a biometric input device connected to the input terminal that includes a biometric scanner that is capable of generating the submitted biometric sample; (f) biometric software residing on the biometric input device that is capable of transmitting the submitted biometric sample to the input terminal.
11. The system of claim 10 wherein one of the input terminal and the biometric input device further comprises a display unit that is capable of displaying the determination by the data processing center as to whether or not the submitted biometric sample matches the recorded biometric sample.
12. The system of claim 10 wherein the input terminal and the biometric input device are separate units.
13. The system of claim 10 wherein the input terminal and the biometric input device are integral units.
14. Software for use in a system for electronically accessing at least one account and authorizing at least one transaction, wherein an authorized user has provided at least one previously recorded biometric sample to provide electronic access to the at least one account and authorize the at least one electronic transaction, the system including a data processing center having at least one account, an input terminal in communication with the data processing center, and a biometric input device in communication with the input terminal that has a biometric scanner capable of generating the submitted biometric sample, the software comprising:
(a) data processing center software component that can reside on the data processing center and is capable of responding to a request initiated by the submission of at least one biometric sample to electronically access the at least one account and authorize the at least one transaction and is capable of comparing the submitted biometric sample to the recorded sample to determine whether or not the submitted biometric sample matches the recorded biometric sample; (b) an input terminal software component that can reside on the input terminal and is capable of securely transmitting the at least one submitted biometric sample from the biometric module to the data processing center and is capable of receiving the determination by the data processing center as to whether or not the submitted biometric sample matches the recorded biometric sample; (c) a biometric software component that can reside on the biometric input device and is capable of transmitting the submitted biometric sample to the input terminal.
15. The software of claim 14 wherein one of the input terminal and the biometric input device further includes a display unit that is capable of displaying the determination by the data processing center as to whether or not the submitted biometric sample matches the recorded biometric sample and wherein one of the input terminal software component and the biometric software component is further capable of causing the display unit to display the determination by the data processing center.
16. The software of claim 14 that is stored and installable from one or more nonvolatile electronic storage media.
17. The software of claim 16 wherein the electronic media are floppy disks or CD ROM disks.
18. The software of claim 14 which has instructions provided or associated therewith for how to use the software with the system, how to install the software on the system, or how to use with and install the software on the system.
19. The software of claim 14 wherein the input terminal software and the biometric input device software are separate software components.
20. The software of claim 14 wherein the input terminal software and the biometric input device software is an integral software component.
PCT/US2001/021485 2000-07-07 2001-07-06 Method and system for using biometric sample to electronically access accounts and authorize transactions WO2002005077A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001273249A AU2001273249A1 (en) 2000-07-07 2001-07-06 Method and system for using biometric sample to electronically access accounts and authorize transactions

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US21681000P 2000-07-07 2000-07-07
US60/216,810 2000-07-07
US66150800A 2000-09-13 2000-09-13
US09/661,508 2000-09-13

Publications (2)

Publication Number Publication Date
WO2002005077A2 true WO2002005077A2 (en) 2002-01-17
WO2002005077A3 WO2002005077A3 (en) 2003-12-31

Family

ID=26911359

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/021485 WO2002005077A2 (en) 2000-07-07 2001-07-06 Method and system for using biometric sample to electronically access accounts and authorize transactions

Country Status (2)

Country Link
AU (1) AU2001273249A1 (en)
WO (1) WO2002005077A2 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1418483A1 (en) * 2002-08-23 2004-05-12 Siemens Aktiengesellschaft Examination and grant of use authorizations
EP1791097A1 (en) * 2005-11-28 2007-05-30 Aruze Corp. Peripheral devices for gaming device, management server and gaming system therewith
WO2007070866A3 (en) * 2005-12-16 2008-01-03 Alcon Inc Control of intraocular pressure using alk5 modulation agents
EP1794708A4 (en) * 2004-07-21 2010-04-07 American Express Travel Relate A system and method for dynamic fob synchronization and personalization
WO2011063992A1 (en) 2009-11-30 2011-06-03 Christoph Busch Authenticated transmission of data
GB2525660A (en) * 2014-05-01 2015-11-04 Mastercard International Inc Methods, devices and systems for transaction initiation
US9330513B2 (en) 2013-05-31 2016-05-03 Microsoft Technology Licensing, Llc Resource management based on biometric data
US9686274B2 (en) 2013-10-11 2017-06-20 Microsoft Technology Licensing, Llc Informed implicit enrollment and identification
US10521662B2 (en) 2018-01-12 2019-12-31 Microsoft Technology Licensing, Llc Unguided passive biometric enrollment
WO2022026662A1 (en) * 2020-07-31 2022-02-03 Mastercard International Incorporated Biometric tokenized networks

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4821118A (en) 1986-10-09 1989-04-11 Advanced Identification Systems, Inc. Video image system for personal identification
US4993068A (en) 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system
US4995086A (en) 1986-05-06 1991-02-19 Siemens Aktiengesellschaft Arrangement and procedure for determining the authorization of individuals by verifying their fingerprints
US5054089A (en) 1988-12-29 1991-10-01 Kabushiki Kaisha Toshiba Individual identification apparatus
US5095194A (en) 1989-10-12 1992-03-10 Joseph Barbanell Holographic credit card with automatical authentication and verification
US5109427A (en) 1989-11-13 1992-04-28 Goldstar Co., Ltd. Fingerprint recognition device using a hologram
US5109428A (en) 1988-12-06 1992-04-28 Fujitsu Ltd Minutia data extraction in fingerprint identification
US5144680A (en) 1985-03-01 1992-09-01 Mitsubishi Denki Kabushiki Kaisha Individual identification recognition system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB9323489D0 (en) * 1993-11-08 1994-01-05 Ncr Int Inc Self-service business system
EP0938793A4 (en) * 1996-11-22 2003-03-19 T Netix Inc Voice recognition for information system access and transaction processing
US6023688A (en) * 1997-11-28 2000-02-08 Diebold, Incorporated Transaction apparatus and method that identifies an authorized user by appearance and voice
WO1999031621A1 (en) * 1997-12-17 1999-06-24 Smarttouch, Inc. Tokenless financial access system
JP2000092046A (en) * 1998-09-11 2000-03-31 Mitsubishi Electric Corp Remote authentication system
CN1319217A (en) * 1998-09-22 2001-10-24 西门子公司 Method and device for verifying authorization to log onto system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5144680A (en) 1985-03-01 1992-09-01 Mitsubishi Denki Kabushiki Kaisha Individual identification recognition system
US4995086A (en) 1986-05-06 1991-02-19 Siemens Aktiengesellschaft Arrangement and procedure for determining the authorization of individuals by verifying their fingerprints
US4821118A (en) 1986-10-09 1989-04-11 Advanced Identification Systems, Inc. Video image system for personal identification
US5109428A (en) 1988-12-06 1992-04-28 Fujitsu Ltd Minutia data extraction in fingerprint identification
US5054089A (en) 1988-12-29 1991-10-01 Kabushiki Kaisha Toshiba Individual identification apparatus
US5095194A (en) 1989-10-12 1992-03-10 Joseph Barbanell Holographic credit card with automatical authentication and verification
US5109427A (en) 1989-11-13 1992-04-28 Goldstar Co., Ltd. Fingerprint recognition device using a hologram
US4993068A (en) 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1418483A1 (en) * 2002-08-23 2004-05-12 Siemens Aktiengesellschaft Examination and grant of use authorizations
EP1794708A4 (en) * 2004-07-21 2010-04-07 American Express Travel Relate A system and method for dynamic fob synchronization and personalization
EP1791097A1 (en) * 2005-11-28 2007-05-30 Aruze Corp. Peripheral devices for gaming device, management server and gaming system therewith
WO2007070866A3 (en) * 2005-12-16 2008-01-03 Alcon Inc Control of intraocular pressure using alk5 modulation agents
WO2011063992A1 (en) 2009-11-30 2011-06-03 Christoph Busch Authenticated transmission of data
US8788837B2 (en) 2009-11-30 2014-07-22 Christoph Busch Authenticated transmission of data
US9330513B2 (en) 2013-05-31 2016-05-03 Microsoft Technology Licensing, Llc Resource management based on biometric data
US9686274B2 (en) 2013-10-11 2017-06-20 Microsoft Technology Licensing, Llc Informed implicit enrollment and identification
GB2525660A (en) * 2014-05-01 2015-11-04 Mastercard International Inc Methods, devices and systems for transaction initiation
US10521662B2 (en) 2018-01-12 2019-12-31 Microsoft Technology Licensing, Llc Unguided passive biometric enrollment
WO2022026662A1 (en) * 2020-07-31 2022-02-03 Mastercard International Incorporated Biometric tokenized networks
US12282919B2 (en) 2020-07-31 2025-04-22 Mastercard International Incorporated Biometric tokenized networks

Also Published As

Publication number Publication date
WO2002005077A3 (en) 2003-12-31
AU2001273249A1 (en) 2002-01-21

Similar Documents

Publication Publication Date Title
US7269737B2 (en) System and method for biometric authorization for financial transactions
US6662166B2 (en) Tokenless biometric electronic debit and credit transactions
US7099850B1 (en) Methods for providing cardless payment
US6636620B1 (en) Personal identification authenticating with fingerprint identification
US7103576B2 (en) System for providing cardless payment
US6016476A (en) Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6070141A (en) System and method of assessing the quality of an identification transaction using an identificaion quality score
US6581042B2 (en) Tokenless biometric electronic check transactions
US20020095389A1 (en) Method, apparatus and system for identity authentication
US20040073688A1 (en) Electronic payment validation using Transaction Authorization Tokens
US20060131390A1 (en) Method and system for providing transaction notification and mobile reply authorization
US20020169720A1 (en) Method for cardholder to place use restrictions on credit card at will
US20050018883A1 (en) Systems and methods for facilitating transactions
WO2002005077A2 (en) Method and system for using biometric sample to electronically access accounts and authorize transactions
JP2006155636A (en) IC card payment device
CA2460886A1 (en) Method for providing cardless payment
JP2003036465A (en) Card utilization transaction system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP