Browse Prior Art Database

Method for Improved Two factor Authentication using Text Password and Biometric Technology (Finger Print) for Computer Based system like ATM, Access Doors, Workstations etc

IP.com Disclosure Number: IPCOM000166329D
Original Publication Date: 2008-Jan-10
Included in the Prior Art Database: 2008-Jan-10
Document File: 2 page(s) / 89K

Publishing Venue

IBM

Abstract

Disclosed is a unique method of two-factor authentication involving traditional password authentication and Biometric based authentication using fingerprints which makes the over all authentication stronger compared to the existing two-factor authentication methods. The feature disclosed in this solution is to intelligently make use of the text based password ( as the first factor authentication), biometric authentication using fingerprint as the second factor authentication) and the need to have unique mapping of every character in the password with the fingerprint of the finger used to enter that particular character, with the use of disclosed apparatus (enhanced keyboard/keypads for ATM, computer and related systems that have a one touch finger print scanner on every key) to make the overall authentication system much more stronger and hence secure.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 2

Method for Improved Two factor Authentication using Text Password and Biometric Technology (Finger Print) for Computer Based system like ATM , Access Doors, Workstations etc

Name: Sandeep Ramesh, Darshak P Shah, Ravikiran R Vetapalem, Ranadip Das

Authentication is a method to ensure that the individual is who he or she claims to be. The most common method for authentication used in computer and computer based application is the User Name and Associated Text Password method. However this method requires user to keep stringent passwords, else a compromise in passwords might result in hacking of the user account. Moreover computer based systems like ATM's generally have a limitation on the maximum password length, thus making it difficult to form stringent passwords. These is a known limitations associated with this method.

Biometric authentication is basically biological identification of a person, which includes characteristics of structure and of action such as iris and retinal patterns, hand geometry, fingerprints, the dynamics of hand-written signatures, etc.Though biometric authentication systems based on fingerprints are much secure than the password based authentication method, it too has its own limitation. For example, fingerprints can be captured from a water glass, fool scanners etc which can be exploited to hack the account protected by biometric authentication based on fingerprints. Also studies have shown that Biometric authentication based on fingerprints have a false acceptance rate of around 1 in 100,000.For tighter security requirements some system makes use of two-factor authentication. Two-factor authentication (T-FA) is any authentication protocol that requires two independent ways to establish identity and privileges.

Disclosed is a unique method of two-factor authentication involving traditional password authentication and Biometric based authentication using fingerprints which makes the over all authentication stronger compared to the existing two-factor authentication methods.

Disclosed solution in brief:


To achieve the stronger authentication mechanism, the solution discloses specialized apparatus/hardware. The new apparatus (An Enhanced Keyboard/Keypad) which consists of all the keys with a one-touch fingerprint scanner attached to them. The apparatus can be attached to the system (like computer, ATM machine, security doors) via available means of communication, for example via the USB port. The new apparatus is associated with a software driver that will allow the system to identify the keys pressed by the user and also scan the user's finger on the key-press event and provide the system with the fingerprint.

The disclosed two-factor authentication works the following way:
The user needs to provide the fingerprint of all 10 f...