Browse Prior Art Database

Dynamic Password Using User Biometric Data Disclosure Number: IPCOM000238026D
Publication Date: 2014-Jul-25
Document File: 8 page(s) / 190K

Publishing Venue

The Prior Art Database


A dynamic password can be used to unlock a device, e.g., a mobile phone, computer, tablet, or any other item or application that requires a password for access. The dynamic password includes a user defined passphrase and data describing the user’s biometric parameters. The biometric parameters can be a measurement of the user’s physiological characteristics. For example, the biometric parameters can represent the user’s galvanic skin response, brain activity, blink pattern, skin tone, retinal state, and heart rate. When the user initially creates a dynamic password for a device, the user selects a defined passphrase and a set of reference biometric parameters are obtained from the user. When the user attempts to unlock the device, the user enters a passphrase and the device obtains a set of present biometric parameters from the user. The passphrase is matched against the user defined passphrase and the present biometric parameters are matched against the reference biometric parameters. If both the entered passphrase and the present biometric parameters match the user defined passphrase and the reference biometric parameters, the user is granted access or is authenticated. However, if any one of the entered passphrase or the present biometric parameters do not match, the user is denied access or is not authenticated.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 20% of the total text.

Page 01 of 8

Dynamic Password Using User Biometric Data 


A dynamic password can be used to unlock a device, e.g., a mobile phone, computer, tablet, or 

any other item or application that requires a password for access. The dynamic password includes a  user defined passphrase and data describing the user's biometric parameters. The biometric parameters  can be a measurement of the user's physiological characteristics. For example, the biometric parameters  can represent the user's galvanic skin response, brain activity, blink pattern, skin tone, retinal state, and  heart rate. When the user initially creates a dynamic password for a device, the user selects a defined  passphrase and a set of reference biometric parameters are obtained from the user. When the user  attempts to unlock the device, the user enters a passphrase and the device obtains a set of present  biometric parameters from the user. The passphrase is matched against the user defined passphrase and  the present biometric parameters are matched against the reference biometric parameters. If both the  entered passphrase and the present biometric parameters match the user defined passphrase and the  reference biometric parameters, the user is granted access or is authenticated. However, if any one of  the entered passphrase or the present biometric parameters do not match, the user is denied access or  is not authenticated.  



Passwords are pivotal to a user's online security. User's personal data and information, e.g., 

financial and bank information, photos, e­banking credentials, etc., can be accessed if the user's  password is compromised. Current passwords used in order to grant user access to a device consists of  the user entering a predefined mix of alphanumeric characters. However, this method of authenticating a 



Page 02 of 8

user using these passwords can be easily compromised. For example, a person may be forced to  disclose their predefined password under duress. The predefined password can then be used by  someone with malicious intent to access the person's personal data. A more advanced and  sophisticated password system which can be used for authenticating a user such that it prevents  unauthorized access to the device is described.  


The systems and techniques described in this disclosure relate to a password system that 

provides authenticated access to devices. The password system can be implemented for use in an  Internet, an intranet, or another client and server environment. For example, ...