Browse Prior Art Database

Biometric authentication using realtime synchronisation and wearable technology

IP.com Disclosure Number: IPCOM000244935D
Publication Date: 2016-Feb-02
Document File: 3 page(s) / 130K

Publishing Venue

The IP.com Prior Art Database

Abstract

Authentication using two real time biometric measurements and wearable technology. The authentication device contains a biometric sensor which compares a measurement in real time to a biometric measurement from the user's pre registered wearable. If there is a match, the user is authenticated.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 51% of the total text.

Page 01 of 3

Biometric authentication using realtime synchronisation and wearable technology

This disclosure presents a method of authentication using realtime biometrics and

wearable technology. Current biometric authentication methods such as face detection involve comparing a recorded signal (an image of a person) to a stored reference signal (a facial model). The problem of this method is that an attacker can execute a replay attack if they are able to generate a signal that is close to the recorded signal (e.g. by using a photo of the user) to gain access. A stored reference signal presents a security risk if the storage is compromised or encryption methods are broken and the signal is obtained during transmission, allowing an attacker to execute a replay attack. This invention details a real time biometric authentication method that prevents replay attacks by using two synchronised signals.

    Consider the scenario where a user is trying to unlock their mobile phone using their heart beat. Conventional methods would measure the user's heart beat from their smart watch sensor and then compare this data with the user's unique heart beat profile on a database. If they match, the phone will unlock.

This invention's method utilises a secondary sensor on the mobile phone as

well as the sensor on the smart watch. When the user attempts to unlock their phone (they are wearing a smart watch with a sensor), the system will prompt the user to place a finger onto the phone's sensor. The system will then measure the user's heart beat from both sensors. Instead of comparing the measured heart beat to a stored heart beat, the system checks that incoming data streams from the sensor on the wearable and the sensor on the system are synchronised. By using real-time synchronisation of biometrics, there is no data being exchanged between an external database for an attacker to intercept, which solves the replay attack

problem of conventional biometric authentication methods. Not only are the biometric measurements unique to the user, they are also unique at the time the user wishes to authenticate, meaning a replay attack is not possible.

    For this invention, the user will be required to pre-register their wearable device with the intended system to enable the system to query the wearable device associated with the intended user. Wearable devices are difficult for an attacker to steal because they are physically attached to the user and can automatically lock themselves if they are removed (http://www.cultofmac.com/295024/apple-watch-anti-theft/). Sensors located on the

wearable will be used to measure a specific biometric in real time. For example, light sensors could be used on a smart watch to measure the user's heart beat. Each time the user wishes to authenticate with the system, the system will query the

wearable device for the real time biometric data. The wearable will then transmit the encrypted biometric data through a means of wireless communication...