Browse Prior Art Database

Device Authentication by Continuous or Repeated Ambient Biometric Data Collection

IP.com Disclosure Number: IPCOM000246655D
Publication Date: 2016-Jun-24
Document File: 5 page(s) / 32K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a method of placing biometric surfaces on multiple edges of electronic devices and providing continuous or near-continuous authentication while in operation. The device continually monitors user biometrics while in operation and provides the correct authentication/authorization level to the user. This advances device authentication and authorization methods, permitting higher levels of confidence in data security from mobile devices.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 24% of the total text.

Page 01 of 5

Device Authentication by Continuous or Repeated Ambient Biometric Data Collection

Although mobile transactions through a variety of devices grow more complex and ubiquitous, interacting with mobile devices remains rudimentary. Mobile devices depend on the user to provide keyboard or keypad input. Use of mobile devices becomes awkward, inconvenient, and sometimes dangerous when these devices demand these kinds of human actions during common moments of human life (e.g., while caring for patients or children, boarding planes with luggage, operating machinery, etc.). Current systems do not make use of information that is already available to the device and precludes the need to frequently demand certain types of user input.

Current devices cannot determine an active user's identity and effectively interact with the user based on said identity. Some current devices use biometric data to establish a user's identity, but do not ensure that a current, active user is the same as the previously validated user, or that the identification transaction is not fraudulent or coerced. The current approach does not guarantee that current activity should truly be deemed authorized (e.g., a real fingerprint vs. a facsimile thereof, an active user vs. a sleeping/unconscious user, etc.) Current mobile device biometric identification methods do not enable the primary user to share the device without concerns about unauthorized activity or unauthorized information extraction.

In addition, mobile devices are naturally considered highly personal objects, and thus are not configured for multi-user activity, and especially not configured for multi-user security. However, sharing mobile devices between different users is common, with several established patterns of sharing. Devices are commonly shared between spouses and within families, amongst teenagers, and among co-workers. Each situation has different sharing patterns. Current devices do not and cannot distinguish between users as subsequently initiate appropriate changes in activity authorization.

Further, human users naturally interact with devices using hands and fingers. However, devices pay very little attention to user's hand and finger positions or motions, especially in the context of the device's orientation, position, location, or movement. Outside of a limited set of on-surface finger gestures, devices are mostly dependent on determining "which button did a finger push?" in order to communicate with users.

Finally, current security functions for smart phones are not smart enough; for instance, fingerprint sensors are typically small, and only sense one finger's fingerprint. Users need to place a particular finger onto a particular location as the input, which is often inconvenient, as users need to purposely move fingers to enter security information. Additionally, if a user is incapacitated, others may still use the owner's finger to unlock the device. From both the perspective of convenienc...