WO2016011053A1 - Procédé et appareil pour améliorer la sécurité basée sur la soumission pour des transactions utilisant la reconnaissance faciale - Google Patents

Procédé et appareil pour améliorer la sécurité basée sur la soumission pour des transactions utilisant la reconnaissance faciale Download PDF

Info

Publication number
WO2016011053A1
WO2016011053A1 PCT/US2015/040409 US2015040409W WO2016011053A1 WO 2016011053 A1 WO2016011053 A1 WO 2016011053A1 US 2015040409 W US2015040409 W US 2015040409W WO 2016011053 A1 WO2016011053 A1 WO 2016011053A1
Authority
WO
WIPO (PCT)
Prior art keywords
input
facial recognition
electro
signature
mobile device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2015/040409
Other languages
English (en)
Inventor
Claus MOLDT
Liam LYNCH
Aaron SAGRAY
Joey JAROSZ
Bryant Nguyen
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mpath Inc
Original Assignee
Mpath Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mpath Inc filed Critical Mpath Inc
Publication of WO2016011053A1 publication Critical patent/WO2016011053A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • G06Q20/40145Biometric identity checks

Definitions

  • Security for various types of transactions has become anonymized as consumers increasingly interact with companies through an exchange of faceless electronic communications.
  • security for document security and attestation, as well as security for financial transactions may become compromised if a consumer's passcodes come under the control of someone who is not the consumer.
  • the authentication of electronic transactions using facial recognition may be used to prevent fraudulent electronic transactions.
  • facial recognition may be combined with additional transactional information to increase the security of electronic transactions. While conventional electronic transactions may be vulnerable to fraud based on stolen passcodes, the use of facial recognition in the securing of electronic transactions prevents fraudulent individuals who are not the consumer from conducting transactions, even if a fraudulent individual has obtained a passcode of the consumer. As such, the use of methods and systems as provided herein may benefit consumers who may otherwise become victims of fraud.
  • a method for authenticating an electronic transaction conducted on a mobile device comprises initiating an electronic transaction on a mobile device having one or more facial recognition sensors and having a processor. The method also comprises generating, with the facial recognition sensor and the processor on the mobile device, a facial recognition input. Additionally, the method comprises receiving, by the mobile device, an electro-physical signature input. Further, the method comprises sending the facial recognition input and the electro-physical signature input to an authentication system for verification, wherein the facial recognition input and the electro- physical signature input are provided to the authentication system in association with the electronic transaction conducted on the mobile device. The method also comprises generating a digital signature based upon the facial recognition input and the electro-physical signature input.
  • a method for authenticating an electronic transaction, conducted on a mobile device, at an authentication center comprises receiving electronic transaction data associated with an electronic transaction, conducted on the mobile device, that is initiated by a user.
  • the method also comprises receiving at least one facial recognition input associated with the electronic transaction, wherein the at least one facial recognition input is generated at the mobile device.
  • the method comprises receiving at least one electro-physical signature input associated with the electronic transaction, wherein the at least one electro-physical signature input is received at the mobile device.
  • the method additionally comprises comparing the facial recognition input and the electro-physical signature input to facial recognition data associated with the user and an electro-physical signature data associated with the user.
  • the method comprises determining the facial recognition input and the electro-physical signature input match the facial recognition data associated with the user and the electro-physical signature data associated with the user, thereby authenticating the facial recognition input and the electro-physical signature input.
  • the method also comprises generating a digital signature based on the authenticated facial recognition input and the authenticated electro-physical signature input.
  • FIG. 1 is a block diagram of an authentication system, in accordance with an embodiment of the invention.
  • FIG. 2 is another block diagram of an authentication system, in accordance with an embodiment of the invention.
  • FIG. 3 is a block diagram showing artifact storage, in accordance with an embodiment of the invention.
  • FIG. 4 schematically illustrates a computer system that is programmed or otherwise configured to implement methods and user interfaces of the present disclosure.
  • facial recognition input and electro-physical signature input may be used to authenticate a transaction.
  • FIG. 1 provides a block diagram of an authentication system, in accordance with embodiments of the invention.
  • facial recognition input 200, electro-physical signature input 300, and transactional data 400 may be provided to a combiner 500.
  • the facial recognition input may be a photo or a video.
  • the facial recognition input 200 may be generated using a camera on a mobile device.
  • a camera on a mobile device may include one or more image sensors.
  • the one or more image sensors may be used as facial recognition sensors and/or facial detection sensors.
  • a processor of a mobile device may be used to generate a facial recognition input based on at least one image captured by a camera of the mobile device.
  • the processor may alter the at least one image when generating the facial recognition input.
  • facial recognition input 200 may include one or more facial detection photos.
  • a facial detection photo may have to meet certain requirements to be used; for example, the facial detection photo may need to have a threshold degree of brightness.
  • the facial detection photo may need to contain a threshold percentage of the photo that includes the face. Additionally or alternatively, the facial detection photo may need to be taken within a threshold amount of time prior to a transaction.
  • the facial detection photo may need to clearly display prominent facial characteristics.
  • Prominent facial characteristics may include at least one of eyes, nose, and mouth.
  • the electro-physical signature input 300 may include a personal identification number (PIN), such as a series of numbers that is associated with a user's account when conducting a transaction. Additionally or alternatively, the electro-physical signature input 300 may be one or more swipes, such as a series of swipes, that are input into a mobile-device. Additionally or alternatively, the electro-physical signature input 300 may include a signature input.
  • the signature input may be a signature that is generated by the user.
  • the signature may be a handwritten signature.
  • the signature input may be a signature that is input by a user into an electronic interface using a stylus. The signature input may be generated before the transaction, at the time of the transaction, and/or as an additional verification step after a transaction has been initiated.
  • transactional data 400 may include and/or represent, without limitation, the document that the user is signing as part of the transaction.
  • the transaction data 400 may be the final result of the device flow.
  • the transaction data 400 may be a document attesting to an auditable event or circumstance, such as a list of physical resources in a data center (e.g., servers, routers, switches, etc.).
  • the transaction data 400 may be for a financial transaction such as a commitment to purchase a product or service.
  • the combiner 500 may analyze the facial recognition input 200, electro-physical signature input 300, and transaction data 400 to determine whether a transaction may be authenticated. Upon determining that the transaction may be authenticated, the combiner 500 may provide facial recognition 200 and/or electro-physical signature 300 to a digital signature component 900. Additionally, the digital signature component 900 may generate a digital signature, which may then be used to verify the transaction. In some examples, the digital signature may be generated within the authentication system. In other examples, the digital signature may be generated external to the authentication system. In examples, the digital signature may comprise at least a portion of the facial recognition input. In additional examples, the digital signature may comprise at least a portion of the electro-physical signature input.
  • the digital signature may comprise at least a portion of the facial recognition input and at least a portion of the electro-physical signature input.
  • the digital signature may comprise a photo and a PIN.
  • a digital signature that is provided by the digital signature component 900 may be provided to the combiner 500, which may then combine the digital signature with transaction data, such as transaction data 400.
  • FIG. 2 provides a block diagram, in accordance with an embodiment of the invention.
  • the environment for the invention includes two devices, namely a consumer device 100 and a combiner 500.
  • the consumer device 100 may be used by a user who is carrying out a transaction.
  • the consumer device 100 has a facial recognition input 200.
  • facial recognition input 200 may include, without limitation and in certain embodiments, facial detection photos.
  • the consumer device 100 may have the ability to capture a photo of the user's face. This may include, for instance, facial detection so that a detected human face may be captured by photo.
  • the consumer device 100 has an electro-physical signature input 300.
  • the electro-physical signature input 300 may be a personal identification number (PIN) or an actual signature input into the consumer device 100.
  • the consumer device 100 may have the ability to produce a graphical dialog that may capture the movement of a user's finger or a stylus pen to capture the electro-physical signature input 300.
  • the consumer device 100 may be, for example, a mobile smart device such as a smart phone or tablet, or a personal computer or another type of computing device.
  • the consumer device 100 may include a camera that may take a picture of a face.
  • the camera may include image sensors.
  • the image sensors of a camera may be used as facial recognition sensors.
  • examples of image sensors may include a charge- coupled device (CCD) sensor, a complementary metal-oxide-semiconductor (CMOS) sensor, an N-type metal-oxide-semiconductor (NMOS) sensor, a back-side illuminated complementary metal-oxide-semiconductor (BSI-CMOS) sensor, or another type of sensor.
  • CCD charge- coupled device
  • CMOS complementary metal-oxide-semiconductor
  • NMOS N-type metal-oxide-semiconductor
  • BSI-CMOS back-side illuminated complementary metal-oxide-semiconductor
  • the camera may include or be coupled to a processor that may evaluate whether an image contains sufficient conditions to capture an image that is compliant with standards for a facial recognition input.
  • Standards for facial recognition inputs may include an image having sufficient brightness, an image showing a sufficient amount of facial coverage, and/or an image that includes particular facial characteristics such as eyes, mouth, nose, and/or ears, among other aspects of a face.
  • the consumer device 100 may perform facial detection and produce a facial recognition input 200.
  • the transaction may not continue if a photo of a face is not taken and/or is not provided in association with the transaction.
  • a transaction that is initiated may be ceased if a photo of a face is not taken and provided in association with the transaction.
  • the consumer device 100 may expose a place on a screen of the consumer device 100 so that a user may write his or her signature and the area of the screen displays the user's physical signature. This may produce an electro-physical signature input, such as electro-physical signature input 300.
  • information from the facial recognition input 200 and the electro-physical signature input 300 may be provided to the transaction data 400.
  • the combined facial recognition input 200, electro-physical signature input 300, and transaction data 400 may be provided to the combiner 500.
  • the combiner 500 may fetch additional information that may be required for verifying or authenticating a transaction.
  • the combiner 500 may run, for example, on a service that is not part of the consumer device 100.
  • the combiner 500 may be run on a serivce that is remote (e.g., a server) from the consumer device 100.
  • the combiner 500 may be used to combine the consumer device's input (i.e., the facial recognition input 200 and the electro-physical signature input 300) that may be used to form a digital signature.
  • the combiner 500 may verify the facial recognition input 200 and/or the electro-physical signature input 300. Once the facial recognition input 200 and/or the electro- physical signature input 300 has been verified, the combiner 500 may provide at least a portion of the facial recognition input 200 and/or at least a portion of the electro-physical signature input
  • the digital signature component 900 may use the at least a portion of the facial recognition input 200 and/or at least a portion of the electro-physical signature input 300 to generate a digital signature.
  • transformed data 600 may represent an output from the combiner 500.
  • the transformed data 600 may be the final output of the combiner 500 in the server method, as described above.
  • the output form of the transformed data 600 may interface or integrate with any other application or process. Accordingly, the output form of the transformed data 600 may be used for further look-up, may be integrated with additional data, may be sent to an additional validation process, or may be used to store signatures in a way that may be compared later for a future transaction or purpose.
  • the transformed data 600 may break up the facial recognition input 200 and/or the electro-physical signature input 300 and store each of the inputs in a manner such that they may be used later.
  • the stored inputs may be used for fraud detection of a transaction that has already occurred. This may allow the described methods to be used in conjunction with current (e.g., live) and/or prior transactions.
  • the combiner 500 may also fetch information from a transaction preparation component 700.
  • information associated with the transaction preparation component 700 may include images that are stored in association with accounts, signatures, or any other information that may be used to verify the user associated with the transaction.
  • Information associated with the transaction preparation component 700 may be provided by the user; alternately, such information may be obtained from other sources, including third party sources.
  • the transaction preparation component 700 may be used by the combiner 500 to prepare. Additionally, the transaction preparation component 700 may be used to integrate digital cryptography to apply to the transaction data 400.
  • the combiner 500 may use many forms of digital cryptography. In one non-limiting example, the combiner 500 may apply its own proprietary cryptography method. In other cases, an end user may use its own cryptography method.
  • transaction security 800 may evaluate whether the information from the facial recognition input 200 and the electro-physical signature input 300 belong to the same user. Additionally, information that is sourced from the transaction preparation component 700 may be evaluated by transaction security 800 after processing through the combiner 500. In examples, transaction security 800 may evaluate whether the information from the facial recognition input 200 and the electro-physical signature input 300 belongs to the same user after processing through the combiner 500. Various gradations of matching characteristics associated with the facial recognition input 200 may be specifically contemplated.
  • the transaction security 800 may represent the location where a digital signature associated with the user is securely stored. Once verified, a digital signature 900 may be generated and then provided back through to the transaction data 400, thereby allowing the transaction to proceed based on the verification.
  • the digital signature 900 may use a prepared private key to digitally sign the transaction as a whole.
  • FIG. 3 is a block diagram showing artifact storage, in accordance with an embodiment of the invention.
  • FIG. 3 illustrates a block diagram that depicts artifact storage 1200, along with transaction security 800, and recognition 1000.
  • Recognition 1000 may use a method to compare the electro-physical signature input 300 and facial recognition input 200 to ensure that they belong to a unique user.
  • the recognition 1000 function may be performed within the combiner 500.
  • Artifact management which may include managing images and information associated with a user and determining whether such information is up-to-date, may also be employed through the recognition 1000 function.
  • FIG. 2 illustrates an embodiment in which the environment for the invention includes two devices, namely the consumer device 100 and the combiner 500.
  • the consumer device 100 may be used by the user who is producing transactions. Additionally, a consumer device 100 may include the capability of taking photos (such as facial recognition input 200) as well as gathering an electro-physical signature input 300.
  • the server method's side of FIG. 2 may show the combiner 500 that accepts the user's transaction data 400 from the consumer device 100.
  • the combiner 500 receives the transaction data 400 and may provide a context-sensitive combination of transaction security 800 based on the user and the process described herein.
  • the transaction data 400 could be a document, facial recognition input 200, such as a facial detection photo, and an electro-physical signature input 300.
  • the combiner 500 may then use the transaction preparation component 700 as additional data to enable the correct digital signature process.
  • this embodiment provides a method to construct a private key and uses that key to produce a digital signature 900 in respect of the transaction data 400.
  • this invention may integrate with an external key management process and uses that process to produce a digital signature 900 in respect of the transaction data 400.
  • the combiner 500 may invoke a method to produce a digital signature 900 in respect of the transaction data 400.
  • the transaction security 800 may ensure that a comparison of the electro-physical signature input 300 and facial recognition input 200 are made against the same items in the artifact storage 1200. This may also involve performing facial recognition of the facial recognition input 200 to determine the identity of the user. If the electro-physical signature input 300 and facial recognition input 200 do not match, the transaction fails. If the transaction fails, the processing may cease and the user of the consumer device 100 may be informed of the failure.
  • the combiner may also log the failure in the artifact storage 1200, where it is placed against the user under whose identity the transaction was attempted.
  • the digital signature 900 may be is invoked and produces a new transaction data 400 item.
  • the new transaction data item 400 may be a cryptographic result known as a digital signature out of band.
  • a digital signature in general, may be combined directly along with the data it is signing or it may be separated out of band.
  • the invention may separate the digital signature and may not combine it into the other transaction data 400.
  • transaction data 400 items may be separate.
  • Another embodiment of the invention may combine all transaction data 400.
  • the facial recognition input 200 and the electro-physical signature input 300 may be placed into a transaction data document in specific places, such as when transaction data comprises a single item. Additionally, transaction data 400 may be output from the combiner 500.
  • the digital signature 900 may then be applied and combined into the document in question.
  • a benefit of providing for two types of digital signatures may be to create a method to support a variety of transaction support.
  • the combiner 500 may receive transaction data 400 from the consumer device 100.
  • the combiner 500 may gather transactional information prepared by the transaction preparation component 700, as described in reference to FIG. 2. Additionally, the combiner 500 may select the electro-physical signature input 300 and the detected facial recognition input 200. The input data may be verified by transaction security 800 as depicted in FIG. 2.
  • the combiner 500 may invoke a digital signature that is generated by digital signature component 900.
  • the digital signature component 900 may generate a digital signature by creating a cryptographic signature block using a method outside of this system that is a standardized process.
  • FIG. 3 depicts how artifact storage 1200 may be used in addition to artifact
  • the recognition 1000 method may use data and two types of algorithms to verify that one photo (e.g., a representative facial recognition input 200) matches another instance of a photo (e.g., facial recognition) and that an image of an electro-physical signature 300 matches another instance of the particular user's signature. These methods may use commercial off-the- shelf software to make such comparisons.
  • the features of the combiner 500 may be implemented in a non-transitory computer readable medium that contains instructions that, when executed, perform the steps set forth above.
  • Some embodiments of the invention may include a server that contains instructions that, when executed, perform the steps set forth above for the combiner 500.
  • the features of the consumer device 100 may be implemented in a non-transitory computer readable medium that contains instructions that, when executed, perform the steps set forth above.
  • Some embodiments of the invention may include a consumer device or a portion of the consumer device that contains instructions that, when executed, perform the steps set forth above for the consumer device 100.
  • embodiments of the invention may include methods performed by either the consumer device 100 or the combiner 500, or a combination of the two, including the steps set forth herein.
  • FIG. 4 shows a computer system 1301 that is
  • the computer system 1301 includes a central processing unit (CPU, also "processor” and “computer processor” herein) 1305, which can be a single core or multi core processor, or a plurality of processors for parallel processing.
  • the computer system 1301 also includes memory or memory location 1310 (e.g., random-access memory, read-only memory, flash memory), electronic storage unit 1315 (e.g., hard disk), communication interface 1320 (e.g., network adapter) for communicating with one or more other systems, and peripheral devices 1325, such as cache, other memory, data storage and/or electronic display adapters.
  • the memory 1310, storage unit 1315, interface 1320 and peripheral devices 1325 are in communication with the CPU 1305 through a communication bus (solid lines), such as a motherboard.
  • the storage unit 1315 can be a data storage unit (or data repository) for storing data.
  • the computer system 1301 can be operatively coupled to a computer network ("network") 1330 with the aid of the communication interface 1320.
  • the network 1330 can be the Internet, an internet and/or extranet, or an intranet and/or extranet that is in communication with the Internet.
  • the network 1330 in some cases is a telecommunication and/or data network.
  • the network 1330 can include one or more computer servers, which can enable distributed computing, such as cloud
  • the network 1330 in some cases with the aid of the computer system 1301, can implement a peer-to-peer network, which may enable devices coupled to the computer system 1301 to behave as a client or a server.
  • the CPU 1305 can execute a sequence of machine-readable instructions, which can be embodied in a program or software.
  • the instructions may be stored in a memory location, such as the memory 1310. Examples of operations performed by the CPU 1305 can include fetch, decode, execute, and writeback.
  • the CPU 1305 can be part of a circuit, such as an integrated circuit.
  • a circuit such as an integrated circuit.
  • One or more other components of the system 1301 can be included in the circuit.
  • the circuit is an application specific integrated circuit (ASIC).
  • ASIC application specific integrated circuit
  • the storage unit 1315 can store files, such as drivers, libraries, and saved programs.
  • the storage unit 1315 can store user data, e.g., user preferences and user programs.
  • the computer system 1301 in some cases can include one or more additional data storage units that are external to the computer system 1301, such as located on a remote server that is in
  • the computer system 1301 can communicate with one or more remote computer systems through the network 1330.
  • the computer system 1301 can communicate with a remote computer system of a user (e.g., student, school, or company).
  • remote computer systems include personal computers (e.g., portable PC), slate or tablet PC's (e.g., Apple® iPad, Samsung® Galaxy Tab), telephones, Smart phones (e.g., Apple® iPhone, Android-enabled device, Blackberry®), or personal digital assistants.
  • a remote computer system may include a camera.
  • the camera of a remote computer system may be used to generate facial recognition data, such as images, that may be used as facial recognition input.
  • the user can access the computer system 1301 via the network 1330.
  • Methods as described herein can be implemented by way of machine (e.g., computer processor) executable code stored on an electronic storage location of the computer system 1301, such as, for example, on the memory 1310 or electronic storage unit 1315.
  • the machine executable or machine readable code can be provided in the form of software.
  • the code can be executed by the processor 1305.
  • the code can be retrieved from the storage unit 1315 and stored on the memory 1310 for ready access by the processor 1305.
  • the electronic storage unit 1315 can be precluded, and machine-executable instructions are stored on memory 1310.
  • the code can be pre-compiled and configured for use with a machine having a processer adapted to execute the code, or can be compiled during runtime.
  • the code can be supplied in a programming language that can be selected to enable the code to execute in a precompiled or as-compiled fashion.
  • aspects of the systems and methods provided herein can be embodied in programming.
  • Various aspects of the technology may be thought of as “products” or “articles of manufacture” typically in the form of machine (or processor) executable code and/or associated data that is carried on or embodied in a type of machine readable medium.
  • Machine-executable code can be stored on an electronic storage unit, such memory (e.g., read-only memory, random-access memory, flash memory) or a hard disk.
  • Storage type media can include any or all of the tangible memory of the computers, processors or the like, or associated modules thereof, such as various semiconductor memories, tape drives, disk drives and the like, which may provide non-transitory storage at any time for the software programming. All or portions of the software may at times be communicated through the Internet or various other telecommunication networks. Such communications, for example, may enable loading of the software from one computer or processor into another, for example, from a management server or host computer into the computer platform of an application server.
  • another type of media that may bear the software elements includes optical, electrical and electromagnetic waves, such as used across physical interfaces between local devices, through wired and optical landline networks and over various air- links. The physical elements that carry such waves, such as wired or wireless links, optical links or the like, also may be considered as media bearing the software. As used herein, unless restricted to non-transitory, tangible
  • storage media terms such as computer or machine “readable medium” refer to any medium that participates in providing instructions to a processor for execution.
  • a machine readable medium such as computer-executable code
  • a tangible storage medium such as computer-executable code
  • Non-volatile storage media include, for example, optical or magnetic disks, such as any of the storage devices in any computer(s) or the like, such as may be used to implement the databases, etc. shown in the drawings.
  • Volatile storage media include dynamic memory, such as main memory of such a computer platform.
  • Tangible transmission media include coaxial cables; copper wire and fiber optics, including the wires that comprise a bus within a computer system.
  • Carrier-wave transmission media may take the form of electric or electromagnetic signals, or acoustic or light waves such as those generated during radio frequency (RF) and infrared (IR) data communications.
  • RF radio frequency
  • IR infrared
  • Common forms of computer-readable media therefore include for example: a floppy disk, a flexible disk, hard disk, magnetic tape, any other magnetic medium, a CD-ROM, DVD or DVD-ROM, any other optical medium, punch cards paper tape, any other physical storage medium with patterns of holes, a RAM, a ROM, a PROM and EPROM, a FLASH-EPROM, any other memory chip or cartridge, a carrier wave transporting data or instructions, cables or links transporting such a carrier wave, or any other medium from which a computer may read programming code and/or data.
  • Many of these forms of computer readable media may be involved in carrying one or more sequences of one or more instructions to a processor for execution.
  • the computer system 1301 can include or be in communication with an electronic display 1335.
  • the electronic display 1335 can be part of the computer system 1301, or coupled to the computer system 1301 directly or through the network 1330.
  • the electronic display can include a user interface (UI) for providing various features and functionalities described herein. Examples of UI's include, without limitation, a graphical user interface (GUI) and web-based user interface.
  • GUI graphical user interface
  • Methods and systems of the present disclosure can be implemented by way of one or more algorithms.
  • An algorithm can be implemented by way of software upon execution by one or more computer processors.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Image Analysis (AREA)

Abstract

L'invention concerne des procédés et des systèmes d'authentification d'une transaction électronique réalisée sur un dispositif mobile. Une transaction électronique est lancée sur un dispositif mobile. En outre, une entrée de reconnaissance faciale est générée. Une entrée de signature électro-physique est reçue. L'entrée de reconnaissance faciale et l'entrée de signature électro-physique sont fournies au système d'authentification. En outre, une signature numérique est générée sur la base de l'entrée de reconnaissance faciale et de l'entrée de signature électro-physique. La signature numérique est ensuite reçue en provenance du système d'authentification pour authentifier la transaction électronique.
PCT/US2015/040409 2014-07-14 2015-07-14 Procédé et appareil pour améliorer la sécurité basée sur la soumission pour des transactions utilisant la reconnaissance faciale Ceased WO2016011053A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201462024340P 2014-07-14 2014-07-14
US62/024,340 2014-07-14

Publications (1)

Publication Number Publication Date
WO2016011053A1 true WO2016011053A1 (fr) 2016-01-21

Family

ID=55078994

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2015/040409 Ceased WO2016011053A1 (fr) 2014-07-14 2015-07-14 Procédé et appareil pour améliorer la sécurité basée sur la soumission pour des transactions utilisant la reconnaissance faciale

Country Status (1)

Country Link
WO (1) WO2016011053A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN121530596A (zh) * 2026-01-19 2026-02-13 湖南科技职业学院 数字签名生成及认证系统、方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002054341A1 (fr) * 2001-01-08 2002-07-11 Stefaan De Schrijver, Incorporated Commersign: systemes et procedes pour transactions de commerce electronique securisees
US20070260558A1 (en) * 2006-04-17 2007-11-08 Look Thomas F Methods and systems for secure transactions with electronic devices
US20100115607A1 (en) * 2008-11-06 2010-05-06 At&T Intellectual Property I, L.P. System and method for device security with a plurality of authentication modes
US20120110341A1 (en) * 2010-11-02 2012-05-03 Homayoon Beigi Mobile Device Transaction Using Multi-Factor Authentication

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002054341A1 (fr) * 2001-01-08 2002-07-11 Stefaan De Schrijver, Incorporated Commersign: systemes et procedes pour transactions de commerce electronique securisees
US20070260558A1 (en) * 2006-04-17 2007-11-08 Look Thomas F Methods and systems for secure transactions with electronic devices
US20100115607A1 (en) * 2008-11-06 2010-05-06 At&T Intellectual Property I, L.P. System and method for device security with a plurality of authentication modes
US20120110341A1 (en) * 2010-11-02 2012-05-03 Homayoon Beigi Mobile Device Transaction Using Multi-Factor Authentication

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN121530596A (zh) * 2026-01-19 2026-02-13 湖南科技职业学院 数字签名生成及认证系统、方法

Similar Documents

Publication Publication Date Title
US11195167B2 (en) Offline payment method and device
US10937267B2 (en) Systems and methods for provisioning digital identities to authenticate users
US9064257B2 (en) Mobile device transaction using multi-factor authentication
US12363097B2 (en) Systems and methods for cryptographic authentication
US20210166241A1 (en) Methods, apparatuses, storage mediums and terminal devices for authentication
WO2020236651A1 (fr) Système de vérification et de gestion d'identités
US20200382306A1 (en) Biometric verification process using certification token
US12200141B2 (en) Systems and methods for conducting remote attestation
US11936649B2 (en) Multi-factor authentication
US20180343247A1 (en) Method, user terminal and authentication service server for authentication
WO2018234882A1 (fr) Système et procédé de réalisation d'une transaction
US11962600B2 (en) Apparatus and methods for secure, distributed, augmented-reality (AR) communication systems
CN110598433B (zh) 基于区块链的防伪信息处理方法、装置
US10671718B2 (en) System and method for authentication
CN111095246B (zh) 用于认证用户的方法和电子设备
US20150016698A1 (en) Electronic device providing biometric authentication based upon multiple biometric template types and related methods
CN112334897B (zh) 认证用户的方法和电子设备
US11586717B2 (en) Method and electronic device for authenticating a user
WO2016011053A1 (fr) Procédé et appareil pour améliorer la sécurité basée sur la soumission pour des transactions utilisant la reconnaissance faciale
US20230130024A1 (en) System and method for storing encryption keys for processing a secured transaction on a blockchain
US12401514B2 (en) Preventing unauthorized exposure of sensitive data

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15822224

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205N DATED 23/03/2017)

122 Ep: pct application non-entry in european phase

Ref document number: 15822224

Country of ref document: EP

Kind code of ref document: A1