Method and system for securing user access, data at rest and sensitive transactions using biometrics for mobile devices with protected, local templates

Assignee

• BioCrypt Access LLC · US

Inventors

• Rodney Beatson · Odenton, US
• Mark A. Kelty · Catonsville, US
• Christopher J. Beatson · Cary, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/80
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Biometric data are obtained from biometric sensors on a stand-alone computing device, which may contain an ASIC, connected to or incorporated within it. The computing device and ASIC, in combination or individually, capture biometric samples, extract biometric features and match them to one or more locally stored, encrypted templates. The biometric matching may be enhanced by the use of an entered PIN. The biometric templates and other sensitive data at rest are encrypted using hardware elements of the computing device and ASIC, and/or a PIN hash. A stored obfuscated PassWord is de-obfuscated and may be released to the authentication mechanism in response to successfully decrypted templates and matching biometric samples. A different de-obfuscated password may be released to authenticate the user to a remote or local computer and to encrypt data in transit. This eliminates the need for the user to remember and enter complex passwords on the device.