WO2004070670A1 - Privacy enhanced system and method comprising fact assertion query language - Google Patents

Privacy enhanced system and method comprising fact assertion query language Download PDF

Info

Publication number
WO2004070670A1
WO2004070670A1 PCT/EP2004/050041 EP2004050041W WO2004070670A1 WO 2004070670 A1 WO2004070670 A1 WO 2004070670A1 EP 2004050041 W EP2004050041 W EP 2004050041W WO 2004070670 A1 WO2004070670 A1 WO 2004070670A1
Authority
WO
WIPO (PCT)
Prior art keywords
customer
cardholder
response
assertion
card
Prior art date
Application number
PCT/EP2004/050041
Other languages
French (fr)
Inventor
Martin Koistinen
Original Assignee
Atos Origin It Services Uk Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Atos Origin It Services Uk Limited filed Critical Atos Origin It Services Uk Limited
Publication of WO2004070670A1 publication Critical patent/WO2004070670A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Definitions

  • the present invention is related to a privacy enhanced system and method comprising fact assertion query language.
  • Some of the more successful loyalty card programs involve more than one retailer. For example, the card would be accepted, and earn benefits for him, at; his grocer, his favorite gasoline station, his favorite airline and perhaps a few of the specialty retailers that he frequents. For a consumer, this provides ample opportunity to amass greater savings or points towards the benefits the card offers.
  • loyalty card programs have really only one purpose - to collect and correlate information about customers; their spending habits, their brand preferences, their reaction to promotions, etc. This provides valuable marketing information for the retailers involved and, to a great extent; it helps them tailor their products and services to serve customers better.
  • the present invention solves the above problems by providing a system or a method, which allows every organization to verify some personal information of its customer but which prevent such organization to access without any control to all the personal information of the customer.
  • the present invention is based on the fact that the organization access mainly to truth value of assertions and that access to such information is controlled by the customer.
  • each customer is provided with an identification card which allows him to access various organization (either public or private).
  • Such an identification card is equipped with an embedded cryptographic processor - a smart card.
  • the cryptographic smart chip was built from the ground up to securely hold information. It also provides a sufficient amount of computer processing and memory for the proposed innovations.
  • the identification card stores, among other things, public- and private keys. The cardholder will find these keys very useful in electronic transactions where he must prove his or her identity or electronically sign documents.
  • the card should be protected by the cardholder's personal identification number (PIN). This will allow a positive and culturally accepted means of approving operations on the card.
  • PIN personal identification number
  • Such an identification card store personal information on the customer such as his name, address and age. This card is. to be presented for accessing various organizations (private or public), which need to access all or part of this personal information.
  • the card will not reveal the exact and full personal data but just mainly a response such as "true” or "false”. Further, the cardholder will control all response to a query sent by a requesting entity by entering its PIN code.
  • the assertion application would allow specific assertions of fact to be made and their truth value returned. For example, a liquor retailer could require that the customer prove that he is of legal age to purchase alcohol. This application would allow a highly confident means of proving this assertion.
  • the application Since the application requires that the cardholder approve that the assert takes place, the cardholder is in full control of their details. Furthermore, the application does not allow for open-ended queries into the details of the cardholder. The facts are already known and exchanged by the parties. The fact is simply proven to a high degree of confidence by the application. Finally, the application only returns enough information to satisfy the legal requirements of those involved. In the case of the liquor store owner, he does not need to know the customer's current age or date of birth, just that he meets the legal requirements for buying alcohol.
  • the cardholder is at least age [21] as of [20-Jan-2003]
  • the cardholder would then approve the assertion by entering the correct PIN for the card.
  • the Assertion Applet would then decrypt the appropriate record on the card, compare the official date of birth for this cardholder to the date provided (20-Jan-2003), compute that it is at least the age provided and return simply true or false to the card- terminal, which would display the value for the retailer.
  • the author proposes that the Assertion Application can interact with a number of data records on the card such as at least the cardholder's official name, official gender, official date of birth, official current residence.
  • the cardholder's first name is [Martin].
  • the cardholder's Surname is [Koistinen].
  • the cardholder is [Male],
  • the cardholder is at least [21] years old as of [20-Jan-2003].
  • the cardholder is currently residing in the state of [England].
  • the cardholder is currently residing in the county of [Berkshire].
  • the cardholder is currently residing in the city of [Windsor].
  • the single assertion is approved or denied. It would not be possible to simply ask for information about the cardholder. First of all, the cardholder must approve the assertion first. Even then, if the assertion fails, no further information about the cardholder is revealed.
  • the Assertion Application can be used to prove assertions that the cardholder declares of themselves. This means that the card only proves known facts. It does not reveal them. When a cardholder tries to buy alcohol, he or she is asserting that they are of the legal age. The application helps them prove it.
  • both parties have the ability to prove that only the right assertions were made, and that these were sufficient to allow or deny the membership or transaction.
  • a cardholder has gone to a job interview and the employer has asked to assert that he or she is at least the legal age to work, but the employer has instructed the card terminal to assert two facts:
  • the cardholder is at least age [15] as of [20-Jan-2003].
  • the cardholder is [male].
  • the cardholder could firstly disallow the second assertion, then take a receipt of the assertion to the authorities as evidence of the employer's misconduct.
  • the author proposes a variation of the application that would allow assertions to be made on certain emergency medical information.
  • the application could be implemented so that with
  • the cardholder is known to be allergic to [penicillin].
  • the cardholder is known to be a [hemophiliac].

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Strategic Management (AREA)
  • Computer Security & Cryptography (AREA)
  • General Business, Economics & Management (AREA)
  • Bioethics (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Control Of Vending Devices And Auxiliary Devices For Vending Devices (AREA)
  • Cash Registers Or Receiving Machines (AREA)

Abstract

Privacy enhanced method for a customer to communicate personal data to an organization he has access to comprising the steps of. - receiving a request for personal information from a requesting entity belonging to said organization, such a request being presented into the form of an assertion admitting a response of the type 'true' or 'false'; - providing to the requesting entity the response of such an assertion, such a response being transferred with the control of the customer.

Description

PRIVACY ENHANCED SYSTEM AND METHOD COMPRISING FACT ASSERTION QUERY LANGUAGE
The present invention is related to a privacy enhanced system and method comprising fact assertion query language.
Nowadays there is a constant development of transactions between organization and customer where customers are obliged to identify themselves and where personal data are collected. This can be the subject of considerable abuse.
For example, a customer who opens his purse or wallet, will find, somewhere in there, several forms of identification cards. Some of these were probably issued by some forms of authority such as government, employer or perhaps school.
It is likely that he also carries other "identification cards" from retailers in his area. These cards are often described as "loyalty cards" and he carries them because his retailer provides him with additional savings or points towards other benefits if he presents it every time he makes a purchase.
Some of the more successful loyalty card programs involve more than one retailer. For example, the card would be accepted, and earn benefits for him, at; his grocer, his favorite gasoline station, his favorite airline and perhaps a few of the specialty retailers that he frequents. For a consumer, this provides ample opportunity to amass greater savings or points towards the benefits the card offers.
However, loyalty card programs have really only one purpose - to collect and correlate information about customers; their spending habits, their brand preferences, their reaction to promotions, etc. This provides valuable marketing information for the retailers involved and, to a great extent; it helps them tailor their products and services to serve customers better.
Unfortunately, while the collection and analysis of such personal data by an organization (private or public) can be of great public benefit, it can also present some drawbacks in particular when links are made across organizations.
Privacy-aware consumers shy away from these programs - and for good reason. Armed with his personal details, any of the involved retailers could establish a match of a customer identity to credit agencies, public records, and more. Some of these retailers will also gain additional revenue by selling or renting customer personal details to other private organizations. Before too long, such a customer will find a tremendous amount of unsolicited offers in his mailbox and unsolicited salespeople calling he at suppertime. If he is an internet-enabled consumer, it won't be too long before his web browsing habits are also being collected against his profile and the content of spam and browser pop-up ads will start to reflect someone else's idea of who he really is.
Presented with these concerns, it is no wonder many people would object to any form of identification cards. Without the proper care, a ubiquitous identity card could compound the problem of widespread collection and correlation of the consumers personal details.
On the other side it is also beneficial for the public that each organization identifies their customers such for example for loyalty programs.
There is therefore a need that every organization had access to personal information for specific legal reasons, but also that personal information should not be disseminated.
The present invention solves the above problems by providing a system or a method, which allows every organization to verify some personal information of its customer but which prevent such organization to access without any control to all the personal information of the customer.
The present invention is based on the fact that the organization access mainly to truth value of assertions and that access to such information is controlled by the customer.
The invention will be further understood in connection with a detailed description of a practical example. Such an example is not limitative of the invention, which should have other forms of implementation.
Following the embodiment further described, each customer is provided with an identification card which allows him to access various organization (either public or private).
Such an identification card is equipped with an embedded cryptographic processor - a smart card. The cryptographic smart chip was built from the ground up to securely hold information. It also provides a sufficient amount of computer processing and memory for the proposed innovations.
The identification card stores, among other things, public- and private keys. The cardholder will find these keys very useful in electronic transactions where he must prove his or her identity or electronically sign documents.
The card should be protected by the cardholder's personal identification number (PIN). This will allow a positive and culturally accepted means of approving operations on the card.
Some of the algorithms used to facilitate the functionality are already known. In particular, the application would use a cryptographic hash function at least in part.
Such an identification card store personal information on the customer such as his name, address and age. This card is. to be presented for accessing various organizations (private or public), which need to access all or part of this personal information.
However in order to prevent from ώsseminating such a personal data, the card will not reveal the exact and full personal data but just mainly a response such as "true" or "false". Further, the cardholder will control all response to a query sent by a requesting entity by entering its PIN code.
For that the card and the requesting entity of the organization that ask for the personal data are equipped with an assertion application program.
The assertion application would allow specific assertions of fact to be made and their truth value returned. For example, a liquor retailer could require that the customer prove that he is of legal age to purchase alcohol. This application would allow a highly confident means of proving this assertion.
Since the application requires that the cardholder approve that the assert takes place, the cardholder is in full control of their details. Furthermore, the application does not allow for open-ended queries into the details of the cardholder. The facts are already known and exchanged by the parties. The fact is simply proven to a high degree of confidence by the application. Finally, the application only returns enough information to satisfy the legal requirements of those involved. In the case of the liquor store owner, he does not need to know the customer's current age or date of birth, just that he meets the legal requirements for buying alcohol.
Sometimes it is important for an organization to know certain facts about the cardholder before he or she can become a member of, or interact with the organization. For example, in order to by alcohol beverages from a retailer, the customer is typically asked to prove that he or she is of the legal age. The retailer doesn't need to know the customer's actual age, just that they are at least the minimum age. The author proposes another application on the card that can help. Once the retailer verifies that the card is authentic and that the individual is the proper holder of that card, the retailer might ask the cardholder to insert his or her card into the trusted card-terminal for an age-verification. The cardholder would insert his or her card and the terminal would display the assertion that the retailer needs verified. If the local legal age for alcohol purchase were 21 and the current date were the 20th of January 2003, the terminal might read:
The cardholder is at least age [21] as of [20-Jan-2003]
The cardholder would then approve the assertion by entering the correct PIN for the card. The Assertion Applet would then decrypt the appropriate record on the card, compare the official date of birth for this cardholder to the date provided (20-Jan-2003), compute that it is at least the age provided and return simply true or false to the card- terminal, which would display the value for the retailer.
Note that this interaction does not reveal any more information about the cardholder than is necessary for retailer to fulfill their legal requirements. In fact, this sort of innovation would even allow the retailer to maintain receipts that each purchase of alcohol was to a legally aged customer.
The author proposes that the Assertion Application can interact with a number of data records on the card such as at least the cardholder's official name, official gender, official date of birth, official current residence.
Some example assertions might be:
To assert that the name the cardholder provided is their official name:
The cardholder's first name is [Martin]. The cardholder's Surname is [Koistinen].
The cardholder's full legal name is [Martin James Koistinen].
To assert that the cardholder is the proper gender to join a single- gender school:
The cardholder is [Male],
To assert that a cardholder is of legal age to enter a night club:
The cardholder is at least [21] years old as of [20-Jan-2003].
Verifying that a cardholder is eligible for a child-discount:
The cardholder is not yet [12] years old as of [20-Jan-2003],
To assert that the cardholder is a legal resident of a tax or voting district:
The cardholder is currently residing in the state of [England]. The cardholder is currently residing in the county of [Berkshire]. The cardholder is currently residing in the city of [Windsor].
Note that in each case, the single assertion is approved or denied. It would not be possible to simply ask for information about the cardholder. First of all, the cardholder must approve the assertion first. Even then, if the assertion fails, no further information about the cardholder is revealed.
In general, the Assertion Application can be used to prove assertions that the cardholder declares of themselves. This means that the card only proves known facts. It does not reveal them. When a cardholder tries to buy alcohol, he or she is asserting that they are of the legal age. The application helps them prove it.
Since the card terminal can provide a receipt of the assertions and their answers, both parties have the ability to prove that only the right assertions were made, and that these were sufficient to allow or deny the membership or transaction. Imagine a case where a cardholder has gone to a job interview and the employer has asked to assert that he or she is at least the legal age to work, but the employer has instructed the card terminal to assert two facts:
The cardholder is at least age [15] as of [20-Jan-2003]. The cardholder is [male].
If it were inappropriate for the gender of the cardholder to be asserted for the position, the cardholder could firstly disallow the second assertion, then take a receipt of the assertion to the authorities as evidence of the employer's misconduct.
Additionally, the author proposes a variation of the application that would allow assertions to be made on certain emergency medical information. The application could be implemented so that with
proper authorization, emergency medical crews could make these assertions without requiring the possibly unconscious cardholder's PIN:
The cardholder is known to be allergic to [penicillin]. The cardholder is known to be a [hemophiliac].
Perhaps also with the proper authorization, more open-ended questions could be asked such as:
What is the cardholder's blood type?
What medications is the cardholder current prescribed to take?
What is the contact information for the cardholder's current doctor?

Claims

1. Privacy enhanced method for a customer to communicate personal data to an organization he has access to, the method comprising the steps of: receiving a request for personal information from a requesting entity belonging to said organization, the request being presented in the form of an assertion admitting a response of the type "true" or "false"; and providing to the requesting entity a response to the assertion, the response being transferred with the control of the customer.
2. The method of claim 1, wherein said response is generated by a microprocessor embedded in a device belonging to said customer, said microprocessor calculating the truth value of the query based on customer personal data stored on the microprocessor.
3. The method of claim 2, wherein said response needs for being transferred to the requesting entity that the customer communicates a password to that device such as a PIN code.
4. A system to implement the method of claims 1 to 3, wherein said customer has a smart card to communicate with a terminal to the requesting entity, said smart card storing personal data and an algorithm to operate on the query transmitted by the terminal.
PCT/EP2004/050041 2003-01-23 2004-01-23 Privacy enhanced system and method comprising fact assertion query language WO2004070670A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0301539A GB2397676A (en) 2003-01-23 2003-01-23 Privacy enhanced system using fact assertion language
GB0301539.3 2003-01-23

Publications (1)

Publication Number Publication Date
WO2004070670A1 true WO2004070670A1 (en) 2004-08-19

Family

ID=9951654

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2004/050041 WO2004070670A1 (en) 2003-01-23 2004-01-23 Privacy enhanced system and method comprising fact assertion query language

Country Status (2)

Country Link
GB (1) GB2397676A (en)
WO (1) WO2004070670A1 (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0421409A2 (en) * 1989-10-06 1991-04-10 International Business Machines Corporation Transaction system security method and apparatus
US5148481A (en) * 1989-10-06 1992-09-15 International Business Machines Corporation Transaction system security method and apparatus
US5745571A (en) * 1992-03-30 1998-04-28 Telstra Corporation Limited Cryptographic communications method and system
US5943423A (en) * 1995-12-15 1999-08-24 Entegrity Solutions Corporation Smart token system for secure electronic transactions and identification
WO1999046682A1 (en) * 1998-03-10 1999-09-16 Robyn Alice Lindley Mobile intelligent memory (mim) unit with removable security key
DE19816541A1 (en) * 1998-04-15 1999-10-21 Orga Kartensysteme Gmbh Data exchange system using smart cards
GB2346239A (en) * 1999-01-26 2000-08-02 Ibm Card security and Web sites
EP1035461A2 (en) * 1999-03-11 2000-09-13 BDC - EDV Consulting GmbH Terminal for secure data confirmation and corresponding method
EP1104959A2 (en) * 1991-10-02 2001-06-06 AT&T Corp. A cryptographic protocol for secure communications
US20010034840A1 (en) * 1998-06-17 2001-10-25 Jerome Sion System for protecting software
US20020194499A1 (en) * 2001-06-15 2002-12-19 Audebert Yves Louis Gabriel Method, system and apparatus for a portable transaction device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0810538B1 (en) * 1996-05-28 2002-08-28 Fujitsu Limited Management system for using IC card with registered personal information
EP0864996A3 (en) * 1997-03-13 1999-09-15 Hitachi, Ltd. Portable electronic device and method for personal identification

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0421409A2 (en) * 1989-10-06 1991-04-10 International Business Machines Corporation Transaction system security method and apparatus
US5148481A (en) * 1989-10-06 1992-09-15 International Business Machines Corporation Transaction system security method and apparatus
EP1104959A2 (en) * 1991-10-02 2001-06-06 AT&T Corp. A cryptographic protocol for secure communications
US5745571A (en) * 1992-03-30 1998-04-28 Telstra Corporation Limited Cryptographic communications method and system
US5943423A (en) * 1995-12-15 1999-08-24 Entegrity Solutions Corporation Smart token system for secure electronic transactions and identification
WO1999046682A1 (en) * 1998-03-10 1999-09-16 Robyn Alice Lindley Mobile intelligent memory (mim) unit with removable security key
DE19816541A1 (en) * 1998-04-15 1999-10-21 Orga Kartensysteme Gmbh Data exchange system using smart cards
US20010034840A1 (en) * 1998-06-17 2001-10-25 Jerome Sion System for protecting software
GB2346239A (en) * 1999-01-26 2000-08-02 Ibm Card security and Web sites
EP1035461A2 (en) * 1999-03-11 2000-09-13 BDC - EDV Consulting GmbH Terminal for secure data confirmation and corresponding method
US20020194499A1 (en) * 2001-06-15 2002-12-19 Audebert Yves Louis Gabriel Method, system and apparatus for a portable transaction device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
FERREIRA R C: "THE SMART CARD: A HIGH SECURITY TOOL IN EDP", 1 September 1989, PHILIPS TELECOMMUNICATION REVIEW, PHILIPS TELECOMMUNICATIE INDUSTRIE N.V. HILVERSUM, NL, PAGE(S) 1-19, XP000072642 *

Also Published As

Publication number Publication date
GB0301539D0 (en) 2003-02-26
GB2397676A (en) 2004-07-28

Similar Documents

Publication Publication Date Title
US7761384B2 (en) Strategy-driven methodology for reducing identity theft
KR101378504B1 (en) Privacy enhanced identity scheme using an un-linkable identifier
US6985887B1 (en) Apparatus and method for authenticated multi-user personal information database
US7269737B2 (en) System and method for biometric authorization for financial transactions
US7647505B2 (en) Recording medium, recording medium reading/writing apparatus, and method of using recording medium
US11855973B2 (en) Systems and methods relating to digital identities
US6957770B1 (en) System and method for biometric authorization for check cashing
Clodfelter Biometric technology in retailing: Will consumers accept fingerprint authentication?
US20070291995A1 (en) System, Method, and Apparatus for Preventing Identity Fraud Associated With Payment and Identity Cards
US20030177102A1 (en) System and method for biometric authorization for age verification
MX2007009329A (en) Secure transaction system.
US9508074B2 (en) Method for secure use of identification cards
Birch Digital identity management: perspectives on the technological, business and social implications
JPH10157352A (en) Ic card, and personal information administration system using the ic card
Nguyên National Identification Systems
WO2004070670A1 (en) Privacy enhanced system and method comprising fact assertion query language
US20060178940A1 (en) Open house information system
US20160048839A1 (en) System and method for exclusion-based imposter screening
Kang et al. Biometrics for hospitality and tourism: a new wave of information technology
US20020146154A1 (en) Method and system for mitigating distortive effects in biometric samples in a biometric verification system
US20020073344A1 (en) Method and apparatus for preventing an unauthorized transaction
CA2408181C (en) Apparatus and method for assuring the integrity of a multi-user personal information database
Walker California's Privacy Laws
Scherer Biometrics: Past, present and future
Smith et al. Privacy in Electronic Media: Identification, Authentication and Anonymity in a Legal Context

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established
122 Ep: pct application non-entry in european phase