Patent Issued for Access Control Through Multi-Factor Image Authentication (USPTO 10,346,675)
2019 JUL 19 (NewsRx) -- By a
The assignee for this patent, patent number 10,346,675, is
Reporters obtained the following quote from the background information supplied by the inventors: “Various authentication methods are employed to authenticate users accessing financial accounts from user terminals. For example, when accessing an account from an automated teller machine (ATM), users are typically required to provide a physical card and a personal identification number (PIN). On most modern ATMs, the customer is identified after inserting a plastic ATM card with a magnetic stripe or a plastic smart card with a chip, that contains a unique card number and some security information such as an expiration date and CVV code. Authentication is typically provided by the customer entering a PIN, but other authentication techniques may be implemented. Using an ATM, customers can access their bank accounts in order to make deposits of cash or checks, make cash withdrawals, obtain credit card cash advances, and check their account balances as well as other functions.
“One issue with ATMs and other such secret password authentication based systems is that they are vulnerable to fraud. For example, while in previous decades, ATMs retained an inserted bank card through the duration of a transaction, currently existing ATMs merely require customers to swipe or dip the card to be read. At the end of a transaction, the customer is typically prompted for further action during an authentication session. Since the customer has already reclaimed his ATM card and has completed the transaction, the customer might vacate the ATM prior to termination of authentication, thus leaving the authenticated session open for potential fraudulent use.
“Additionally, malicious users may obtain bank account information by attaching scanning devices to an ATM to read a transaction card and record the embedded account information, and also obtain the user’s PIN number by watching or recording video of the user entering the PIN on the ATM keypad. Once the malicious user has the account information and PIN, he has access to the user’s account. Other systems in which a user enters a password, PIN, log-in or other private information are similarly susceptible to fraud. For example, a malicious user can obtain a user’s secure website log-in and password by watching the user input the private information.
“ATMs are frequently equipped with cameras for security reasons that also may be capable of capturing video and snapshots of the customer facing the camera. Recently, various financial institutions have started to use still imaging or video imaging in their ATMs to authenticate customer access. Instead of, or as an alternative to, using a bank card or personal identification number, such ATMs capture an image of the customer’s face and compare it to the account holder’s photo in the financial institution’s database to confirm the customer’s identity.
“Although customer authentication by facial recognition offers various advantages, it too can be vulnerable to fraud when employed as a stand-alone authentication technique. For example, one way to trick or ‘spoof’ a facial recognition system is to present a two dimensional representation (e.g., picture, photograph, etc.) of a person in front of the camera, where the two-dimensional image shows a front view of that person. For example, one way to trick or ‘spoof’ a facial recognition system is to present a two dimensional representation (e.g., picture, photograph, etc.) of a person in front of the camera, where the image captured by the camera shows a front view of that person. The two dimensional image can cause the system to identify an authorized user based on the features in the picture or photograph. Therefore, a malicious user may be able to gain access to an ATM account or other secured system simply by procuring a picture or other artificial representation of an authorized user.
“Accordingly, there is a need for solutions for identifying and authenticating users of ATMs and other electronic devices such as described above. Such solutions desirably should be extremely difficult to circumvent, and should provide an improved user experience. Both users and financial institutions would benefit from a decrease in fraudulent transactions.”
In addition to obtaining background information on this patent, NewsRx editors also obtained the inventor’s summary information for this patent: “Disclosed herein are systems and methods for authenticating users accessing financial accounts from user terminals such as automatic teller machines (ATMs). According to an embodiment, a user authentication operates within a system hardware and software architecture and authenticates users to process a requested transaction. According to an embodiment, a system and method of authenticating user access to financial accounts uses multi-factor facial image authentication to decrease the potential for fraudulent transactions. The system and method captures a first facial image of a user and compares this image with stored facial recognition credentials. The method prompts the user via a facial gesture cue to make a facial gesture, captures a second facial image of the user, and compares the second image with stored facial gesture credentials. The user is authorized to perform a transaction in the event the first facial image matches a facial recognition credential for an authorized account, and the second facial image matches a facial gesture credential associated with the authorized account. An additional authentication factor may employ a secondary biometric sensor.
“In an embodiment, a system for authenticating users accessing financial accounts includes an authentication server and a user terminal, such as a user terminal in accordance with an ATM protocol. The user terminal includes one or more front-facing imaging sensor, such as a still camera, a video camera, or a combination of such cameras. The system detects the presence of a user to commence the authentication process. An authentication server stores user credential records for authorized users of the financial institution. These user credential records are compared with facial images and optionally with other biometric data of a user seeking to perform a transaction.
“In an embodiment, facial gesture credentials may be representative of a static facial gesture, a dynamic facial gesture, or both. In an embodiment, facial gesture credentials may be representative of an overt facial gesture, or may be representative of a secret facial gesture known only to an authorized user.
“In an embodiment, a processor-based method, comprises detecting, by a processor in operative communication with a user terminal, presence of a user requesting a cash withdrawal transaction at the user terminal; capturing, by an imaging sensor of the user terminal in operative communication with the processor in response to the detecting the presence of the user, first imaging data including a first facial image of the user; transmitting, by the user terminal, the first imaging data to the processor; determining, by the processor, whether the first imaging data matches a facial recognition credential record for an authorized user included in a plurality of facial recognition credential records stored by the processor; generating, by the processor in the event the first imaging data matches the facial recognition credential record for the authorized user, a facial gesture cue for display by an output device in operative communication with the processor, wherein the facial gesture cue is selected from a plurality of facial gesture cues stored by the processor for the authorized user; capturing, by the imaging sensor of the user terminal upon the display of the facial gesture cue, second imaging data including a second facial image of the user; transmitting, by the user terminal, the second imaging data to the processor; determining, by the processor, whether the second imaging data matches a facial gesture credential record for the authorized user included in a plurality of facial recognition credential records stored by the processor; and in the event the first imaging data matches the facial recognition credential record for the authorized user and the second imaging data matches the facial gesture credential record for the authorized user, authorizing, by the processor, the cash withdrawal transaction for processing; and activating, by the user terminal, a dispensing of cash from the user terminal based on the cash withdrawal transaction authorized by the processor.
“In an embodiment, a system comprises an imaging sensor of a user terminal for capturing first imaging data including a first facial image of a user requesting a cash withdrawal transaction at the user terminal, and for capturing second imaging data including a second facial image of the user; an output device of the user terminal; an authentication database hosted by one or more servers comprising non-transitory machine-readable memory, the authentication database configured to store a plurality of facial gesture cues, a plurality of facial recognition credential records, and a plurality of facial gesture credential records; one or more server computers comprising one or more processing units executing an authentication module, the one or more server computers in communication with the non-transitory memory and the authentication module configured to execute a set of instructions instructing the one or more servers to: receive from the imaging sensor the first imaging data including the first facial image of the user after detecting presence of the user requesting the cash withdrawal transaction at the user terminal; determine whether the first imaging data matches a facial recognition credential record for an authorized user included in the plurality of facial recognition credential records stored by the authentication database; generate a facial gesture cue for display by the output device in the event the first imaging data matches the recognition credential record for the authorized user, wherein the facial gesture cue is selected from two or more facial gesture cues associated with the authorized user included in the plurality of facial gesture cues stored by the authentication database; receive from the imaging sensor the second imaging data including the second facial image of the user upon the display of the facial gesture cue; determine whether the second imaging data matches a facial gesture credential record for the authorized user included in the plurality of facial gesture credential records stored by the authentication database; and in the event the first imaging data matches the facial recognition credential record for the authorized user, and the second imaging data matches the facial gesture credential record for the authorized user, authorize the cash withdrawal transaction for processing, and activate a dispensing of cash based on the authorized cash withdrawal transaction at the user terminal.
“In an embodiment, a processor-based method, comprises detecting, by a processor in operative communication with a user terminal, presence of a user requesting a cash withdrawal transaction at the user terminal; generating, by the processor in operative communication with an output device of the user terminal in response to the detecting the presence of the user, a facial gesture cue for display by the output device, wherein the facial gesture cue is selected from a plurality of facial gesture cues stored by the processor; capturing, by an imaging sensor of the user terminal in operative communication with the processor upon the display of the facial gesture cue by the output device, imaging data including a facial image of the user; transmitting, by the user terminal, the imaging data to the processor; determining, by the processor, whether the imaging data matches a modified facial recognition template stored by the processor for an authorized user; generating, by the processor in operative communication with an output device of the user terminal in the event the imaging data matches a modified facial recognition template stored by the processor for an authorized user, a biometric cue for display by the output device, wherein the biometric cue is selected from one or more biometric cue stored by the processor for the authorized user; capturing, by a biometric sensor of the user terminal, biometric authentication data upon the display of the biometric cue; transmitting, by the user terminal, the biometric authentication data to the processor; determining, by the processor, whether the biometric authentication data matches a biometric credential record stored by the processor for the authorized user; and in the event the imaging data matches the modified facial recognition template stored by the processor for the authorized user and the biometric authentication data matches the biometric credential record stored by the processor for the authorized user, authorizing, by the processor, the cash withdrawal transaction for processing; and activating, by the user terminal, a dispensing of cash from the user terminal based on the cash withdrawal transaction authorized by the processor.
“A processor-based method comprises detecting, by a processor in operative communication with a user terminal, presence of a user requesting a cash withdrawal transaction at the user terminal; generating, by the processor in operative communication with an output device of the user terminal in response to the detecting the presence of the user, a facial gesture cue for display by the output device, wherein the facial gesture cue prompts the user to execute a given facial gesture corresponding to modified facial recognition templates stored by the processor for a plurality of authorized users, wherein the modified facial recognition templates comprise facial images of the plurality of authorized users performing the given facial gesture; capturing, by a imaging sensor of the user terminal in operative communication with the processor upon the display of the facial gesture cue, imaging data including a facial image of the user; determining, by the processor, whether the imaging data matches a modified facial recognition template for an authorized user included in the modified facial recognition templates stored by the processor for the plurality of authorized users; in the event the imaging data matches the modified facial recognition template for the authorized user, generating, by the processor, a biometric cue for display by the output device, wherein the biometric cue is selected from a plurality of biometric cue stored by the processor; capturing, by a biometric sensor of the user terminal, biometric authentication data upon the display of the biometric cue; determining, by the processor, whether the biometric authentication data matches a biometric credential record stored by the processor for the authorized user; and in the event the imaging data matches the modified facial recognition template for the authorized user and the biometric authentication data matches the biometric credential record stored by the processor for the authorized user, authorizing, by the processor, the cash withdrawal transaction for processing; and activating, by the user terminal, a cash dispensing for the cash withdrawal transaction authorized by the processor.
“In an embodiment, a system, comprises an imaging sensor of a user terminal for capturing imaging data including a facial image of a user requesting a cash withdrawal transaction at the user terminal; a biometric sensor of the user terminal for capturing biometric data including biometric authentication data of the user requesting the cash withdrawal transaction; an output device of the user terminal; an authentication database hosted by one or more server computers comprising non-transitory machine-readable memory, the authentication database configured to store a plurality of modified facial recognition templates for a plurality of authorized users and to store a plurality of biometric credential records, wherein the modified facial recognition templates comprise facial images of the plurality of authorized users performing a given facial gesture; the one or more server computers comprising one or more processing units executing an authentication module, the one or more server computers in communication with the non-transitory memory and the authentication module configured to execute a set of instructions instructing the one or more server computers to: generate a facial gesture cue for display by the output device after detecting presence of the user requesting the cash withdrawal transaction at the user terminal, wherein the facial gesture cue prompts the user to execute the given facial gesture corresponding to the modified facial recognition templates stored by the authentication database for the plurality of authorized users; receive from the imaging sensor the imaging data including the facial image of the user captured by the imaging sensor upon the display of the facial gesture cue; determine whether the imaging data matches a modified facial recognition template for an authorized user included in the plurality of modified facial recognition templates stored by the authentication database for the plurality of authorized users; generate a biometric cue for display by the output device in the event the imaging data matches a modified facial recognition template for an authorized user; receive from the biometric sensor the biometric authentication data of the user, captured by the biometric sensor upon the display of the biometric cue; determine whether the biometric authentication data matches a biometric credential record stored by the processor for the authorized user; and in the event the imaging data matches the modified facial recognition template for the authorized user, and the biometric authentication data matches a biometric credential record stored by the processor for the authorized user, authorize the cash withdrawal transaction for processing, and activate a cash dispensing from the user terminal based on the authorized cash withdrawal transaction.”
The claims supplied by the inventors are:
“What is claimed is:
“1. A processor-based method comprising: detecting, by a processor in operative communication with a user terminal, presence of a user requesting a cash withdrawal transaction at the user terminal; generating, by the processor in operative communication with an output device of the user terminal in response to the detecting the presence of the user, a facial gesture cue for display by the output device, wherein the facial gesture cue prompts the user to execute a given secret facial gesture within a predetermined time duration, the given secret facial gesture corresponding to modified facial recognition templates stored by the processor for a plurality of authorized users; capturing, by an imaging sensor of the user terminal in operative communication with the processor upon the display of the facial gesture cue, video containing imaging data of the user executing the given secret facial gesture within the predetermined time duration, wherein the imaging data is multi-frame video data including multiple video segments each having a start point and an end point within the predetermined time duration; wherein the given secret facial gesture is a dynamic secret facial gesture in which the facial configuration of the user changes during the capturing by the imaging sensor, and the facial gesture cue includes graphical information having a spatial or pathic relationship to the dynamic secret facial gesture; determining, by the processor, whether the imaging data matches a modified facial recognition template for an authorized user included in the modified facial recognition templates stored by the processor for the plurality of authorized users; in the event the imaging data matches the modified facial recognition template for the authorized user, generating, by the processor, a biometric cue for display by the output device, wherein the biometric cue is selected from a plurality of biometric cue stored by the processor; capturing, by a biometric sensor of the user terminal, biometric authentication data upon the display of the biometric cue; determining, by the processor, whether the biometric authentication data matches a biometric credential record stored by the processor for the authorized user; and in the event the imaging data matches the modified facial recognition template for the authorized user and the biometric authentication data matches the biometric credential record stored by the processor for the authorized user, authorizing, by the processor, the cash withdrawal transaction for processing; and activating, by the user terminal, a cash dispensing for the cash withdrawal transaction authorized by the processor.
“2. The method of claim 1, wherein the user terminal is configured to operate in accordance with an ATM protocol, and the processor is an authentication server of a financial institution in operative communication with a memory.
“3. The method of claim 1, wherein the facial gesture cue comprises private instructions to execute the given secret facial gesture.
“4. The method of claim 1, wherein the given secret facial gesture is a dynamic secret facial gesture selected from one or more of opening eyes, closing eyes, raising eyebrows, widening eyes, narrowing eyes, blinking, rolling eyes, removing glasses, opening mouth, nodding, turning head, and shaking head.
“5. The method of claim 1, wherein the biometric sensor of the user terminal is an iris scanner, and the biometric credential record stored by the processor for the authorized user is an iris scan of the authorized user.
“6. The method of claim 1, wherein the biometric sensor of the user terminal is a voice recognition module, and the biometric credential record stored by the processor for the authorized user is recorded speech of the authorized user.
“7. The method of claim 1, wherein the biometric cue comprises user instructions to execute a secret biometric action, and wherein the biometric credential record for the authorized user is representative of the secret biometric action.
“8. The method of claim 1, wherein the dynamic secret facial gesture comprises a sequence of dynamic secret facial gestures, in each of which the facial configuration of the user changes during the capturing by the imaging sensor.
“9. A system, comprising: an imaging sensor of a user terminal for capturing imaging data including a facial image and video of a user requesting a cash withdrawal transaction at the user terminal; a biometric sensor of the user terminal for capturing biometric data including biometric authentication data of the user requesting the cash withdrawal transaction; an output device of the user terminal; an authentication database hosted by one or more server computers comprising non-transitory machine-readable memory, the authentication database configured to store a plurality of modified facial recognition templates for a plurality of authorized users and to store a plurality of biometric credential records; the one or more server computers comprising one or more processing units executing an authentication module, the one or more server computers in communication with the non-transitory memory and the authentication module configured to execute a set of instructions instructing the one or more server computers to: generate a facial gesture cue for display by the output device after detecting presence of the user requesting the cash withdrawal transaction at the user terminal, wherein the facial gesture cue prompts the user to execute a given secret facial gesture within a predetermined time duration, the given secret facial gesture corresponding to the modified facial recognition templates stored by the authentication database for the plurality of authorized users; receive from the imaging sensor the video including imaging data of the user executing the given secret facial gesture captured by the imaging sensor during the predetermined time duration and in response to the display of the facial gesture cue; wherein the imaging data is multi-frame video data including multiple video segments each having a start point and an end point within the predetermined time duration, and the given secret facial gesture is a dynamic secret facial gesture in which the facial configuration of the user changes during the capture by the imaging sensor; determine whether the imaging data matches a modified facial recognition template for an authorized user included in the plurality of modified facial recognition templates stored by the authentication database for the plurality of authorized users; generate a biometric cue for display by the output device in the event the imaging data matches a modified facial recognition template for an authorized user receive from the biometric sensor the biometric authentication data of the user, captured by the biometric sensor upon the display of the biometric cue; determine whether the biometric authentication data matches a biometric credential record stored by the processor for the authorized user; and in the event the imaging data matches the modified facial recognition template for the authorized user, and the biometric authentication data matches a biometric credential record stored by the processor for the authorized user, authorize the cash withdrawal transaction for processing, and activate a cash dispensing from the user terminal based on the authorized cash withdrawal transaction.
“10. The system of claim 9, wherein the user terminal is configured to operate in accordance with an ATM protocol, and the one or more server computers comprise an authentication server of a financial institution.
“11. The system of claim 9, wherein the facial gesture cue comprises private instructions to execute the given secret facial gesture.
“12. The system of claim 9, wherein the given secret facial gesture is a dynamic secret facial gesture selected from one or more of opening eyes, closing eyes, raising eyebrows, widening eyes, narrowing eyes, blinking, rolling eyes, removing glasses, opening mouth, nodding, turning head, and shaking head.
“13. The system of claim 9, wherein the biometric sensor of the user terminal is an iris scanner, and the biometric credential record stored by the processor for the authorized user is an iris scan of the authorized user.
“14. The system of claim 9, wherein the biometric sensor of the user terminal is a voice recognition module, and the biometric credential record stored by the processor for the authorized user is recorded speech of the authorized user.
“15. The system of claim 9, wherein the authentication module is configured to determine whether the imaging data matches the modified facial recognition template for the authorized user included in the plurality of modified facial recognition templates based on one or more of local feature matching and entire face template matching.
“16. The system of claim 9, wherein the system detects the presence of the user requesting the cash withdrawal transaction at the user terminal by one or more of detecting insertion of an access card, detecting an input at a touch screen of the user terminal, detecting an input at an input control of the user terminal, detecting communication of a mobile device with the user terminal, and detecting the user entering a field of view of the imaging sensor.
“17. The system of claim 9, wherein the facial gesture cue includes graphical information having a spatial or pathic relationship to the dynamic secret facial gesture.
“18. The system of claim 9, wherein the dynamic secret facial gesture comprises a sequence of dynamic secret facial gestures, in each of which the facial configuration of the user changes during the capture by the imaging sensor.”
For more information, see this patent: Nagalla, Durga. Access Control Through Multi-Factor Image Authentication.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Man severely injured after being struck by Sheriff’s Office vehicle settles lawsuit with county
Proposed Flood Hazard Determinations
Advisor News
- How OBBBA is a once-in-a-career window
- RICKETTS RECAPS 2025, A YEAR OF DELIVERING WINS FOR NEBRASKANS
- 5 things I wish I knew before leaving my broker-dealer
- Global economic growth will moderate as the labor force shrinks
- Estate planning during the great wealth transfer
More Advisor NewsAnnuity News
- An Application for the Trademark “DYNAMIC RETIREMENT MANAGER” Has Been Filed by Great-West Life & Annuity Insurance Company: Great-West Life & Annuity Insurance Company
- Product understanding will drive the future of insurance
- Prudential launches FlexGuard 2.0 RILA
- Lincoln Financial Introduces First Capital Group ETF Strategy for Fixed Indexed Annuities
- Iowa defends Athene pension risk transfer deal in Lockheed Martin lawsuit
More Annuity NewsHealth/Employee Benefits News
Life Insurance News
- An Application for the Trademark “HUMPBACK” Has Been Filed by Hanwha Life Insurance Co., Ltd.: Hanwha Life Insurance Co. Ltd.
- ROUNDS LEADS LEGISLATION TO INCREASE TRANSPARENCY AND ACCOUNTABILITY FOR FINANCIAL REGULATORS
- The 2025-2026 risk agenda for insurers
- Jackson Names Alison Reed Head of Distribution
- Consumer group calls on life insurers to improve flexible premium policy practices
More Life Insurance News