AU2017101062A4 - Frameworks and methodologies configured to enable biometric payments using locally stored biometric data - Google Patents
Frameworks and methodologies configured to enable biometric payments using locally stored biometric data Download PDFInfo
- Publication number
- AU2017101062A4 AU2017101062A4 AU2017101062A AU2017101062A AU2017101062A4 AU 2017101062 A4 AU2017101062 A4 AU 2017101062A4 AU 2017101062 A AU2017101062 A AU 2017101062A AU 2017101062 A AU2017101062 A AU 2017101062A AU 2017101062 A4 AU2017101062 A4 AU 2017101062A4
- Authority
- AU
- Australia
- Prior art keywords
- biometric
- user
- beacon
- biometric data
- signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Abstract The present invention relates, in various embodiments, to fields including biometric data management and payment processing. In overview, technology described herein provides technical solutions that enable biometric authentication to be implemented in large-scale applications whilst overcoming challenges associated with centralised hosting of biometric data. (FIG. 1A) Third Party Payment Systems Biometric Payment Management Server Display Screen Q Registration Terminals Exemplary Mobile Device User Data (Central Biometric Database) Scanning Zone Beacon Device POS Hardware 122 - Local Biometric Data Store Palm Scanning Unit
Description
1 2017101062 03 Aug 2017
FRAMEWORKS AND METHODOLOGIES CONFIGURED TO ENABLE BIOMETRIC PAYMENTS USING LOCALLY STORED BIOMETRIC DATA
FIELD OF THE INVENTION
[0001] The present invention relates to frameworks and methodologies configured to enable biometric payments using locally stored biometric data.
BACKGROUND
[0002] Any discussion of the background art throughout the specification should in no way be considered as an admission that such art is widely known or forms part of common general knowledge in the field.
[0003] A range of payment techniques for POS payments are known. Over time, these have evolved from cash payments, to magnetic strip cards, to NFC cards, and more recently to mobile device payments. However, there remains scope for improvement in terms of facilitating an optimal consumer experience.
SUMMARY OF THE INVENTION
[0004] It is an object of the present invention to overcome or ameliorate at least one of the disadvantages of the prior art, or to provide a useful alternative.
[0005] One embodiment provides a computer implemented method for enabling biometric authentication, the method including: [0006] configuring a biometric scanning device to (i) read biometric data from a human user; (ii) process the read biometric data against a plurality of biometric records maintained in a local biometric data store; and (iii) in the case that the read biometric data matches a particular one of the plurality of biometric records maintained in the local biometric data store, provide an authentication signal; [0007] configuring a beacon device to transmit a beacon signal in a scanning zone, wherein the beacon signal is configured to cause a user device in the scanning zone, 2 2017101062 03 Aug 2017 being a user device that has a software application loaded that is configured to receive and process the beacon signal, to respond to the beacon signal by transmitting a user token; and [0008] operating a device that is configured to: (i) receive data representative of a user token that is transmitted in response to the beacon signal; and (ii) transmit a biometric record request signal to a remote server, wherein the biometric record request signal is representative of the user token, thereby to cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device; [0009] such that the plurality of biometric records maintained in a local biometric data store are periodically updated responsive to user tokens transmitted by user devices in the scanning zone.
[0010] One embodiment provides a computer implemented method for enabling biometric authentication, the method including: [0011] configuring a biometric scanning device to (i) read biometric data from a human user; (ii) process the read biometric data against a plurality of biometric records maintained in a local biometric data store; and (iii) in the case that the read biometric data matches a particular one of the plurality of biometric records maintained in the local biometric data store, provide an authentication signal; [0012] configuring a beacon device to transmit a beacon signal in a scanning zone, the beacon signal being representative of a beacon ID, wherein the beacon signal is configured to cause a user device in the scanning zone, being a user device that has a software application loaded that is configured to receive and process the beacon signal, to provide a signal to a remote networked device including data representative of the beacon ID and a user token associated with the user device; and [0013] operating a device that is configured to: (i) receive the data representative of the beacon ID that is transmitted by the user device in response to the beacon signal, and the user token associated with the user device; and (ii) cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device; 3 2017101062 03 Aug 2017 [0014] such that the plurality of biometric records maintained in a local biometric data store are periodically updated responsive to user tokens transmitted by user devices in the scanning zone.
[0015] One embodiment provides a biometric verification system including: [0016] a biometric scanning device that is configured to: (i) read biometric data from a human user; (ii) process the read biometric data against a plurality of biometric records maintained in a local biometric data store; and (iii) in the case that the read biometric data matches a particular one of the plurality of biometric records maintained in the local biometric data store, provide an authentication signal representative of that particular one of the plurality of biometric records; [0017] a beacon device that is configured to transmit a beacon signal in a scanning zone, wherein the beacon signal is configured to cause a user device in the scanning zone, being a user device that has a software application loaded that is configured to receive and process the beacon signal, to respond to the beacon signal by transmitting a user token; and [0018] a networked device that is configured to: (i) receive data representative of a user token that is transmitted in response to the beacon signal; and (ii) transmit a biometric record request signal to a remote server, wherein the biometric record request signal is representative of the user token, thereby to cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device; [0019] such that the plurality of biometric records maintained in a local biometric data store are periodically updated responsive to user tokens transmitted by user devices in the scanning zone.
[0020] One embodiment provides a payment authentication system including: [0021] a biometric scanning device that is configured to: (i) read biometric data from a human user; (ii) process the read biometric data against a plurality of biometric records maintained in a local biometric data store; and (iii) in the case that the read biometric data matches a particular one of the plurality of biometric records maintained in the local 2017101062 03 Aug 2017 4 biometric data store, provide an authentication signal representative of that particular one of the plurality of biometric records; [0022] a beacon device that is configured to transmit a beacon signal in a scanning zone, wherein the beacon signal is configured to cause a user device in the scanning zone, being a user device that has a software application loaded that is configured to receive and process the beacon signal, to respond to the beacon signal by transmitting a user token; and [0023] a networked device that is configured to: (i) receive data representative of a user token that is transmitted in response to the beacon signal; and (ii) transmit a biometric record request signal to a remote server, wherein the biometric record request signal is representative of the user token, thereby to cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device; [0024] a payment processing system that is configured to: [0025] receive data representative of a payment amount; [0026] transmit to a payment management server a signal representative of (i) the particular one of the biometric records or the user token; and (ii) a payment amount, thereby to cause the payment management server to perform a payment process based on user data associated with the particular one of the biometric records or the user token; and [0027] receive a signal representative of successful or unsuccessful completion of the payment process.
[0028] One embodiment provides a biometric verification system including: [0029] a biometric scanning device that is configured to: (i) read biometric data from a human user; (ii) process the read biometric data against a plurality of biometric records maintained in a local biometric data store; and (iii) in the case that the read biometric data matches a particular one of the plurality of biometric records maintained in the local 2017101062 03 Aug 2017 5 biometric data store, provide an authentication signal representative of that particular one of the plurality of biometric records; [0030] a beacon device that is configured to transmit a beacon signal in a scanning zone, the beacon signal being representative of a beacon ID, wherein the beacon signal is configured to cause a user device in the scanning zone, being a user device that has a software application loaded that is configured to receive and process the beacon signal, to provide a signal to a remote networked device including data representative of the beacon ID and a user token associated with the user device; and [0031] a networked device that is configured to: (i) receive the data representative of the beacon ID that is transmitted by the user device in response to the beacon signal, and the user token associated with the user device; and (ii) cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device; [0032] such that the plurality of biometric records maintained in a local biometric data store are periodically updated responsive to user tokens transmitted by user devices in the scanning zone.
[0033] One embodiment provides a payment authentication system including: [0034] a biometric scanning device that is configured to: (i) read biometric data from a human user; (ii) process the read biometric data against a plurality of biometric records maintained in a local biometric data store; and (iii) in the case that the read biometric data matches a particular one of the plurality of biometric records maintained in the local biometric data store, provide an authentication signal representative of that particular one of the plurality of biometric records; [0035] a beacon device that is configured to transmit a beacon signal in a scanning zone, the beacon signal being representative of a beacon ID, wherein the beacon signal is configured to cause a user device in the scanning zone, being a user device that has a software application loaded that is configured to receive and process the beacon signal, to provide a signal to a remote networked device including data representative of the beacon ID and a user token associated with the user device; and 2017101062 03 Aug 2017 6 [0036] a networked device that is configured to: (i) receive the data representative of the beacon ID that is transmitted by the user device in response to the beacon signal, and the user token associated with the user device; and (ii) cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device; [0037] a payment processing system that is configured to: [0038] receive data representative of a payment amount; [0039] transmit to a payment management server a signal representative of (i) the a user token associated with a successful biometric authentication; and (ii) a payment amount, thereby to cause the payment management server to perform a payment process based on user data associated with the user token; and [0040] receive a signal representative of successful or unsuccessful completion of the payment process.
[0041] One embodiment provides a computer program product for performing a method as described herein.
[0042] One embodiment provides a non-transitory carrier medium for carrying computer executable code that, when executed on a processor, causes the processor to perform a method as described herein.
[0043] One embodiment provides a system configured for performing a method as described herein.
[0044] Reference throughout this specification to “one embodiment”, “some embodiments” or “an embodiment” means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrases “in one embodiment”, “in some embodiments” or “in an embodiment” in various places throughout this specification are not necessarily all referring to the same embodiment, but may. Furthermore, the particular features, structures or characteristics may be combined in any 7 2017101062 03 Aug 2017 suitable manner, as would be apparent to one of ordinary skill in the art from this disclosure, in one or more embodiments.
[0045] As used herein, unless otherwise specified the use of the ordinal adjectives "first", "second", "third", etc., to describe a common object, merely indicate that different instances of like objects are being referred to, and are not intended to imply that the objects so described must be in a given sequence, either temporally, spatially, in ranking, or in any other manner.
[0046] In the claims below and the description herein, any one of the terms comprising, comprised of or which comprises is an open term that means including at least the elements/features that follow, but not excluding others. Thus, the term comprising, when used in the claims, should not be interpreted as being limitative to the means or elements or steps listed thereafter. For example, the scope of the expression a device comprising A and B should not be limited to devices consisting only of elements A and B. Any one of the terms including or which includes or that includes as used herein is also an open term that also means including at least the elements/features that follow the term, but not excluding others. Thus, including is synonymous with and means comprising.
[0047] As used herein, the term “exemplary” is used in the sense of providing examples, as opposed to indicating quality. That is, an “exemplary embodiment” is an embodiment provided as an example, as opposed to necessarily being an embodiment of exemplary quality.
BRIEF DESCRIPTION OF THE DRAWINGS
[0048] Embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings in which: [0049] FIG. 1A illustrates a framework according to one embodiment.
[0050] FIG. 1B illustrates a framework according to one embodiment.
[0051 ] FIG. 1C illustrates a framework according to one embodiment.
[0052] FIG. 1D illustrates a framework according to one embodiment. 2017101062 03 Aug 2017 8 [0053] FIG. 1E illustrates a framework according to one embodiment.
[0054] FIG. 1F illustrates a framework according to one embodiment.
[0055] FIG. 2A to FIG. 2C illustrate methods according to embodiments.
[0056] FIG. 3 illustrates a client-server framework leveraged by some embodiments. DETAILED DESCRIPTION
[0057] The present invention relates, in various embodiments, to fields including biometric data management and payment processing.
Biometric Data Management Technology [0058] Biometric technology is widely used for user authentication purposes, for example on access control devices, smartphones, and the like. A challenge in implementing biometric authentication methods in large scale applications (for example payment systems) arises in that biometric records typically need to be stored locally for authentication purposes, and there are technical challenges (and risks) associated with storage of huge quantities of biometric record data at distributed locations (particularly where there is a desire to use low-cost client side hardware).
[0059] In overview, technology described herein provides technical solutions that enable biometric authentication to be implemented in large scale applications whilst overcoming challenges noted above. In that regard, various embodiments provide computer implemented methods for enabling biometric authentication.
[0060] In some embodiments, methods include configuring a biometric scanning device to perform biometric authentication. Examples below focus on palm vein scanner technology (for example technology including or similar to Fujitsu PalmSecure). However. That is by no means limiting, and the technology may be implemented in respect of a range of other biometric technologies, including (but not limited to): fingerprint scanners, iris scanners, voice, video & facial recognition. The biometric scanning device is configured to: 9 2017101062 03 Aug 2017 (i) Read biometric data from a human user. For example, in the example of a palm vein scanner, the user places his/her hand in a reading zone, and the scanner performs a reading operation thereby to generate digital information representative of the user’s unique palm vein characteristics. (ii) Process the read biometric data against a plurality of biometric records maintained in a local biometric data store. In that regard, the local biometric data store maintains a plurality of biometric records, for example, in the case of palm vein biometrics, records defined by digital information representative of preregistered users’ palm vein characteristics. (iii) In the case that the read biometric data matches a particular one of the plurality of biometric records maintained in the local biometric data store, provide an authentication signal.
[0061] The nature of the authentication signal varies between embodiments. For example, in some embodiments the authentication signal is a signal that provides access to a controlled functionality (for example the unlocking of a door). In other embodiments the authentication signal includes data representative of the authenticated user (for example an identifier that allows direct or indirect identification of the user). In some embodiments, the latter approach is used to provide input to a payment processing system - the identity of a user is authenticated to enable initiation of a remote payment authorisation process (as discussed further below).
[0062] The methods also include configuring a beacon device to transmit a beacon signal in a scanning zone. For example, the beacon signal may be a Bluetooth beacon signal (with other wireless technologies being used in further embodiments). The scanning zone is defined such that it includes a region into which persons who may subsequently require biometric authentication will enter. For example, as discussed below, where the biometric authentication is used for a payment processing system in a retail venue, the scanning zone is defined in a region into which customers are likely to enter whilst using the retail venue.
[0063] The beacon signal is configured to cause a user device in the scanning zone, being a user device that has a software application loaded that is configured to receive and process the beacon signal, to respond to the beacon signal by transmitting a user 10 2017101062 03 Aug 2017 token. For example, a proprietary app is installed on a smartphone, and as a result that smartphone is configured to autonomously recognise the Beacon signal, and with or without user interaction provide a response signal representative of the user token. That user token enables data relating to the user to be identified in a database which contains user records (and, in the present embodiments, a database that contains user biometric record data).
[0064] The methods also include operating a device that is configured to: (i) receive data representative of a user token that is transmitted in response to the beacon signal; and (ii) transmit a biometric record request signal to a remote server. The biometric record request signal is representative of the user token, thereby to cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device.
[0065] Using such an approach, the plurality of biometric records maintained in the local biometric data store are periodically updated responsive to user tokens transmitted by user devices in the scanning zone. Accordingly, where the local biometric data store is limited in the number of records it is able to store, it is configured to store records that might actually be needed based on local identification of users via the beacon. The biometric data is encrypted and sent through a secure channel to the device.
[0066] The period of time for which downloaded biometric data remains in local storage varies between embodiments. For example, it may be: time-limited; determined based on identification that a user device has not been recognised for a predefined period; controlled responsive to user preferences inputted via a smartphone app or web interface; and so on. For example, in an implementation where local biometric storage is greater than the number of anticipated users, customer data is stored (by default, or in select cases) such that those users are able to be perpetually authenticated without needing to have their mobile devices handy. This is especially useful, for example, where a business attracts customers who have recently engaged in physical activities, such as water sports.
Application to Payment Processing Systems [0067] In some embodiments, biometric authentication as described above is integrated in with payment processing system. This allows a user to pay for goods and/or services using biometric data alone. 2017101062 03 Aug 2017 11 [0068] In overview, a user registers an account with the payment processing service provider. That account includes user payment data, which may include one or more of: • Stored value/prepaid credit; • Linked credit/debit cards; • Linked payment facility accounts (such as Paypal or digital wallets); • Linked Bank Accounts; and • Loyalty Cards.
[0069] A default user payment method is selected during registration.
[0070] The user also provides biometric data, for example via a registration terminal (which includes a biometric scanner), or via a “special” interaction with a POS biometric scanner. This registration enables a unique user token to be downloaded to a user mobile device, so that the user is able to be securely identified based on that token being read from their user device.
[0071] The payment system is configured to, following successful biometric authentication, transmit to a payment management server a signal representative of (i) the particular one of the biometric records or the user token; and (ii) a payment amount (which is, for example, provided by a POS terminal). This causes the payment management server to perform a payment process based on user data associated with the particular one of the biometric records or the user token. For example, the payment server attempts to process a transaction for the payment amount using the user’s pre-selected payment method (for example by attempting to charge a credit card). The server provides a signal representative of successful or unsuccessful completion of the payment process, which is received by the local payment system. This optionally triggers an output to a POS system confirming that the payment amount has been furnished.
Example Frameworks 2017101062 03 Aug 2017 12 [0072] FIG. 1A illustrates a framework according to one embodiment. This is described below. In figures provided herewith, standard computer components (such as processors, memory modules, and communications modules) are not illustrated, and their presence can be readily inferred by a skilled person based on the context and/or described functionality.
[0073] A user registers an account with a biometric payment management server 110. For example, this may include one or more of a registration process performed via a website interface, via a downloaded smartphone app (for example iOS or Android), or via a purpose-provided registration terminal 150 (which may include an advertising kiosk having a scanner device for collecting biometric data).
[0074] The user, either as part of the registration process or separately from the registration process, downloads an app to his/her mobile device 100 (for example iOS or Android). The app provides a user interface which is renderable on a display screen 101. Based on inputting and uploading of personal authentication information (which is authenticated by server 110), server 110 downloads to mobile device 100 a user token. This user token is stored by the relevant app.
[0075] Although this example describes a downloadable app, it will be appreciated that corresponding functionality may be provided via a device operating system.
[0076] The registration process includes collecting of user biometric data. There are two main approaches for achieving this: • The user registers via a registration terminal 150, which includes a biometric reader device. In this manner, biometric record data us uploaded to server 110 and stored in a central biometric database 111 during registration. • The user registers without biometric data, and downloads the smartphone app and user token. The user then provides biometric data via a “special” interaction with a biometric device provided for payment processing. For example, this special interaction is triggered by tapping the mobile device against a proximity-sensitive reader unit (for example a Bluetooth unit, such as beacon device 123 described below). 13 2017101062 03 Aug 2017 [0077] A retail venue makes use of POS hardware 130. A wide range of POS terminals are known in the art. In the embodiment of FIG. 1A, the POS terminal is coupled to a palm scanning unit 120. This enables the POS hardware to provide a signal representative of a payment amount, and receive a signal representative of payment of the payment amount (or failed payment). In further embodiments manual steps are used in place of such a connection.
[0078] Palm scanning unit 120 includes a scanning zone 121, in which a user’s palm veins are able to be scanned thereby to generate digital biometric data. That data is then compared with biometric records in a local biometric data store 122, thereby to seek to authenticate the user. Where a user is authenticated, a signal is provided to server 110, that signal being representative of the user, and representative of the payment amount. Server 110 then seeks to process the payment, either using payment modules native to server 110, or one of a plurality of third party payment systems 140 (and based on the user’s registration data, which provides information required for such payment processing). A return signal is then provided to scanning unit 120, representative of successful payment processing or failed payment processing.
[0079] Scanning unit operates in conjunction with a beacon device 123, which may be physically integrated with or physically separate from the scanning unit. The beacon device transmits a periodic beacon signal (for example via Bluetooth), which is recognised by proximal mobile devices having the relevant app installed. Such devices, such as device 101, respond to the beacon signal with a user token. The user token is provided to scanning unit 120, which obtains from server 110 (and database 111) a biometric record associated with that user token. Accordingly, device 120 becomes configured to authenticate the user of device 100.
[0080] FIG. 2A illustrates an exemplary process flow associated with the framework of FIG. 1A. A user registers at step 201, which includes processes for creating a user account, causing uploading of biometric data, and setting up connection to third party payment systems or the like (depending on what mode of payment the user wishes to leverage). Block 202 represents installation of the relevant smartphone app and user token on the user’s device (e.g. smartphone). It will be appreciated that the app may be installed prior to registration, or prior to complete registration, in various embodiments. Block 203 represents a beacon device reading the user token from the user’s mobile device (the user token is provided as a response to a Bluetooth trigger beacon signal). 14 2017101062 03 Aug 2017
This leads to a download of the user’s biometric data from a central storage to local hardware associated with a local palm vein scanning unit (block 204). The user then, at some subsequent point in time, goes to make a payment using that palm vein scanning unit, and is authenticated based on his/her biometric data. This leads to a verification signal being provided, at 207, to a payment management server. This is representative of the user (e.g. via user token or via biometric data), and a payment amount. The server then performs a payment processing phase at 207, for example seeking to process a payment for the payment amount via the user’s preferred payment method (such as a stored credit card, Paypal, or the like). Then, a verification of successful payment (or notification of payment failure) is provided at 208 to local POS hardware.
[0081] FIG. 1B illustrates a variation to the framework of FIG. 1 A. In this embodiment, beacon device 123 is configured to transmit a beacon signal in a scanning zone, the beacon signal being representative of a beacon ID, wherein the beacon signal is configured to cause a user device in the scanning zone, being a user device that has a software application loaded that is configured to receive and process the beacon signal, to provide a signal to a remote networked device (being server 110) including data representative of the beacon ID and a user token associated with the user device. Server 110 is configured to: (i) receive the data representative of the beacon ID that is transmitted by the user device in response to the beacon signal, and the user token associated with the user device; and (ii) cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device; [0082] In this regard, whereas in the example of FIG. 1A biometric data is downloaded from the server based on a request from local hardware, in the example of FIG. 1B the download results from a signal provided by the user’s mobile device. In some cases a local WiFi router is provided such that the user’s mobile device has reliable Internet access for this purpose.
[0083] The method of FIG. 2B is related to the example of FIG. 1B. Steps 203 and 204 of FIG. 2A are replaced by steps 213 and 214, which respectively represent: the mobile device receiving the beacon signal and providing a signal to the server representative of the read beacon ID; and the server receiving that signal and, in response, transmitting biometric data to be stored in local storage of a palm scanning device associated with that beacon ID. 15 2017101062 03 Aug 2017 [0084] In further embodiments, the approach of FIG. 1B is modified such that the beacon device is replaced by alternate technology that allows location-based determination to provide an instruction from mobile device 100 to server 110 to cause download of the user’s biometric data. For example, this may include geo-fencing (or other position-based techniques), logging on to a local WiFi hotspot, and/or other techniques.
[0085] FIG. 1C and FIG. 1D illustrate further embodiments. In these embodiments, communications between local hardware and server 110 is effected via POS hardware 130 (as opposed to palm scanning unit 120). For example, in some cases the POS hardware is modified with additional software and/or hardware modules thereby to enable integration with scanner 120 and server 110.
Alternate Embodiment [0086] FIG. 1E illustrates an alternate embodiment. This includes similar components to those shown in FIG. 1A, and corresponding reference numerals have been used.
[0087] The embodiment of FIG. 1E provides a framework of similar overall payment functionality to FIG. 1A, but without biometric authentication via a point-of-sale scanner device. Instead, beacon device 123 interacts directly with POS hardware 130, and utilises a user token read from mobile device 110 to provide a payment request (representative of a user and of a payment amount) to server 110.
[0088] There is a core point of differentiation in the operation of beacon 123. In the embodiment of FIG. 1E, the operative beacon range is small, preferably less than about 10mm. This means, from a practical perspective, that a user is required to tap (or close thereto) their mobile device on the beacon device thereby to receive the beacon signal and respond with the user token.
[0089] The embodiment of FIG. 1E provides a convenient means for allowing a user to pay for goods and/or services using a smartphone, via any pre-selected one of a plurality of third party payment systems.
[0090] FIG. 1F provides a further alternate embodiment, provides a framework of similar overall payment functionality to FIG. 1B, but without biometric authentication via a 2017101062 03 Aug 2017 16 point-of-sale scanner device. In this embodiment, beacon component 123 includes a Bluetooth device, and is configured to transmit a beacon signal representative of a beacon ID in a scanning zone. The scanning zone is less than about 10mm from a physical beacon component. The beacon signal causes user mobile device 100 in the scanning zone. Device 100 has a software application loaded that is configured to receive and process the beacon signal, to transmit a signal to a payment server. That signal includes data representative of the Beacon ID and a user token. POS hardware 130 is configured to maintain data representative of the beacon ID associated with beacon component 123 (for example the beacon ID itself, or an identifier that is correlated to the beacon ID at server 110’).
[0091] During a transaction, POS hardware 130 transmits server 110’ data representative of the payment amount and the beacon ID. At a similar time (for example within 5-15 seconds), a user taps his/her device 100 against beacon 130. In this regard, the server receives two temporally reconcilable signals, each representative of a common beacon ID. This allows server 110’ to reconcile (i) the signal from the user device including data representative of the beacon ID and the user token with (ii) the signal from a local payment processing device representative of the beacon ID and the user token. Server 110’ then performs a payment process for the payment amount based on user data associated with the user token, and provides to POS hardware 130 a signal representative of successful or unsuccessful completion of the payment process.
[0092] FIG. 2C shows a method related to the framework of FIG 1F. This includes similar (and similarly numbered) steps to FIG. 1B. Additional steps include a transition initiating at the POS hardware at block 221, and the POS hardware transmitting information about itself (for example the beacon ID, or another identifier associated at the server with the beacon ID) to the payment server. The server then used the common beacon IDs (and time characteristics) to reconcile a user and a payment amount, and the payment processing phase commences.
In some embodiments, an additional step is introduced whereby a user device is queried to provide approval of the payment amount. This ensures that the correct reconciliation between a user token/user device and payment amount has been achieved.
Example Client-Server Framework 2017101062 03 Aug 2017 17 [0093] In overview, a web server 302 provides a web interface 303. This web interface is accessed by the parties by way of client terminals 304. In overview, users access interface 303 over the Internet by way of client terminals 304, which in various embodiments include the likes of personal computers, PDAs, cellular telephones, gaming consoles, and other Internet enabled devices.
[0094] Server 303 includes a processor 305 coupled to a memory module 306 and a communications interface 307, such as an Internet connection, modem, Ethernet port, wireless network card, serial port, or the like. In other embodiments distributed resources are used. For example, in one embodiment server 302 includes a plurality of distributed servers having respective storage, processing and communications resources. Memory module 306 includes software instructions 308, which are executable on processor 305.
[0095] Server 302 is coupled to a database 310. In further embodiments the database leverages memory module 306.
[0096] In some embodiments web interface 303 includes a website. The term “website” should be read broadly to cover substantially any source of information accessible over the Internet or another communications network (such as WAN, LAN or WLAN) via a browser application running on a client terminal. In some embodiments, a website is a source of information made available by a server and accessible over the Internet by a web-browser application running on a client terminal. The web-browser application downloads code, such as HTML code, from the server. This code is executable through the web-browser on the client terminal for providing a graphical and often interactive representation of the website on the client terminal. By way of the web-browser application, a user of the client terminal is able to navigate between and throughout various web pages provided by the website, and access various functionalities that are provided.
[0097] Although some embodiments make use of a website/browser-based implementation, in other embodiments proprietary software methods are implemented as an alternative. For example, in such embodiments client terminals 304 maintain software instructions for a computer program product that essentially provides access to a portal via which framework 100 is accessed (for instance via an iPhone app or the like). 18 2017101062 03 Aug 2017 [0098] In general terms, each terminal 304 includes a processor 311 coupled to a memory module 313 and a communications interface 312, such as an internet connection, modem, Ethernet port, serial port, or the like. Memory module 313 includes software instructions 314, which are executable on processor 311. These software instructions allow terminal 304 to execute a software application, such as a proprietary application or web browser application and thereby render on-screen a user interface and allow communication with server 302. This user interface allows for the creation, viewing and administration of profiles, access to the internal communications interface, and various other functionalities.
[0099] Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as "processing," "computing," "calculating," “determining”, analyzing” or the like, refer to the action and/or processes of a computer or computing system, or similar electronic computing device, that manipulate and/or transform data represented as physical, such as electronic, quantities into other data similarly represented as physical quantities.
[00100] In a similar manner, the term "processor" may refer to any device or portion of a device that processes electronic data, e.g., from registers and/or memory to transform that electronic data into other electronic data that, e.g., may be stored in registers and/or memory. A “computer” or a “computing machine” or a "computing platform" may include one or more processors.
[00101] The methodologies described herein are, in one embodiment, performable by one or more processors that accept computer-readable (also called machine-readable) code containing a set of instructions that when executed by one or more of the processors carry out at least one of the methods described herein. Any processor capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken are included. Thus, one example is a typical processing system that includes one or more processors. Each processor may include one or more of a CPU, a graphics processing unit, and a programmable DSP unit. The processing system further may include a memory subsystem including main RAM and/or a static RAM, and/or ROM. A bus subsystem may be included for communicating between the components. The processing system further may be a distributed processing system with processors coupled by a network. If the processing system requires a display, such a display may be included, e.g., a liquid crystal display (LCD) or a cathode ray tube (CRT) display. If manual data 2017101062 03 Aug 2017 19 entry is required, the processing system also includes an input device such as one or more of an alphanumeric input unit such as a keyboard, a pointing control device such as a mouse, and so forth. Input devices may also include audio/video input devices, and/or devices configured to derive information relating to characteristics/attributes of a human user. The term memory unit as used herein, if clear from the context and unless explicitly stated otherwise, also encompasses a storage system such as a disk drive unit. The processing system in some configurations may include a sound output device, and a network interface device. The memory subsystem thus includes a computer-readable carrier medium that carries computer-readable code (e.g., software) including a set of instructions to cause performing, when executed by one or more processors, one of more of the methods described herein. Note that when the method includes several elements, e.g., several steps, no ordering of such elements is implied, unless specifically stated. The software may reside in the hard disk, or may also reside, completely or at least partially, within the RAM and/or within the processor during execution thereof by the computer system. Thus, the memory and the processor also constitute computer-readable carrier medium carrying computer-readable code.
[00102] Furthermore, a computer-readable carrier medium may form, or be included in a computer program product.
[00103] In alternative embodiments, the one or more processors operate as a standalone device or may be connected, e.g., networked to other processor(s), in a networked deployment, the one or more processors may operate in the capacity of a server or a user machine in server-user network environment, or as a peer machine in a peer-to-peer or distributed network environment. The one or more processors may form a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a network router, switch or bridge, or any machine capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that machine.
[00104] Note that while diagrams only show a single processor and a single memory that carries the computer-readable code, those in the art will understand that many of the components described above are included, but not explicitly shown or described in order not to obscure the inventive aspect. For example, while only a single machine is illustrated, the term "machine" shall also be taken to include any collection of machines 20 2017101062 03 Aug 2017 that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methodologies discussed herein.
[00105] Thus, one embodiment of each of the methods described herein is in the form of a computer-readable carrier medium carrying a set of instructions, e.g., a computer program that is for execution on one or more processors, e.g., one or more processors that are part of web server arrangement. Thus, as will be appreciated by those skilled in the art, embodiments of the present invention may be embodied as a method, an apparatus such as a special purpose apparatus, an apparatus such as a data processing system, or a computer-readable carrier medium, e.g., a computer program product. The computer-readable carrier medium carries computer readable code including a set of instructions that when executed on one or more processors cause the processor or processors to implement a method. Accordingly, aspects of the present invention may take the form of a method, an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of carrier medium (e.g., a computer program product on a computer-readable storage medium) carrying computer-readable program code embodied in the medium.
[00106] The software may further be transmitted or received over a network via a network interface device. While the carrier medium is shown in an exemplary embodiment to be a single medium, the term "carrier medium" should be taken to include a single medium or multiple media (e.g., a centralized or distributed database, and/or associated caches and servers) that store the one or more sets of instructions. The term "carrier medium" shall also be taken to include any medium that is capable of storing, encoding or carrying a set of instructions for execution by one or more of the processors and that cause the one or more processors to perform any one or more of the methodologies of the present invention. A carrier medium may take many forms, including but not limited to, non-volatile media, volatile media, and transmission media. Non-volatile media includes, for example, optical, magnetic disks, and magneto-optical disks. Volatile media includes dynamic memory, such as main memory. Transmission media includes coaxial cables, copper wire and fiber optics, including the wires that comprise a bus subsystem. Transmission media also may also take the form of acoustic or light waves, such as those generated during radio wave and infrared data communications. For example, the term "carrier medium" shall accordingly be taken to included, but not be limited to, solid-state memories, a computer product embodied in 21 2017101062 03 Aug 2017 optical and magnetic media; a medium bearing a propagated signal detectable by at least one processor of one or more processors and representing a set of instructions that, when executed, implement a method; and a transmission medium in a network bearing a propagated signal detectable by at least one processor of the one or more processors and representing the set of instructions.
[00107] It will be understood that the steps of methods discussed are performed in one embodiment by an appropriate processor (or processors) of a processing (i.e., computer) system executing instructions (computer-readable code) stored in storage. It will also be understood that the invention is not limited to any particular implementation or programming technique and that the invention may be implemented using any appropriate techniques for implementing the functionality described herein. The invention is not limited to any particular programming language or operating system.
[00108] It should be appreciated that in the above description of exemplary embodiments of the invention, various features of the invention are sometimes grouped together in a single embodiment, FIG., or description thereof for the purpose of streamlining the disclosure and aiding in the understanding of one or more of the various inventive aspects. This method of disclosure, however, is not to be interpreted as reflecting an intention that the claimed invention requires more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive aspects lie in less than all features of a single foregoing disclosed embodiment. Thus, the claims following the Detailed Description are hereby expressly incorporated into this Detailed Description, with each claim standing on its own as a separate embodiment of this invention.
[00109] Furthermore, while some embodiments described herein include some but not other features included in other embodiments, combinations of features of different embodiments are meant to be within the scope of the invention, and form different embodiments, as would be understood by those skilled in the art. For example, in the following claims, any of the claimed embodiments can be used in any combination.
[00110] Furthermore, some of the embodiments are described herein as a method or combination of elements of a method that can be implemented by a processor of a computer system or by other means of carrying out the function. Thus, a processor with the necessary instructions for carrying out such a method or element of a method forms a means for carrying out the method or element of a method. Furthermore, an element 2017101062 03 Aug 2017 22 described herein of an apparatus embodiment is an example of a means for carrying out the function performed by the element for the purpose of carrying out the invention.
[00111] In the description provided herein, numerous specific details are set forth. However, it is understood that embodiments of the invention may be practiced without these specific details. In other instances, well-known methods, structures and techniques have not been shown in detail in order not to obscure an understanding of this description.
[00112] Similarly, it is to be noticed that the term coupled, when used in the claims, should not be interpreted as being limited to direct connections only. The terms "coupled" and "connected," along with their derivatives, may be used. It should be understood that these terms are not intended as synonyms for each other. Thus, the scope of the expression a device A coupled to a device B should not be limited to devices or systems wherein an output of device A is directly connected to an input of device B. It means that there exists a path between an output of A and an input of B which may be a path including other devices or means. "Coupled" may mean that two or more elements are either in direct physical or electrical contact, or that two or more elements are not in direct contact with each other but yet still co-operate or interact with each other.
[00113] Thus, while there has been described what are believed to be the preferred embodiments of the invention, those skilled in the art will recognize that other and further modifications may be made thereto without departing from the spirit of the invention, and it is intended to claim all such changes and modifications as falling within the scope of the invention. For example, any formulas given above are merely representative of procedures that may be used. Functionality may be added or deleted from the block diagrams and operations may be interchanged among functional blocks. Steps may be added or deleted to methods described within the scope of the present invention.
Claims (5)
- CLAIMS:1. A computer implemented method for enabling biometric authentication, the method including: configuring a biometric scanning device to (i) read biometric data from a human user; (ii) process the read biometric data against a plurality of biometric records maintained in a local biometric data store; and (iii) in the case that the read biometric data matches a particular one of the plurality of biometric records maintained in the local biometric data store, provide an authentication signal; configuring a beacon device to transmit a beacon signal in a scanning zone, wherein the beacon signal is configured to cause a user device in the scanning zone, being a user device that has a software application loaded that is configured to receive and process the beacon signal, to respond to the beacon signal by transmitting a user token; and operating a device that is configured to: (i) receive data representative of a user token that is transmitted in response to the beacon signal; and (ii) transmit a biometric record request signal to a remote server, wherein the biometric record request signal is representative of the user token, thereby to cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device; such that the plurality of biometric records maintained in a local biometric data store are periodically updated responsive to user tokens transmitted by user devices in the scanning zone.
- 2. A computer implemented method for enabling biometric authentication, the method including: configuring a biometric scanning device to (i) read biometric data from a human user; (ii) process the read biometric data against a plurality of biometric records maintained in a local biometric data store; and (iii) in the case that the read biometric data matches a particular one of the plurality of biometric records maintained in the local biometric data store, provide an authentication signal; configuring a beacon device to transmit a beacon signal in a scanning zone, the beacon signal being representative of a beacon ID, wherein the beacon signal is configured to cause a user device in the scanning zone, being a user device that has a software application loaded that is configured to receive and process the beacon signal, to provide a signal to a remote networked device including data representative of the beacon ID and a user token associated with the user device; and operating a device that is configured to: (i) receive the data representative of the beacon ID that is transmitted by the user device in response to the beacon signal, and the user token associated with the user device; and (ii) cause downloading of a biometric record associated with the user token to the local biometric data store of the biometric scanning device; such that the plurality of biometric records maintained in a local biometric data store are periodically updated responsive to user tokens transmitted by user devices in the scanning zone.
- 3. A method according to claim 1 or claim 2 wherein the biometric scanning device includes palm vein scanning hardware.
- 4. A method according to claim 1 or claim 2 wherein the beacon device transmits the beacon signal via Bluetooth.
- 5. A method according to claim 1 including operating a payment processing system, wherein the payment processing system is configured to: receive data representative of a payment amount; transmit to a payment management server a signal representative of (i) the a user token associated with a successful biometric authentication; and (ii) a payment amount, thereby to cause the payment management server to perform a payment process based on user data associated with the user token; and receive a signal representative of successful or unsuccessful completion of the payment process.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2016903057 | 2016-08-03 | ||
AU2016903057A AU2016903057A0 (en) | 2016-08-03 | Frameworks and methodologies configured to enable biometric payments using locally stored biometric data |
Publications (1)
Publication Number | Publication Date |
---|---|
AU2017101062A4 true AU2017101062A4 (en) | 2017-08-31 |
Family
ID=59687099
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
AU2017101062A Ceased AU2017101062A4 (en) | 2016-08-03 | 2017-08-03 | Frameworks and methodologies configured to enable biometric payments using locally stored biometric data |
Country Status (1)
Country | Link |
---|---|
AU (1) | AU2017101062A4 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160323274A1 (en) * | 2015-04-30 | 2016-11-03 | Google Inc. | Facial Profile Password to Modify User Account Data for Hands-Free Transactions |
US10726407B2 (en) | 2015-04-30 | 2020-07-28 | Google Llc | Identifying consumers in a transaction via facial recognition |
US10733587B2 (en) | 2015-04-30 | 2020-08-04 | Google Llc | Identifying consumers via facial recognition to provide services |
US11030640B2 (en) | 2017-05-31 | 2021-06-08 | Google Llc | Providing hands-free data for interactions |
US11062304B2 (en) | 2016-10-20 | 2021-07-13 | Google Llc | Offline user identification |
US20230135569A1 (en) * | 2020-04-24 | 2023-05-04 | Nec Corporation | Authentication server, authentication system, and authentication server control method |
-
2017
- 2017-08-03 AU AU2017101062A patent/AU2017101062A4/en not_active Ceased
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160323274A1 (en) * | 2015-04-30 | 2016-11-03 | Google Inc. | Facial Profile Password to Modify User Account Data for Hands-Free Transactions |
US10397220B2 (en) * | 2015-04-30 | 2019-08-27 | Google Llc | Facial profile password to modify user account data for hands-free transactions |
US10726407B2 (en) | 2015-04-30 | 2020-07-28 | Google Llc | Identifying consumers in a transaction via facial recognition |
US10733587B2 (en) | 2015-04-30 | 2020-08-04 | Google Llc | Identifying consumers via facial recognition to provide services |
US10826898B2 (en) | 2015-04-30 | 2020-11-03 | Google Llc | Facial profile password to modify user account data for hands free transactions |
US11595382B2 (en) | 2015-04-30 | 2023-02-28 | Google Llc | Facial profile password to modify user account data for hands free transactions |
US11694175B2 (en) | 2015-04-30 | 2023-07-04 | Google Llc | Identifying consumers in a transaction via facial recognition |
US11062304B2 (en) | 2016-10-20 | 2021-07-13 | Google Llc | Offline user identification |
US11030640B2 (en) | 2017-05-31 | 2021-06-08 | Google Llc | Providing hands-free data for interactions |
US20230135569A1 (en) * | 2020-04-24 | 2023-05-04 | Nec Corporation | Authentication server, authentication system, and authentication server control method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2017101062A4 (en) | Frameworks and methodologies configured to enable biometric payments using locally stored biometric data | |
US10061912B2 (en) | Multi-factor authentication system and method | |
CN114143784B (en) | Providing access credentials to a secure network using wireless beacons | |
US20210390548A1 (en) | Passwordless authentication through use of device tokens or web browser cookies | |
US11461780B2 (en) | Shared authentication for limited use of an associated account based on user location and connected devices | |
US10360554B2 (en) | Generation of locally broadcasted uniform resource locators for checkout and payment | |
CN108140083A (en) | Use the transaction in personal device mandate sharing means | |
US10346829B2 (en) | Display of locally broadcasted uniform resource locators for checkout and payment | |
CN113273133B (en) | Token management layer for automatic authentication during communication channel interactions | |
US10460316B2 (en) | Two device authentication | |
US10992593B2 (en) | Persistent integration platform for multi-channel resource transfers | |
US10659458B2 (en) | Systems and methods for performing biometric registration and authentication of a user to provide access to a secure network | |
US20190109839A1 (en) | Multi-level authentication system with persistent integration platform | |
US11924636B2 (en) | System and method for authenticating using a multi-provider platform | |
JP2023538860A (en) | System and method for verified messaging over short-range transceivers | |
AU2017101063A4 (en) | Frameworks and methodologies configured to enable mobile device payments at point of sale | |
US20210133703A1 (en) | Direct resource distribution system | |
AU2017101311A4 (en) | Frameworks and methodologies configured to enable mobile device payments via unique location-defining codes | |
US20240314116A1 (en) | Systems and methods for restricted resource access management | |
US11934499B2 (en) | Contact lookup operations during inoperability of mobile devices | |
EP4443372A1 (en) | Systems involving mobile devices and/or platform agnostic infrastructure features for in-branch authentication and/or authorization and methods of use thereof | |
AU2017101474A4 (en) | Frameworks, systems and methodologies configured for Gold, Alex enabling adaptable and configurable multiple factor authentication/verification, including gamified methods for secure transaction authentication/verification | |
US20210133718A1 (en) | Entity recognition system | |
WO2024192361A1 (en) | Systems and methods for restricted resource access management | |
CN116843332A (en) | Payment method and device based on hardware wallet |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
FGI | Letters patent sealed or granted (innovation patent) | ||
PC | Assignment registered |
Owner name: WILLOW TECHNOLOGY CORPORATION PTY LIMITED Free format text: FORMER OWNER(S): TAPIFY PTY. LIMITED |
|
PC | Assignment registered |
Owner name: WILLOW IP PTY LTD Free format text: FORMER OWNER(S): WILLOW TECHNOLOGY CORPORATION PTY LIMITED |
|
MK22 | Patent ceased section 143a(d), or expired - non payment of renewal fee or expiry |