FIELD OF THE DISCLOSURE

The present disclosure relates to the field of biometric authentication and data storage.

Particularly, the present disclosure relates to the field of biometrics based web user credentials authentication and storage of personal data using biometric device.

DEFINITIONS

As used in the present specification, the following words and phrases are generally intended to have the meanings as set forth below, except to the extent that the context in which they are used indicates otherwise.

The expression "Biometrics" is used to refer to methods for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits. In computer science, in particular, biometrics is used as a form of identity access management and access control. Biometrics is also used to identify individuals in groups that are under surveillance.

The expression "Encryption" is used to refer to a process of transforming information (referred to as plaintext) using an technique (called cipher) to make it unreadable to anyone except those possessing a special knowledge, usually referred to as a 'key'. The result of the process is encrypted information (in cryptography, referred to as ciphertext).

The expressions "Online" and "Offline" (also stylized as "on-line" and "off-line") have specific meanings in regard to computer technology and telecommunications. "Online" indicates a state of connectivity, while "Offline" indicates a disconnected state. In common usage, "Online" often refers to the Internet or the World Wide Web.

The expression "USB" is used to refer to a Universal Serial Bus that is a specification to establish communication between devices and a host controller (usually a personal computer), developed and invented by Ajay Bhatt, while working for Intel. USB has effectively replaced a variety of interfaces such as serial and parallel ports.

The expression "Bluetooth" is used to refer to an open wireless technology standard for exchanging data over short distances (using short wavelength radio transmissions) from fixed and mobile devices, creating personal area networks (PANs) with high levels of security. Created by telecom vendor Ericsson in 1994, the Bluetooth was originally conceived as a wireless alternative to RS-232 data cables. It can connect several devices while overcoming problems of device synchronization.

The expression "Data" is used to refer to information related user name, email address, password, credit card number, debit card number, financial details, property details, passport number, PAN card number, professional details and the like.

BACKGROUND

Typically, websites on the internet need user login credentials for authentication. Primary mechanism of user authentication is accessing a website by providing username and password. Given that a lot of private and personal information is stored on the web and online transactions are increasing day by day, online identity is not only crucial but it is also critical for business and for personal use.

A mere username and password based authentication mechanism is not foolproof and secure as it does not guarantee validity of user credentials. Many websites owners such as of banks, business, and government are further reinforcing security with 3D pass code and additional authentication based on information given by the user for proving credentials.

Abovementioned conventional authentication mechanisms are prone to failure since they depend on literal information provided by the user that could be provided by another person or the information could be generated using an online system, an offline system aided by application. Further, an average internet user has about 3 to 5 usemame and passwords to remember, and if the user looses usemame and password then, at best, he would waste time in recreating new user id and password that causes an expense of effort. Further, the loss of usemame and password could result in permanent loss of information including knowledge gained, collected, stored and historic data that might be critical for both personal and business reasons.

Conventional authentication mechanisms are based on keyed in information and the onus of authentication is on the user as he is required to remember various usemames and passwords. Further, the user can access online services while authenticating further with additional parameters based on image and by answering secret questions. If the user has forgotten login details, he can access his email to retrieve usemame and password. However, another dependency cycle is created because email id and password should be entered by the user. Further, in many websites, the details are expected to be keyed in within a short duration or in limited number of trials. It is particularly difficult for elderly, disabled, and children to remember and comply with the requirements stated above.

Typically, web browsers are used to keep track of login details for different websites, where customized websites are available that keep track of login details for login into other websites. Internet users usually keep a record of usemames and passwords in their mailbox, online, offline, in paper, and by memorizing. Further, in conventional web browsing systems, usage details including websites visited and downloads done were cleared after use (for example, by deleting cookies and clearing history). Alternatively, some users do not clear usage details after browsing, thereby compromising personal, professional, and private details. Further, no facility was available in conventional web browsing systems to encrypt and store personal details confidentially, where documents, images, and other details were generated as part of online activity.

During an online session, various documents such as word, excel, and pdf, are created, downloaded, and accessed. Further, when internet is accessed from unsafe locations such as cybercafe and shared computers, the documents and data contained therein needs to be either protected or erased from the shared computer and cybercafe to make sure that personal and business data is safeguarded.

Further, documents so created might be required for later use at some other point in time and place which means that the user will have to take a copy of the documents constantly irrespective of the terminal wherefrom the user might be accessing the document. The documents must be constantly saved to avoid any data loss due to instances as power failure, virus attack, hardware malfunction, application malfunction, and complete system crash.

In another instance, the user may inadvertently either miss or erase data on a remote system and the user may also forget to take a copy of the same on a storage device. The failure at the user end could be due to forgetfulness or lack of time or both.

Some corporate organizations and banks provide RSA key for secure login, however, they have limited use due to device complexity and device cost factors. Further, identity loss prevention by integrated online backup for any loss of information on device by application corruption is not available in present web based systems.

Therefore there is felt a need for a system which:

■ provides a portable system for authentication;

■ makes the browsing experience seamless by rendering automatic authentication;

■ integrates biometric security and conventional user name and password authentication;

■ ensures security of authentication information;

■ reduces the time required for authentication before accessing certain web page or online system;

■ provides a space efficient and cost efficient portable system for authentication;

■ creates an alternate authentication and storage prototype if a principal authentication and storage mechanism fails;

■ retains history and contextual information of the online activity and session details;

■ saves in real-time any active documents created, downloaded, and edited while the user is online;

■ takes a back up copy of documents created, downloaded and accessed during the online session; and

■ provides space to save documents on a handheld device that could be easily carried to multiple locations easily.

OBJECTS

Some of the objects of the authentication system of the present disclosure are listed herein below.

It is an object of the present disclosure to provide a portable system for authentication.

It is another object of the authentication system of the present disclosure to make the browsing experience seamless by rendering automatic authentication.

It is yet another object of the authentication system of the disclosure to integrate biometric security and conventional user name and password authentication.

It is still another object of the authentication system of the present disclosure to ensure security of authentication information.

It is still further an object of the authentication system of the present disclosure to reduce the time required for authentication before accessing certain web page or online system.

It is one more object of the authentication system of the present disclosure to provide a space efficient and cost efficient portable system for authentication.

It is one more object of the authentication system of the present disclosure to provide active data safety by taking a regular back-up on real-time basis.

It is another object of the authentication system of the present disclosure to provide data storage for retaining documents created, downloaded or in anyways accessed while the user is online or offline.

Other objects and advantages of the authentication system of the present disclosure will be more apparent from the following description when read in conjunction with the accompanying figures, which are not intended to limit the scope of the present disclosure.

SUMMARY

A portable authentication system operatively coupled with at least one network configurable device comprising; biometric scanning means adapted to capture the biometric information of a user, data storage means adapted to store the captured biometric information of the user, the data storage means further adapted to store and link the biometric information with data related to the user, and control means adapted to validate the captured biometric information and transmit the data to the network configurable device for secure data transfer.

Typically, the network configurable device is selected from the group consisting of computers, laptops, mobile phones, tablet computers and personal digital assistants (PDA's).

Preferably, the control means is further adapted to encrypt the data.

Additionally, the network configurable device is adapted to encrypt the data.

Typically, the data storage means comprises at least one of a flash memory and EEPROM.

Additionally, the portable authentication system further adapted to co-operate with at least one online repository, the online repository adapted to store the captured biometric information and data related to the user and establish a two way communication with the system.

A method for authentication comprising the following steps; operatively coupling a portable authentication system to at least one network configurable device, capturing biometric information of a user, storing the biometric information, linking the biometric information with data related to the user, authenticating the user by comparing the captured biometric information with registered and stored biometric information of the user, and transmitting the data to the network configurable device for secure data transfer.

Additionally, the method for authentication further comprises at least one step selected from the group of steps consisting of deleting, moving, retaining and copying the online and offline data transfer information.

Typically, the method for authentication further comprises the step of encrypting the data.

BRIEF DESCRIPTION OF ACCOMPANYING DRAWINGS

The authentication system of the present disclosure will now be described with the help of the accompanying drawing, in which,

Figure 1 is a schematic of the system depicting an internal view of biometric authentication and data storage in accordance with the present disclosure;

Figure 2 is a schematic of the system depicting an external view of biometric authentication and data storage in accordance with the present disclosure;

Figure 3 is a flowchart of steps for the biometric authentication and data storage in accordance with the present disclosure; and

Figure 4 is another schematic of the system depicting another internal view of biometric authentication and data storage in accordance with the present disclosure.

DETAILED DESCRIPTION OF ACCOMPANYING DRAWINGS

The authentication system of the present disclosure will now be described with reference to the embodiments shown in the accompanying drawings. The embodiments do not limit the scope and ambit of the disclosure. The description relates purely to the exemplary preferred embodiments of the disclosed system and its suggested applications.

The authentication system herein and the various features and advantageous details thereof are explained with reference to the non-limiting embodiments in the following description. Descriptions of well-known components and processing techniques arc omitted so as to not unnecessarily obscure the embodiments herein. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein may be practiced and to further enable those of skill in the art to practice the embodiments herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments herein.

The description herein after, of the specific embodiments of the authentication system will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modification within the spirit and scope of the embodiments as described herein.

Conventional websites on the internet need a user login credentials for authentication. Primary mechanism of user authentication is accessing a website by providing username and password. However, the user credentials for authentication need to be remembered by the user and must be highly secure as the present internet environment is prone to security breaches.

Further, the user accesses online services while authenticating with additional parameters based on image and by answering secret questions. If the user has forgotten login details, he can access his email to retrieve username and password. However, another dependency cycle is created because email id and password should be entered by the user. In many websites, the details are expected to be keyed in within a short duration and in limited number of trials. It is particularly difficult for elderly, disabled, and children to remember and comply with the requirements stated above.

To overcome these shortcomings, the present disclosure provides an adaptive system including a personalized portable biometric device that can be coupled to network configurable terminal for convenient and secure authentication of user credentials and maintains credential security while browsing and post-browsing.

In accordance with one aspect of the present disclosure, the system includes a personalized portable and handheld biometric device further including an authentication control enabling a user to connect to a terminal that still include a mobile, laptop, notebook, personal computer, and a server for using internet and online authenticating.

According to the disclosure, when the user access a website, the login username and password is provided to the website by the authentication control in the device after the user flashes or submits his biometric attribute. The authentication control validates the user provided biometric attribute by comparing with the registered and stored biometric data. Once the user is authenticated, the application fetches the username and password that is stored internally in the device and submits to the website for login.

Further, the data stored in the biometric device could be further encrypted using the biometric attribute of the user as the key and by other encryption mechanisms. The matching and encrypting of the user can happen at the device or at the terminal, wherein, for enhanced security, matching and encrypting is preferred to be in the biometric device. As per the disclosure, the user need not remember any username and password after registering to any site. The biometric device will store and keep record of the username and password.

In accordance with the disclosure, after a browsing session, the authentication control securely enables at least one of the following actions, wherein, online and offline browsing session information is deleted, moved, retained, and copied that might have been captured, stored, and tracked in cookies, history, downloads, and other files, data, or variables while the user was accessing the system or internet.

In accordance with the disclosure, the biometric device is configured to have storage capacity to carry private and confidential information and documents that relates to users personal or professional identity and activities. Further, the biometric device and the data so stored could be highly crucial and private in nature. To prevent any loss due to lost biometric device and corruption of resident data in the biometric device, backup of stored data is taken onto a secured server online either through a secure web hosted online or on cloud. The backup could be periodic or every time the device is connected on the net. Further, in the event of loss of biometric device and corruption of resident data, a new biometric device or same device with clean user memory or reinstalled application could be connected by the user to the online site and by providing self biometric authentication while downloading the username, password and personal information onto the device.

According to the disclosure, authentication and storage control module in the device can generate encrypted biometric information of the user to online websites enabled to receive this information for further authentication or authorization of user based on user biometric attributes. The biometric information could be along with or without website specific credentials.

In accordance with the present disclosure, besides username, password, other user credentials for online access, the system is also capable of storing and securing personal information and documents on the biometric device as well as on the secured web. Further, the device is the personal identity of the individual user storing and providing the required information when called for by the user. The device will primarily depend on the biometric attribute to authenticate the user every time a function and feature is called for.

The present disclosure not only significantly enhances the security and credentials online but also substantially saves time and effort involved in saving, storing, presenting, securing, and authenticating users on the web.

Additionally, the present disclosure provides a personalized portable and handheld biometric device with inbuilt application with user identity which could be connected to any terminal and carry out real time authentication of the user. Further, the portable biometric device with credentials and critical documents is encrypted and stored for presenting credentials to websites for service access. Further, the data stored in the biometric device could be further encrypted using the biometric attribute of the user as the key or by some other encryption mechanism.

According to the present disclosure, at the end of use or session, the application can delete, move, retain, and copy all online and offline session related information which might have been captured, stored, tracked in cookies, history, downloads, and other files, data, and variables while the user was accessing the system or web.

Further, a backup of information, transferring instructions and data from the portable biometric device onto a secured server online, either through a secure web sub-system hosted online or through a cloud computing technique. Further, the backup could be periodic or every time the device is connected on the net or by a trigger from user or system. In addition to username, password, other user credentials for online access, the system according to the disclosure will also be capable of storing and securing personal information and documents on the device as well as on the secured web.

Additionally, use of the same online backup store to save & secure other information in addition to those in biometric device is provided by the system of the present disclosure. Further, creating a new biometric device or re-enabling same biometric device with clear memory or with reinstalled application by connecting to the online site and by providing self biometric authentication by the user so as to download all the required information, instructions, configurations, and data back onto the device thereby resetting the state before the loss. Further, along with website specific credentials or even without credentials, the application in the device can provide encrypted biometric information of the user to online websites which are enabled to receive this information for further authentication or authorization of user based on the biometric attribute.

Referring to the accompanying drawing, Figure 1 shows a schematic 100 of the system depicting an internal view of biometric authentication and data storage. The system includes following key components. A biometric scanner 102 including a palm device, a personal intelligent browser 104, an enrollment and authentication application 106, an encrypted data and storage capacity 108, and an IP enclosure 110 further including a robust, weather proof and rough use capable disclosure.

Figure 2 shows a schematic 200 of the system depicting an internal view of the biometric authentication and data storage. The system includes a biometric scanner 202, an IP enclosure 204 for enhancing durability of the system, a terminal interface 206 including a Bluetooth, and a USB, and a USB interface 208. The system herein is configured to be compact and handy while being equipped with a biometric slot for submitting a biometric attribute.

Figure 3 shows a flowchart 300 of a method depicting biometric authentication and data storage, wherein the biometric authentication and storage system is depicted as a device. In a first step 302, the "Device" (may also be referred to as biometric authentication and storage "system") is purchased is to enroll the authorized user of the "Device" and the Device is connected to a PC, Laptop, Workstation or any other "Terminal". In a second step 304, when the device is connected for the first time, it will ask for user biometrics. In a third step 306, when the authorized user submits their biometrics, the Device will store it in encrypted form in its memory. In steps 308, 310 and 312, all future verification of the authorized owner is carried against this biometric data. The user who posses the proposed "Device" will carry it whenever there is a need to access the internet or access any confidential information or document for use. In step 314, the user can connect the device to a Terminal with USB/Bluetooth or other convenient & widely used interface. In step 316, the user surfs the internet seamlessly and carries out online transactions.

In accordance with the abovementioned steps, when the Device is connected to the Terminal, biometric sensor will flash requiring the user to submit their biometrics such as Fingerprint (FP) or Palm or any other biometrics, let us assume that the user submits FP here. The user should flash FP to authenticate himself as the rightful owner of the Device. If the authentication fails, the Device will indicate that the user is not authorized and will either shutdown or get into sleep/deactivated mode. If the authentication is successful, the personalized browser in the device gets triggered. The personalized browser could directly run from the device or it can get installed on the Terminal to which this Device is connected. The user can use this personal browser to connect to internet and browse websites. Further, the personal browser will have all the required credentials of the user so that it can pre login the user into different sites without the user specifically keying in or providing the user credentials expected by the various sites. This makes web browsing seamless, error free, and stress free as the user need not remember or recollect the different usernames, passwords, additional authentications etc that might be required for establishing authenticity of the user.

In step 318, the user logs out after the online activity is over. In step 320, the browser is configured to retain details of online activities of the user such as browsing history, favorites, book marks, downloads etc so that the user can have ready access to the sites.

This feature will help save time and quicken the access to specific sites in addition to saving online session data & documents.

Further, the user can also save his financial details such as credit/debit card number, CW, etc with this personalized browser so that user can submit it whenever required for any online purchase or payments. Since biometric authentication is mandatory, storing, accessing, & sharing of financial information is not only easy but also highly secure. The personalized browser will also provide access to store & retrieve documents. These documents could be private documents such as passport, Credit info, PAN, transcripts, salary document, land & property or professional documents such as client list, strategy document, or any other confidential/critical documents etc.

In step 322, once the user is done with online transactions and closes the session. The browser will save the session data & downloads onto the Device and uninstalls itself. It will erase any trace or footprint of user activity on the terminal. In step 324, the device is unplugged and the user carries the device.

Figure 4 is another schematic 400 of the system depicting another internal view of biometric authentication and data storage. The system comprises a biometric enrollment and verification 402, a biometric template generator and comparator 404, an SDK/API/Middle Layer 406, a biometric scanner 408, a data storage unit 410, a flash memory 412, an IP enclosure 414, a hardware unit 416, an interface layer 418, an abstraction layer 420, an application layer 422, a data save and retriever unit 424, a personalized browser 426, and an EEPROM and data access layer 428.

In accordance with an embodiment of the present disclosure, the system will have multiple components functioning at different layers to make the working of the device that is at the hardware level Biometric Scanner 408, Data Storage 410, Flash Memory 412, and IP Enclosure 414 reside as hardware components. Further, at Middle layer SDK/API 406 to interface with Biometric Scanner 408, Data Storage 410, and Flash memory 412 exist. Further, at an abstraction layer, system applications such as generate biometric template and compare with stored original biometric template 404 and applications that access data memory function 428. Further, at the Application layer, a single application that interfaces with user and provides the functionality of authorized user check 402, personalized browsing 426, and data store and retrieval function 424. Every time the user accesses the web, the Device makes sure that the authorized user is using the browser by requesting biometric authentication. The browser will timeout once it is inactive for a specific period of time. The timeout can be configured by the user. Once the browser has timed out, the user should re-authenticate by submitting the biometric credentials.

Further, in addition to online web access & online transactions, the Device has applications across Banks & Financial Institutions, Defense & Security Firms, Corporate Business Houses, Retail Consumers, Government Entities, and Commercial establishments. For instance, the Device can also be used as authentication device to access corporate resources through internet by the employees of the corporation. Banks can register the device and use it to provide online access to its customers. Defense & security firms can use the device to transfer critical information from one location to another in addition to using it for surfing net. Retail consumers can offer services & discounts based on the identity of loyal customers.

According to another embodiment of the present disclosure, a system is provided that can be configured to perform following activities. The system can personalize a portable and handheld biometric device including application that can conveniently connect to a network terminal for accessing internet and enabling online authentication. Further, the system can authenticate user credentials by sending username and password to the website authentication control after the user submits his biometric attribute in a computing terminal, validating user provided biometric attribute with predetermined stored and registered biometric data, and matching the username and password internally stored in the biometric device with user credentials in the website authentication control. The system can recall login and password details responsive to the biometric attributes of the user. The system can delete browsing information data that directly and indirectly leads to login credentials of the user and the system can generate biometric device back up information for a secured online server to: safeguard the biometric device from external and internal harm; and generate instant parameters for an alternate biometric device installation.

In an embodiment, the system of the present disclosure includes a biometric authentication and storage device that can be configured as a small computer including a CPU and Internet connectivity units. Thus, the device can operate as personalized online surfer and authenticator that solves issue of real identity of online users. Further, the device can also be integrated with a mobile or cellular phone or personal digital assistant (PDA) device to configure a unified, compact, personalized and highly secure mobile net surfer. The mobile net surfer includes secured identity credentials such as financial, personal, and legal. Further, the device user need not carry any credit card or other confidential documents.

The embodiments of the proposed disclosure can be used for securing confidential document both online and offline. It provides a biometric e-locking functionality which could be used for securing digital documents & information for access anywhere and anytime. In some embodiments, the systems and method of present disclosure can configure a basic biometric identifier or a simplified biometric scanner.

TECHNICAL ADVANCEMENTS AND ECONOMIC SIGNIFICANCE

The technical advancements offered by the present disclosure include the realization of: This disclosure saves substantial time over a period as the users need not key in user credentials every time they access websites. Further, significant time saving will also be realized from the fact that the System is personalized and keeps track of the favorites, bookmarks, more regularly used information and websites at quick access of the user. Further, time is also saved since the System can easily store and quickly retrieve all the relevant & commonly used documents of the user including financial, professional, and legal. The System enhances online experience by freeing the user from the stressful hassles of remembering the different usernames, passwords, 3D codes, pet names, etc. Further, submitting personal or financial details whenever required is also highly simplified, secure and authenticated. The information is readily available in the System making online transactions immediate and real-time. With the intelligent browser, the user can freely surf the net without any concern to keep a record of any website that they have found interesting. Further, the System fortifies privacy & security of online activities with personalized browser & biometric authentication. Moreover, all data within the System is encrypted for further security. Personalized browser ensures that no private information such as, online websites accessed, credentials provided online, personal data shared with sites, etc. is ever compromised. Biometric authentication ensures that the authorized user alone can access the information contained in the System as well as in the personalized browser.

The System also acts as a digital storage safe for safekeeping of personal and confidential data. It provides safe keeping functionality for critical & classified business details with the authorized person. With secured online server backup of the digital data, any loss of data or System due to System malfunction, intentional tampering, or theft, is prevented. The compact, light weight, & economically designed System makes for easy use, portable, & handy. The robust IP enclosure ensures that the System can withstand high stress & strain of daily use and stable performance in humid & varying temperature. Further, the embodiments of the proposed disclosure can be used for securing confidential document both online and offline. It provides a biometric e-locking functionality which could be used for securing digital documents & information for access anywhere and anytime. In some embodiments, the systems and method of present disclosure can configure a basic biometric identifier or a simplified biometric scanner.

While considerable emphasis has been placed herein on the particular features of this disclosure, it will be appreciated that various modifications can be made, and that many changes can be made in the preferred embodiment without departing from the principles of the disclosure. These and other modifications in the nature of the disclosure or the preferred embodiments will be apparent to those skilled in the art from the disclosure herein above, whereby it is to be distinctly understood that the foregoing descriptive matter is to be interpreted merely as illustrative of the disclosure and not as a limitation.

We claim,

1) A portable authentication system operatively coupled with at least one network configurable device, said system comprising:

• biometric scanning means, said biometric scanning means adapted to capture the biometric information of a user;

• data storage means adapted to store said captured biometric information of the user, said data storage means further adapted to store and link said biometric information with data related to said user; and

• control means adapted to validate said captured biometric information and transmit said data to the network configurable device for secure data transfer.

2) The portable authentication system as claimed in claim 1, wherein the network configurable device is selected from the group consisting of computers, laptops, mobile phones, tablet computers and personal digital assistants (PDA's).

3) The portable authentication system as claimed in claim 1, wherein said control means is further adapted to encrypt said data.

4) The portable authentication system as claimed in claim 1, wherein the network configurable device is adapted to encrypt said data.

5) The portable authentication system as claimed in claim 1, wherein said data storage means comprises at least one of a flash memory and EEPROM.

6) The portable authentication system as claimed in claim 1 further adapted to co-operate with at least one online repository, said online repository adapted to store said captured biometric information and data related to the user and establish a two way communication with said system.

7) A method for authentication, said method comprising the following steps:

• operatively coupling a portable authentication system to at least one network configurable device;

• capturing biometric information of a user;

• storing said biometric information;

• linking said biometric information with data related to the user;

• authenticating the user by comparing said captured biometric information with registered and stored biometric information of the user; and

• transmitting said data to the network configurable device for secure data transfer.

8) The method for authentication as claimed in claim 8, further comprising at least one step selected from the group of steps consisting of deleting, moving, retaining and copying the online and offline data transfer information.

9) The method for authentication as claimed in claim 8, further comprising the step of encrypting said data.