TECHNICAL FIELD
[0001] The present disclosure relates to systems to authenticate presence of users. In particular it relates to a system where such authentication is used to mark attendance of a user.

BACKGROUND
[0002] Attendance is the concept of people, individually or as a group, appearing at a location for a previously scheduled event. Measuring attendance is a significant concern for many organizations, which can use such information to gauge the effectiveness of their efforts and to plan for future efforts. In both classrooms and workplaces, attendance may be mandatory. But there is a chance of proxy attendance or an unauthorized person can carry the card and mark the attendance.
[0003] Attendance system in schools and offices are not new. Earlier attendance systems were totally based on paper with manual entry, though these are being used now as well. Later RFID, Smart card based I-card, NFC card attendance system and fingerprint sensors are being used. These kinds of I-cards are either used for student/employee identification or just to mark school/company attendance (entry and exit) or to provide the access of a particular location. In this kind of contact and contactless card does not provide the freedom of marking the secure attendance without punching the card to reader.
[0004] Contact-less attendance systems that work on one of the technologies including NFC, Passive/active RFID, Sub GHz, Bluetooth, and Wi-Fi based I-cards don’t offer proper authentication as any unauthorized person can carry the I-card and mark the attendance or enter a restricted area and also someone can forget to mark attendance while entering and exiting even when he/she carrying the card. These kinds of I-Cards are either used for student/employee identification or just to mark school/company attendance (entry and exit) or to provide the access of the particular location. Contactless I-card/tag that is based on near field communication can, for instance, work only within the range of few centimeters from the reader.
[0005] Contact based attendance systems that works on one of the technologies including biometrics (Finger print sensing), passive RFID, password input methods provide better authentication but are slow and require the user to go near the card reader in order to mark the attendance. Such solutions are not seamless and result in time delay and long queues can be seen at the offices that causes lot of inconvenience. In sum, existing attendance systems are either wireless and fast but have less authentication, or have more authentication but consume time and are not seamless and also cannot easily restrict proxy attendance.
[0006] In the above said scenario, there is a clear need of an attendance system that can mark the attendance in a faster and seamless way and also provide proper authentication, and thus eliminate proxy and unauthorized attendance and access. The new attendance system should not only enable attendance to be marked in the premises, but also enable attendance to be marked in each and every desired block in the premises, which can sense authorized and unauthorized presence of a person/user in a given area. Such a system can therefore provide a more secure and easy way to mark attendance of an authorised person only. Further, this information needs to be sent to an authorized person, say to an administrator, to take a proper action. A system is therefore required that can not only provide the attendance, but can also provide information if an unauthorised person tries to mark the attendance or tries to enter a restricted area. Such a proposed architecture improves the quality of education/ work by maintaining discipline, and will also curb on proxy and theft. Therefore, it is desirable to find a new and unique secure approach to mark attendance and authenticate it that this attendance has been marked by the correct user.
[0007] All publications herein are incorporated by reference to the same extent as if each individual publication or patent application were specifically and individually indicated to be incorporated by reference. Where a definition or use of a term in an incorporated reference is inconsistent or contrary to the definition of that term provided herein, the definition of that term provided herein applies and the definition of that term in the reference does not apply.
[0008] In some embodiments, the numbers expressing quantities or dimensions of items, and so forth, used to describe and claim certain embodiments of the invention are to be understood as being modified in some instances by the term “about.” Accordingly, in some embodiments, the numerical parameters set forth in the written description and attached claims are approximations that can vary depending upon the desired properties sought to be obtained by a particular embodiment. In some embodiments, the numerical parameters should be construed in light of the number of reported significant digits and by applying ordinary rounding techniques. Notwithstanding that the numerical ranges and parameters setting forth the broad scope of some embodiments of the invention are approximations, the numerical values set forth in the specific examples are reported as precisely as practicable. The numerical values presented in some embodiments of the invention may contain certain errors necessarily resulting from the standard deviation found in their respective testing measurements.
[0009] As used in the description herein and throughout the claims that follow, the meaning of “a,” “an,” and “the” includes plural reference unless the context clearly dictates otherwise. Also, as used in the description herein, the meaning of “in” includes “in” and “on” unless the context clearly dictates otherwise.
[00010] The recitation of ranges of values herein is merely intended to serve as a shorthand method of referring individually to each separate value falling within the range. Unless otherwise indicated herein, each individual value is incorporated into the specification as if it were individually recited herein. All methods described herein can be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context. The use of any and all examples, or exemplary language (e.g. “such as”) provided with respect to certain embodiments herein is intended merely to better illuminate the invention and does not pose a limitation on the scope of the invention otherwise claimed. No language in the specification should be construed as indicating any non-claimed element essential to the practice of the invention.
[00011] Groupings of alternative elements or embodiments of the invention disclosed herein are not to be construed as limitations. Each group member can be referred to and claimed individually or in any combination with other members of the group or other elements found herein. One or more members of a group can be included in, or deleted from, a group for reasons of convenience and/or patentability. When any such inclusion or deletion occurs, the specification is herein deemed to contain the group as modified thus fulfilling the written description of all groups used in the appended claims.

OBJECTS OF THE PRESENT DISCLOSURE
[00012] It is an object of the present disclosure to provide for a system that determines presence of a user at a location with a high degree of authentication.
[00013] It is another object of the present disclosure to provide for a system that allows a user access to only such areas the user is authorised to.
[00014] It is yet another object of the present disclosure to provide for a system that generates an emergency alert when required by a user.
SUMMARY
[00015] This summary is provided to introduce simplified concepts of a novel user authentication system disclosed, which are further described below in the Detailed Description. This summary is not intended to identify key or essential features of the claimed subject matter, nor is it intended for use in determining/limiting the scope of the claimed subject matter.
[00016] In an aspect, present disclosure elaborates upon a authentication system comprising: a device with a unique identification (UID), the device operatively configured to receive a biometric input of a user and generate authentication data comprising the biometric input associated with UID of the device; a reader configured to receive the authentication data when the device is within a pre-determined distance from the reader, append present time and location of the reader to the authentication data to create appended authentication data, and send the appended authentication data to an authentication unit; wherein the authentication unit is configured to authenticate the user as authorized user based on matching of at least a part of the appended authentication data with pre-stored authenticated biometric input of the user that is pre-associated with the UID.
[00017] In another aspect, the biometric input can include any or a combination of at least one fingerprint, an iris scan, a voice print, and a facial scan.
[00018] In yet another aspect, the authentication unit can trigger at least one signal based on at least one pre-configured variation in the biometric input.
[00019] In an aspect, upon authentication, the authorized user can be marked present at the present time and the location.
[00020] In another aspect, the device, the reader, and the authentication unit can be operatively connected wirelessly.
[00021] In yet another aspect, any or a combination of the device, the reader and the authentication unit can be configured in a mobile device.
[00022] In another aspect, the system can determine if the authorized user is permitted access to a zone at the time and if so, can grant access of the zone to the user , else raise an alarm.
[00023] In yet another aspect, the authentication unit can be configured at the device, the reader, or at a central server
[00024] In yet another aspect, the authentication unit can receive the authenticated biometric input over the air (OTA).
[00025] In an aspect, present disclosure elaborates upon a device comprising a biometric input receiving unit that receives biometric input of a user to enable the device to authenticate the user based on matching of the biometric input with pre-stored and pre-authenticated biometric input that is stored on in the device, wherein upon or during authentication of the user, authentication data is generated so as to comprise location of the user and time of receipt of the biometric input, and wherein the generated authentication data is transmitted by the device to a server that receive the generated authentication data, and marks attendance of the user based on analysis of the location and the time that form part of the generated authentication data.
[00026] The present disclosure solves above-mentioned technical problems of prior art, wherein the proposed system ( interchangeably termed herein as an attendance system per one of its functionality) includes a wireless I-card that comprises or is configured with a biometric sensor and can wirelessly communicate with a reader through any or a combination of Bluetooth 4.0 and above (Including Bluetooth 5)/Sub Ghz/Active/Passive-RFID/WiFi/Near Field Communication (NFC).It is to be appreciated thatalthough embodiments of the present invention have been explained with reference to an I-card (also interchangeably referred to as wireless card or I-card or ICard), form factor of the proposed device is not limited to a card in any manner whatsoever, wherein the device can easily take any other form factor say be coupled with car keys or key chain or bracelet or anyother form factor/device, all of which are completely within the scope of the present invention. It is further to be appreciated that although embodiments of the present invention have been explained with reference to a biometric fingerprint sensor, any other biometric sensor such as face recognition engine, retina scan, among others can be incorporated into the proposed device, all of which possible biometric sensors are well within the scope of the present invention.
[00027] In an aspect, proposed system includes a reader that can be configured to read authentication data from the I-card, and transmit it to n authentication unit that can be configured in a server (also interchangeably referred to as a central computing device or a Cloud) through the Internet using any or a combination of GPRS, 3G, 4G,Wi-Fi, Sub Ghz, LoRa, LAN/WAN, etc. In an aspect, information /authentication data collected on the server can be analysed, modified, processed, and then presented to administrator or any other authorized user, for instance on his/her mobile/computing device through an appropriate interface (say by means of a web application). Therefore, in sum, the presence/attendance information can be sent to an authorized person, say an administrator, to take an action if any unauthorised person tries to mark false attendance or tries to enter in an unauthorised area. In an embodiment, system of the present disclosure can, not only provide the attendance, but also provides a guarantee that attendance has been marked by the correct person.
[00028] In an aspect, the present disclosure relates to a system to mark attendance and presence of the person/object in indoor or outdoor area i.e. School, offices, hotel, university, park, garden, exhibition, society, malls, etc. with the help of a Bluetooth 4.0 and above (Including Bluetooth 5)/Sub Ghz/Active/Passive-RFID/Wi-Fi Near Field Communication (NFC) enabled I-card having fingerprint/biometric sensor configured on it, and a corresponding wireless receiver. In an aspect, receiver/reader can have a corresponding Bluetooth 4.0 and above (including Bluetooth 5)/Sub Ghz/Active/Passive-RFID/Wi-Fi/ Near Field Communication (NFC) communication ability so that the reader can receive authentication data from a wireless I-card/tag in its vicinity, check authenticity of the person who is carrying the I-card based upon the authentication data , and then send the data it to the Cloud/server through Internet using any or a combination of GPRS, Sub-Giga Hz RF Trans-receiver, Wi-fi, LoRa, 3G, 4G, 5G, LAN/WAN etc.
[00029] In an aspect, proposed system can be configured to determine presence of a user /object carrying the I-card at different locations. In an exemplary embodiment, proposed system can be used to mark attendance of students as well as ensure no ‘false/proxy’ attendances are marked, thereby improving overall quality of education.
[00030] In an aspect, proposed system can grant access to a user only after proper authentication of the user based upon biometric inputs provided by the user.
[00031] An aspect of the present disclosure relates to an attendance system that has anI-card operatively connected to a finger print/biometric sensor (that can be on the I-card itself), and configured to use any appropriate technology such as Bluetooth 4.0 and above (Including Bluetooth 5)/Sub Ghz/Active or Passive RFID/Near Field Communication (NFC) for sending data generated by it to other devices. In an exemplary embodiment, the I-card can check authenticity of a user based upon biometric inputs received by the user with those pre-stored in the card/ operatively provided to the card and thereafter provide appropriate data packets/signals to other components such as a reader.
[00032] Reader of the present disclosure can be a dedicated hardware or a mobile phone that can be configured to detect presence of identification device /I-card in its vicinity based on at least one data packet received from the identification device, and transmit at least one unique attribute of the identification device along with time stamp and authentication data received from the biometric fingerprint sensor on the I-card, to a central computing device, wherein the central computing device performs computation to find presence of user associated with the identification device based on the reception of at least one unique attribute and authentication data received from the I-card.
[00033] In an aspect, I-card of the present disclosure can be configured in the form of a wearable device or a tag configured to communicate using any appropriate wireless communication means. The reader, on the other hand, can be a dedicated hardware having a firmware with mechanism in it or a mobile phone. The reader can be placed at a fixed location or can be portable. The central computing device can be a cloud or a server or a dedicated hardware.
[00034] In an aspect, at least one unique attribute of the identification device/I-card can be a unique identification number (UID) of the I-card, wherein the UID can be a MAC address, UUID, barcode/QR code, or any other unique number of the identification device that can be further associated with biometric data of a user allotted the I-card.
[00035] Proposed system can mark attendance of a user based upon the I-card being in vicinity (a pre-determined distance) of a reader configured to receive data generated by the I-card. Location coordinates of the reader can be associated with data provided by the I-card for use as further elaborated.
[00036] In an exemplary implementation, the at least one unique attribute of the identification device with authentication data received from the I-card can be transmitted to a central computing device that the I-card is directly or communicatively coupled with through a central node or a hub or a gateway device over any wired or wireless network.
[00037] An aspect of the present disclosure relates to an attendance system having an electronic reader that is operatively coupled with a wireless identification device having a biometric finger print sensor, wherein the reader can be configured to detect presence of the identification device in its vicinity based on at least one data packet received from the identification device, and send the data packet to a central computing device. The central computing device can perform computation to find presence of user associated with the identification device based on the reception of at least one unique attribute along with authentication data (received as a part of the packet from the identification device using a biometric sensor).
[00038] Proposed system eliminates the possibility of proxy attendance and unauthorised access of any area.
[00039] In an exemplary implementation, biometric matching (for instance that of fingerprint) can be done on the I-card itself, which can further help reduce the transmission overhead and computation of the computing unit or server. Likewise, the matching maybe done at the reader or at the authentication unit / server as well.
[00040] In an exemplary embodiment, the I-card can authenticate a user by matching the scanned fingerprint of the user with a fingerprint record already stored in it (i.e. the correct/original/verified/authenticated fingerprint is also stored in the I-card itself). Alternatively, as mentioned above, such matching can be done at the server.
[00041] In an aspect, finger print data in the I-card can be pre-stored during configuration or can be changed over the air by using Bluetooth 4.0 and above (Including Bluetooth 5)/Sub Ghz/Active/Passive-RFID/WiFi Near Field Communication (NFC) link or either with wired connection like USB.
[00042] In another aspect, the proposed system can communicate attendance data of a user such as entry/exit (along with time) in different areas, absent/present etc. to personnel so authorized using any suitable communication means such as SMS, e-mail , mobile app, notifications on mobile device and the like.
[00043] Various objects, features, aspects and advantages of the present disclosure will become more apparent from the following detailed description of preferred embodiments, along with the accompanying drawing figures in which like numerals represent like features.
[00044] Within the scope of this application it is expressly envisaged that the various aspects, embodiments, examples and alternatives set out in the preceding paragraphs, in the claims and/or in the following description and drawings, and in particular the individual features thereof, may be taken independently or in any combination. Features described in connection with one embodiment are applicable to all embodiments, unless such features are incompatible.

BRIEF DESCRIPTION OF DRAWINGS
[00045] The accompanying drawings are included to provide a further understanding of the present disclosure, and are incorporated in and constitute a part of this specification. The drawings illustrate exemplary embodiments of the present disclosure and, together with the description, serve to explain the principles of the present disclosure. The diagrams are for illustration only, which thus is not a limitation of the present disclosure.
[00046] FIG. 1 illustrates overall architecture of the proposed system in accordance with an exemplary embodiment of the present disclosure.
[00047] FIG. 2 illustrates working of the proposed system in accordance with an exemplary embodiment of the present disclosure.
[00048] FIG. 3 illustrates another example of the proposed system, in accordance with an exemplary embodiment of the present disclosure.
[00049] FIG. 4 illustrates how proposed system allows access to a user for areas the user is authorized to access in accordance with an exemplary embodiment of the present disclosure.

DETAILED DESCRIPTION
[00050] The following is a detailed description of embodiments of the disclosure depicted in the accompanying drawings. The embodiments are in such detail as to clearly communicate the disclosure. However, the amount of detail offered is not intended to limit the anticipated variations of embodiments; on the contrary, the intention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the present disclosure as defined by the appended claims.
[00051] In the following description, numerous specific details are set forth in order to provide a thorough understanding of embodiments of the present invention. It will be apparent to one skilled in the art that embodiments of the present invention may be practiced without some of these specific details.
[00052] If the specification states a component or feature “may”, “can”, “could”, or “might” be included or have a characteristic, that particular component or feature is not required to be included or have the characteristic.
[00053] As used in the description herein and throughout the claims that follow, the meaning of “a,” “an,” and “the” includes plural reference unless the context clearly dictates otherwise. Also, as used in the description herein, the meaning of “in” includes “in” and “on” unless the context clearly dictates otherwise.
[00054] Exemplary embodiments will now be described more fully hereinafter with reference to the accompanying drawings, in which exemplary embodiments are shown. These exemplary embodiments are provided only for illustrative purposes and so that this disclosure will be thorough and complete and will fully convey the scope of the invention to those of ordinary skill in the art. The invention disclosed may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Various modifications will be readily apparent to persons skilled in the art. The general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the invention. Moreover, all statements herein reciting embodiments of the invention, as well as specific examples thereof, are intended to encompass both structural and functional equivalents thereof. Additionally, it is intended that such equivalents include both currently known equivalents as well as equivalents developed in the future (i.e., any elements developed that perform the same function, regardless of structure). Also, the terminology and phraseology used is for the purpose of describing exemplary embodiments and should not be considered limiting. Thus, the present invention is to be accorded the widest scope encompassing numerous alternatives, modifications and equivalents consistent with the principles and features disclosed. For purpose of clarity, details relating to technical material that is known in the technical fields related to the invention have not been described in detail so as not to unnecessarily obscure the present invention.
[00055] Thus, for example, it will be appreciated by those of ordinary skill in the art that the diagrams, schematics, illustrations, and the like represent conceptual views or processes illustrating systems and methods embodying this invention. The functions of the various elements shown in the figures may be provided through the use of dedicated hardware as well as hardware capable of executing associated software. Similarly, any switches shown in the figures are conceptual only. Their function may be carried out through the operation of program logic, through dedicated logic, through the interaction of program control and dedicated logic, or even manually, the particular technique being selectable by the entity implementing this invention. Those of ordinary skill in the art further understand that the exemplary hardware, software, processes, methods, and/or operating systems described herein are for illustrative purposes and, thus, are not intended to be limited to any particular named element.
[00056] The ensuing description provides exemplary embodiments only, and is not intended to limit the scope, applicability, or configuration of the disclosure. Rather, the ensuing description of the exemplary embodiments will provide those skilled in the art with an enabling description for implementing an exemplary embodiment. It should be understood that various changes may be made in the function and arrangement of elements without departing from the spirit and scope of the disclosure as set forth in the appended claims.
[00057] Specific details are given in the following description to provide a thorough understanding of the embodiments. However, it will be understood by one of ordinary skill in the art that the embodiments may be practiced without these specific details. For example, circuits, systems, networks, processes, and other components may be shown as components in block diagram form in order not to obscure the embodiments in unnecessary detail. In other instances, well-known circuits, processes, algorithms, structures, and techniques may be shown without unnecessary detail in order to avoid obscuring the embodiments.
[00058] Embodiments of the present invention may be provided as a computer program product, which may include a machine-readable storage medium tangibly embodying thereon instructions, which may be used to program a computer (or other electronic devices) to perform a process. The term “machine-readable storage medium” or “computer-readable storage medium” includes, but is not limited to, fixed (hard) drives, magnetic tape, floppy diskettes, optical disks, compact disc read-only memories (CD-ROMs), and magneto-optical disks, semiconductor memories, such as ROMs, PROMs, random access memories (RAMs), programmable read-only memories (PROMs), erasable PROMs (EPROMs), electrically erasable PROMs (EEPROMs), flash memory, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic instructions (e.g., computer programming code, such as software or firmware).A machine-readable medium may include a non-transitory medium in which data can be stored and that does not include carrier waves and/or transitory electronic signals propagating wirelessly or over wired connections. Examples of a non-transitory medium may include, but are not limited to, a magnetic disk or tape, optical storage media such as compact disk (CD) or digital versatile disk (DVD), flash memory, memory or memory devices. A computer-program product may include code and/or machine-executable instructions that may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
[00059] Furthermore, embodiments may be implemented by hardware, software, firmware, middleware, microcode, hardware description languages, or any combination thereof. When implemented in software, firmware, middleware or microcode, the program code or code segments to perform the necessary tasks (e.g., a computer-program product) may be stored in a machine-readable medium. A processor(s) may perform the necessary tasks.
[00060] Systems depicted in some of the figures may be provided in various configurations. In some embodiments, the systems may be configured as a distributed system where one or more components of the system are distributed across one or more networks in a cloud computing system.
[00061] In another aspect, relevant units of the proposed system can be configured to be operatively connected to a website, or be part of a mobile application that can be downloaded on a mobile device that can connect to Internet. In such fashion the proposed system can be available 24*7 to its users. Any other manner of implementation of the proposed system or a part thereof is well within the scope of the present disclosure/invention.
[00062] It would be appreciated that units and components being described further these are only exemplary units/components and any other unit or sub-unit/sub-components can be included as part of the proposed system. These units/components too can be merged or divided into super-units or sub-units as may be configured.
[00063] Each of the appended claims defines a separate invention, which for infringement purposes is recognized as including equivalents to the various elements or limitations specified in the claims. Depending on the context, all references below to the "invention" may in some cases refer to certain specific embodiments only. In other cases it will be recognized that references to the "invention" will refer to subject matter recited in one or more, but not necessarily all, of the claims.
[00064] Various terms as used herein are shown below. To the extent a term used in a claim is not defined below, it should be given the broadest definition persons in the pertinent art have given that term as reflected in printed publications and issued patents at the time of filing.
[00065] In an aspect, present disclosure elaborates upon a authentication system comprising: a device with a unique identification (UID), the device operatively configured to receive a biometric input of a user and generate authentication data comprising the biometric input associated with UID of the device; a reader configured to receive the authentication data when the device is within a pre-determined distance from the reader, append present time and location of the reader to the authentication data to create appended authentication data, and send the appended authentication data to an authentication unit; wherein the authentication unit is configured to authenticate the user as authorized user based on matching of at least a part of the appended authentication data with pre-stored authenticated biometric input of the user that is pre-associated with the UID.
[00066] In another aspect, the biometric input can include any or a combination of at least one fingerprint, an iris scan, a voice print, and a facial scan.
[00067] In yet another aspect, the authentication unit can trigger at least one signal based on at least one pre-configured variation in the biometric input.
[00068] In an aspect, upon authentication, the authorized user can be marked present at the present time and the location.
[00069] In another aspect, the device, the reader, and the authentication unit can be operatively connected wirelessly.
[00070] In yet another aspect, any or a combination of the device, the reader and the authentication unit can be configured in a mobile device.
[00071] In another aspect, the system can determine if the authorized user is permitted access to a zone at the time and if so, can grant access of the zone to the user, else raise an alarm.
[00072] In yet another aspect, the authentication unit can be configured at the device, the reader, or at a central server
[00073] In yet another aspect, the authentication unit can receive the authenticated biometric input over the air (OTA).
[00074] In an aspect, present disclosure elaborates upon a device comprising a biometric input receiving unit that receives biometric input of a user to enable the device to authenticate the user based on matching of the biometric input with pre-stored and pre-authenticated biometric input that is stored on in the device, wherein upon or during authentication of the user, authentication data is generated so as to comprise location of the user and time of receipt of the biometric input, and wherein the generated authentication data is transmitted by the device to a server that receive the generated authentication data, and marks attendance of the user based on analysis of the location and the time that form part of the generated authentication data.
[00075] The present disclosure relates to automation of attendance with enhanced authentication and security, in particular to a user identification card/device having a biometric sensor and configured to wirelessly transmit a signal having biometric input from the user to a reader to enable said reader to accordingly process and forward the signal to an authentication unit/attendance server/cloud that can process the signal to confirm that the user is valid/authenticated along with processing his/her attendance.
[00076] In an aspect, the I-card can communicate using an appropriate wireless technology (such as Bluetooth 4.0 and above, including Bluetooth 5, Sub Ghz/Active/Passive-RFID/WiFi Near Field Communication (NFC) ) and can be operatively connected to a biometric sensor ( such as a fingerprint sensor ) . Proposed system using the I-card can automatically record attendance with guarantee that only an authorized person is marking the attendance, making theprocess of marking attendance faster and seamless.
[00077] In another aspect, proposed system can allow access to different areas only to users authorized to access them.
[00078] Embodiments of the present disclosure include various steps that will be described below. The steps may be performed by hardware components or may be embodied in machine-executable instructions that may be used to cause a general-purpose or special-purpose processor programmed with the instructions to perform the steps. Alternatively, steps may be performed by a combination of hardware, software, firmware, and/or by human operators.
[00079] Information and data generated by proposed system can be sent to a server /cloud and analyzed later for purpose of records or appropriate actions.
[00080] Besides marking attendance of a user, proposed system can be used for restricting /granting access to users based upon their biometric data. For instance, a user may be allowed in an office/premise but not allowed in a particular room such as file room. For the purpose, user’s biometric data can be passed from I-card of the system ( through reader that may provide location coordinates ) to an authentication unit that can check whether the user is authorised to access area as indicated by location coordinates of the reader and thereby provide access to the user.
[00081] In an aspect, the present disclosure relates to a system to mark the attendance and presence of the person/object in indoor or outdoor area i.e. School, office, hotel, university, park, garden, exhibition, society, malls, etc. with the help of a Bluetooth and biometric fingerprint based I-card, and a wireless reader/receiver. In an aspect, the Wireless receiver (having corresponding Bluetooth 4.0 and above (Including Bluetooth 5)/Sub Ghz/Active/Passive-RFID/WiFi Near Field Communication (NFC) ) ability detects the presence of the Bluetooth 4.0 and above (Including Bluetooth 5)/Sub Ghz/Active/Passive-RFID/WiFi Near Field Communication (NFC) and Biometric Fingerprint Sensor Based I-Card/tag in the vicinity and sends authentication data generated by the I-card over to the cloud through Internet using GPRS, 3G, 4G, Sub Ghz, WiFi, LoRa. LAN/WAN etc. A clod application can perform a computation to determine if the person carrying the I-card is allowed access to the location the person may be trying to access.
[00082] In an aspect, the identification device can be configured in the form of an identification card or a wearable device or a tag. This device can have wireless communication capability through any or a combination of Bluetooth 4.0 and above (Including Bluetooth 5), Sub Ghz, Active/Passive-RFID, WiFi, Near Field Communication (NFC),LoRa and can be operatively coupled to or configured with a Biometric Fingerprint sensor/scanner. The identification device may also have a button on it to manage turn on and off sequence of fingerprint to control power consumption.
[00083] In an exemplary implementation, user of the proposed identification device can scan his/her thumb or finger impression on the identification device that has a biometric fingerprint sensor on it, based on which the identification device validates the thumb impression by matching it with a pre-stored thumb impression in the identification device itself (i.e. in the memory of the I-card),and accordingly the corresponding packet (matched or unmatched result)from the identification device can be sent over the air to the receiver/reader and onwards to the server that can finally mark the attendance based on whether the match was found. As mentioned above, it is very much possible that the matching action takes place the server itself. Moreover the fingerprint matching can be done at reader and/or server as well.
[00084] In an aspect, this transmitted packet from the card to the reader can have at least one unique attribute of the identification device, which can be the unique identification number (UID) of the device. The UID can be a MAC address, UUID or any other unique number of the identification device and can be included along with the result of the comparison of the thumb impression and time stamp in the transmitted data packet. Apart from these attributes, other information can also be sent depending on the requirement.
[00085] In an aspect, this authentication information (UID, thumb impression, Time stamp etc) can be transmitted using Bluetooth 4.0 and above (Including Bluetooth 5)/Sub Ghz/Active/Passive-RFID/WiFi Near Field Communication (NFC) to the reader in form of a data packet. The reader can in turn process the data packet and send it to an authentication unit that can be configured in a central computing unit /server using Internet via wired or wireless communication means well known.
[00086] In an aspect, the proposed reader/receiver can be a mobile device having Internet connection in it, and can transmit this data over the Internet to the main computing unit or server (cloud)
[00087] In an aspect, the authentication information or user data can also be stored in the reader itself to manage the attendance system in absence of the internet connection.
[00088] In an aspect, the mobile device can also be used for computation and storing the authentication data.
[00089] FIG. 1 illustrates overall architecture of the proposed system in accordance with an exemplary embodiment of the present disclosure.
[00090] As illustrated in FIG.1, proposed system can include a device 102, a reader 104 and an authentication unit 106.
[00091] Device 102 can have a unique identification (UID) and can be configured to receive biometric input form a user (shown as User A). For instance, device 102 can be in form factor of an I-card, and can include a fingerprint sensor ( or, an eye scanner or a camera, or a combination of these). The user A can, for instance, press his finger on the fingerprint sensor. Thereby, device 102 can generate authentication data that can include the fingerprint scan (biometric input ) and the UID of the device.
[00092] Once user A is within a pre-determined distance of reader 104, he/she can operate device 102 as elaborated above wherein the device 102 can generate authentication data 108. Reader 104 can receive this authentication data and append present time and location (of the reader) to create appended authentication data as shown at 110. Further, reader 104 can transfer appended authentication data 110 to authentication unit 106 that can be configured to receive it. Authentication unit 106 can be configured in a server.
[00093] Upon receipt of appended authentication data 110, authentication unit can match at least part of the appended authentication data (for instance, the fingerprint scan) with pre-stored authenticated biometric input of the user that is pre-associated with the UID, in order to authenticate user A, as shown at 112.
[00094] As can be readily understood, in case the two biometric inputs match, it can be concluded that User A is authenticated. That is, user A is authorized to provide his/her biometric input to device 102.
[00095] In an exemplary embodiment, upon authentication a signal can be generated that can be used for one //more purposes. For instance, the signal can carry the authenticated user name, and time and location as provided by the reader 104 in order for authenticated user to be marked present at the time and the location. In this manner, proposed system can enable an attendance system.
[00096] In another exemplary embodiment, the signal can also be used to grant/deny access to a user to a zone and/or raise alarm accordingly. Location coordinates that a user is allowed to access can be stored at a server along with the user details (for instance the UID of the device the user is authorized to carry). Upon authentication, location coordinate received from reader 104 can be compared with those that the user is allowed to enter and in case of a match, access granted to the user. In case of absence of a match (or when the user is not authenticated to begin with), the signal can be used to generate an alarm.
[00097] Any or a combination of device 102, reader 104 and authentication unit 106 can be operatively connected to each other using wireless means. Authentication unit 106 can be, for instance, configured at a central server while device 102 can be part of a mobile device carried by user ( when the mobile device as well can provide location coordinates of the user at the time the user generates biometric input, using, for instance, GPS of the mobile device). The system can as well be configured as a mobile application that can be installed on the user’s mobile device.
[00098] The authentication unit can also be configured to trigger a signal based upon variations in the biometric input. For instance, if a user provides his iris scan as authentication means and the use blinks his eye 5 times in 10 seconds, thereby generating five iris scans in this period, the authentication unit can determine this to be an emergency and generate a signal accordingly. Using associated systems, the signal can be used to send, for instance, SMS/E-mail etc. to pre-configured mobile numbers/ e-mail ids provided by the user to the proposed system.
[00099] In an aspect, device 102 can itself authenticate the user based upon matching of biometric input of a user with a pre-authenticated biometric input pre-stored in the device. In case of a match, the device can generate location and time receipt of the biometric input as part of authentication data. Such data can be transmitted by the device to a server that can receive the generated authentication data, and mark attendance of the user based on analysis of the location and the time that form part of the generated authentication data.
[000100] FIG. 2 illustrates working of the proposed system in accordance with an exemplary embodiment of the present disclosure.
[000101] As illustrated in FIG. 2, in an exemplary embodiment, the I-card of system disclosed can transmit a data packet to a card reader as shown at 202. The data packet can carry the unique identification (UID) of the I-card (that can be, for instance, MAC address, UUID or any other unique number of the identification device), biometric input, and time stamp when the biometric input was provided by a user on the I-card, such data being termed authentication data. Apart from these, the data packet can carry other information as well, depending upon the requirement.
[000102] In an exemplary embodiment, the I-Card can have a processing unit in sleep mode and can have wakeup mode mechanism by capacitive touch sensing, button, or by any other mechanical or electromechanically switch to wake up from sleep mode. Upon such waking up the I-card can perform its functions of receiving and comparing biometric inputs, and transmitting data packet as elaborated above.
[000103] The authentication data can be received by the reader using any wireless technique. In an exemplary embodiment, reader of the present disclosure can be a dedicated hardware or a mobile phone that can be configured to detect presence of an identification device in its vicinity based on authentication data received from the identification device (also referred to as I-card in the instant disclosure). The reader can append its location to the authentication data and transmit the appended location to a central computing device/sever, as shown at 204.
[000104] In another aspect, as illustrated at 206, the central computing device can perform computation upon received appended authentication data to authenticate/find presence of user associated with the identification device based on the reception of the at least one unique attribute and biometric data received from the biometric sensor configured in the I-card and comparison of the biometric data with pre-stored authenticated biometric input of said user that is pre-associated with the at least one unique attribute. Further, as illustrated at 208, location can be stored at the server
[000105] FIG. 3 illustrates another example of the proposed system, in accordance with an exemplary embodiment of the present disclosure.
[000106] As illustrated, a user can touch the biometric sensor (say fingerprint sensor) of an I-card of the proposed system whenever he wants to make an attendance request. The touch can ‘wake up’ a processing unit within the I-card and fingerprint capturing can be initiated, as illustrated at 302.This captured fingerprint can be compared with a pre-stored fingerprint ( that can be stored within the I-card itself) to authenticate the person. According to the fingerprint matching result authentication can be done. If the person is authorised to use the I-card, a TRUE flag can be generated by the I-card, else a FALSE flag can be generated.
[000107] As illustrated at 304, the flag information (authentication information ) along with UID of the I-card can be sent to a reader using a wireless technique. Biometric Information captured may also be sent along with. The reader may further transmit the data to a server, as shown at 306.
[000108] The server can read the flag data in the information received. In case the flag is TRUE, attendance of the user may be marked, as shown at 308. However, if the flag is FALSE, the server may trigger an alarm signal to management / administrators of the proposed system about presence of an un-authorized person, as shown at 310. As can be readily understood, the alarm signal can carry as well the biometric data produced by the unauthorized person to facilitate further proper action to be taken accordingly.
[000109] FIG. 4 illustrates how proposed system allows access to a user for areas the user is authorized to access in accordance with an exemplary embodiment of the present disclosure.
[000110] As illustrated at 402, an I-card can capture biometric information of a user and send this information along with its UID to a reader. As shown at 404, the reader can receive this information, append its location coordinates and time data to same and send data packet comprising UID, biometric information, time and location to a server as shown at 406. The server can store, for each UID, authenticated biometric data of its authorized user as well as location coordinates of areas that the authorized user is allowed to access. The server can compare biometric data received from the reader with authenticated biometric data for the same UID.
[000111] In case the two match, the proposed system can conclude that the user is authorized. Next, proposed system can check if the user is authorized to be/enter in zone of which the location coordinates have been received by seeing if any of the location coordinates of areas that the user is authorized to access matches those received from the reader. In case of a match, the proposed system can grant permission to the user to enter/remain in the zone, as shown at 410. If not, the proposed system can raise an alarm that can be sent to management /administrators of proposed system as shown at 408.
[000112] As can be readily understood, proposed system can be configured to adjust the location coordinates received from the reader to provide/deny access to the authorized user. For instance, the authorized user can be provided access as long as he/she is within 10 meters of an access point he /she is authorized for, else access can be denied. All such embodiments are fully a part of the present disclosure.
[000113] It can be readily understood that authentication as enabled by the proposed system can be used to generate one/more signals for different purposes. For instance, such authentication can be performed at entrance of a school/classroom wherein only such people /students as are authorized to enter the school/classroom at that time are granted access, and their attendance also marked automatically, while others are denied access and an intimation sent accordingly to the school principal. Attendance of a student for a class can be sent on daily/monthly/weekly basis to mobile device of his/her parent using such signals. Unauthorized attempts at different access points (each having a separate reader, the reader having its own UID that can become part of data being received by the server) can be analyzed to identify unauthorized access prone areas and security at such areas can accordingly be enhanced. All such embodiments and their modifications are fully a part of the present disclosure.
[000114] In another aspect, variations in biometric inputs can as well be used to generate different signals that can be used for various other purposes. For instance, if an authorized user provides 5 thumbprints over a 10 second time period on his/her I-card configured with a fingerprint sensor, such a frequency of signals can be sensed by the biometric sensor and become part of authentication data provided. After authentication, proposed system can determine that such variation matches a pre-determined variation and so can generate a signal, for instance an SOS signal. Likewise, a biometric sensor (for instance a camera) in the I-card can detect number blinks of an eye of a user over 5seconds and can use this data to generate an SOS signal. Proposed system can be configured to accordingly send an SOS message to pre-configured mobile numbers provided by the user to the proposed system. A voice signature of an authorised user in a particular speech pattern can be likewise used. All such embodiments and their combinations are fully a part of the present disclosure.

ADVANTAGES OF THE PRESENT DISCLOSURE
[000115] Present disclosure provides for a system that determines presence of a user at a location with a high degree of authentication.
[000116] Present disclosure provides for a system that allows a user access to only such areas the user is authorised to.
[000117] Present disclosure provides for a system that generates an emergency alert when required by a user.

CLAIMS:

1. An authentication system comprising:
a device with a unique identification (UID), said device operatively configured to receive a biometric input of a user and generate authentication data comprising said biometric input associated with UID of said device;
a reader configured to receive the authentication data when said device is within a pre-determined distance from said reader, append present time and location of the reader to the authentication data to create appended authentication data, and send the appended authentication data to an authentication unit; wherein
the authentication unit is configured to authenticate said user as authorized user based on matching of at least a part of said appended authentication data with pre-stored authenticated biometric input of said user that is pre-associated with the UID.

2. The system of claim 1, wherein said biometric input comprises any or a combination of at least one fingerprint, an iris scan, a voice print, and a facial scan.

3. The system of claim 2, wherein the authentication unit triggers at least one signal based on at least one pre-configured variation in said biometric input.

4. The system of claim 1, wherein upon authentication, said authorized user is marked present at said present time and said location.

5. The system of claim 1, wherein the device, the reader, and the authentication unit are operatively connected wirelessly.

6. The system of claim 1, wherein any or a combination of the device, the reader and the authentication unit is configured in a mobile device.

7. The system of claim 1, wherein the system determines if said authorized user is permitted access to a zone at said time and if so, grants access of said zone to said user , else raises an alarm.

8. The system of claim 1, wherein said authentication unit is configured at said device, said reader, or at a central server.

9. The system of claim 8, wherein said authentication unit receives said authenticated biometric input over the air (OTA).

10. A device comprising a biometric input receiving unit that receives biometric input of a user to enable said device to authenticate the user based on matching of the biometric input with pre-stored and pre-authenticated biometric input that is stored on in said device, wherein upon or during authentication of said user, authentication data is generated so as to comprise location of said user and time of receipt of said biometric input, and wherein said generated authentication data is transmitted by said device to a server that receive said generated authentication data, and marks attendance of said user based on analysis of the location and the time that form part of the generated authentication data.