This relates to authentication of users of processor-based devices.
Because of the ever-increasing volume of secure transactions taking place over computerized devices, the need for user authentication is similarly increasing. Because transactions may be undertaken between a remote user and a server, such as a bank server, or other servers where security is important, there is a heightened need to be sure that the person who is remotely connecting to the server is who the person says the person is. The reasons for this include the prevention of fraud, theft of funds, and unauthorized access to servers and other computer systems.
Password protection is widely used at present but is woefully inadequate. Passwords can be stolen using random generation and an observer may be able to discern the password entry and thereby gain unauthorized entry. Users commonly forget passwords. This means that the passwords must be ever more complicated, increasing the likelihood that consumers will have trouble remembering them. Moreover, because of different password rules for different servers, users must generate a plurality of passwords, making user retention of those passwords ever more difficult.
In some embodiments, a computer executed method may extract data from electrophysiological signals belonging to an individual. That data may be used to authenticate the individual.
Some embodiments are described with respect to the following figures:
Healthcare may be coupled with existing everyday activities, such that healthcare data is seamlessly and transparently acquired and kept up-to-date, providing an inherent solution to user compliance and improving consumer healthcare.
Biometric authentication replacing or supplementing common use of passwords, when based on measurement of the same physiological modality as used for healthcare, provides a solution to coupling consumer healthcare with a daily (or more frequent) activity. Thus, electro-biometric based authentication may replace passwords and seamlessly enable consumer healthcare analyses. As used herein, “electro-biometric” means “based on electrical signals generated from one or more distinguishing user physiological characteristics.”
In some embodiments, a user utilizes an electrocardiogram (EKG) based authentication apparatus by touching a pair of conductive contacts or other sensor(s). Consequently, heart-beat data is collected for biometric matching processing, as well as for fine tuning of the biometric signature space as time goes by.
The same heart-beat data may also be analyzed online or saved for future offline analyses. Example analyses might include calculation of the heart-rate by counting the number of heart-beats per minute, estimation of level of stress and mood using heart-rate variability analyses, and time-locked averaging for establishing a high quality EKG complex for diagnosis of heart conditions.
An ever expanding or adaptive database, increasing with every use of the authentication apparatus, may be used to establish personal average statistical norms as well as personal time-varying statistical norms. These norms can subsequently be used to detect abrupt changes or gradual shifting trends in certain healthcare indices, which might indicate that the user is operating outside of his or her normal comfort zone or that his or her normal comfort zone is shifting.
Such indications might be used to alert the user or a pre-assigned third party, such as a caregiver, to an uncharacteristic situation such as a high level of stress, change of mood, high pulse rate, or atypical change in the EKG waveform. In terms of the synergism of coupled functionality and data collection of the biometrics and healthcare sub-systems working in tandem, the sub-systems are derived from and reciprocally support the other important processes. These processes may include but are not limited to:
a) when a user identity is rejected by the biometric system, the data is not stored so as not to contaminate one user's database with data acquired from a non-licensed user;
b) when a user turns on a healthcare application, and submits his or her EKG data for analysis, the same data may be used for fine tuning of the biometric signature space of the user; and
c) with either authentication or healthcare transactions, correlating biometric signatures with healthcare indices to establish relationships between the biometric signatures and healthcare indices enhances the analytic and diagnostic capabilities of each sub-system.
In some embodiments certain consumer healthcare indices may be extracted from EKG (or ECG) data belonging to an individual. Deviations from standard statistical norms belonging to the individual may be calculated. The standard norms may be established and adjusted periodically or a periodically for except when individual performs an authentication transaction using a computing apparatus. The present technology is not limited to EKG. The utilization of any suitable dynamic physiological systems (e.g. electroencephalography (EEG), electromyography (EMG), electrooculography (EOG), electroretinography (ERG), whether provoked or resting), is contemplated.
Consumer healthcare indicates may include heart rate, level of stress, mood, EKG diagnostic landmarks, as well as any other indices that can be extracted from a heartbeat. Deviations from the standard norms may be defined as changes exceeding certain norm thresholds. Norm thresholds may be calculated as representing values with some statistical probability, such as values external to an average plus/minus an x number of standard deviations. Deviations would be evaluated as outlying data with associated degree of random improbability, which can be employed to determine whether healthcare statistical norms need to be altered.
In some embodiments according to the present technology, a method and system are provided for collecting biometric EKG data when an individual submits his or her EKG data for healthcare analyses.
When a user comes into contact with one or more sensors (e.g. two electrodes), electro-physiological signals are read and an authentication check is performed to determine if the current user is the registered user. If not, then the identity of the user is rejected. A message indicating identity rejection may be displayed, and the user may be given a chance to enter a password in order to authenticate.
The system 10 of
In some embodiments, the sensor(s) may be part of a consumer device (e.g. a cell phone) or of its housing. Measurements may be taken whenever the user touches or picks up the device (assuming the user is properly authenticated). This allows for data to be recorded over a period of time without any thought or effort on the part of the user.
The database 32 may include a mass storage device and portable storage medium drive(s). The mass storage device may be implemented with a magnetic disk drive or an optical disk drive, which may be a non-volatile storage device for storing data and instructions for use by the processor 26. The mass storage device can store system software for implementing embodiments according to the present technology for purposes of loading that software into the memory 28.
Also coupled to the processor 26 are a network interface 30 and a display 34. The network interface 30 may allow the physiological information that is collected to also be used for medical analysis purposes. For example, a network interface would allow information about physiological conditions to be transmitted to a health professional for further analysis. Thus in some embodiments, the information that may be collected automatically upon use of a processor-based device may likewise be used for authentication as well as medical diagnoses and medical monitoring purposes. In some cases, the data that is captured may include additional information not specifically purposed for authentication but instead targeted to provide medical information to a healthcare professional. This medical information may be the same for all users or may be specifically targeted for conditions known or suspected to exist in a case of a particular individual.
The processor 26 may also be coupled to an interface 24. The interface 24 receives electro-biometric signals from the electrodes 12 and 14. In some embodiments the electrodes 12 and 14 may be body attachable electrodes including those of the type that are conventionally secured by removable adhesive as well as bare metal contacts that simply make contact with the skin. For example, in one embodiment the contacts may be spaced so as to touch either side of a user's finger, such as a user's index finger when the user is resting on a processor-based device. In some embodiments, the contacts may be positioned to contact a finger resting on a button or actuator in order to initiate operation of the processor-based device.
The electrodes 12 and 14 may be coupled to preamplifer 16, filters 18, and an analog digital converter 20. Signal analysis of the resulting signals may be obtained in block 22.
In some embodiments, information about heart rate and rhythm may be obtained in the form of voltage signals. In other embodiments, current signals may be obtained for example in connection with body impedance measurements.
At block 505, measurements are taken for a given period of time (e.g. up to 10 seconds, etc.). The measurements may be of electro-physiological signals, such as EKG signals, belonging to an individual. It is contemplated that various other signals may be measured in addition to or in place of EKG signals.
At block 510, in one embodiment, biometric matching is performed.
At diamond 515, if the identity of the user is confirmed, then process proceeds to diamond 520. If, on the other hand, the identity of the user is not confirmed then the process proceeds to block 525 where the identity of the user is rejected. However, the user may optionally be given the opportunity to enter a password in order to authenticate, thus allowing the process to proceed to diamond 520.
At diamond 520, a given healthcare parameter(s) is compared to its respective threshold. Depending on the parameter, the threshold is determined by comparison to accepted clinical or other accepted normal values or derived by comparison to baseline user data statistical distributions, or some combination thereof.
If the healthcare parameter(s) is within its respective normal threshold range, then the process proceeds to block 530. If the healthcare parameter(s) is not within its respective normal threshold range, then the process proceeds to step 535.
At block 530, norm values are updated if required for the given healthcare application(s). This may be accomplished by taking the current measurements and combining (e.g. averaging, etc.) then with previously stored data. Generally, increasing the frequency with which norms are calculated and the duration of taking measurements (both for a given instance and over a period of days or weeks) increases the accuracy of the data.
At block 535, the parameter(s) is not within its respective allowed threshold range, so a flag may be set indicating that this parameter(s) is an outlier. The outlier may be stored and the norm values updated. A message may be issued to the user and/or a healthcare practitioner indicating that there may be a medical issue. In some embodiments, if additional outliers are encountered at a sufficient frequency, then they are used to adjust the norm values. As outlier determination is based on probabilistic assumptions and/or formal determination of outliers. Whether to use the outlier to adjust norm values involves setting decision criteria which address these assumptions. If an outlier is defined on the basis of 3 standard deviations from the mean, its probability of occurrence is 0.3%. Using the binomial distribution and the probability, we can determine the probability of one or more outliers in a sample occurring by random chance. For example if a sample of 100 observations provides one such apparent outlier, the binomial distribution suggests that the probability of this happening by change is 22%; however, for 2 such outliers, this falls rapidly to 3%; for 3 outliers, 0.3% for 4, 0.02%. For most cases, according to statistical convention, we can probably accept that a random chance probability of less than 5% is grounds for re-evaluating the distribution parameters and norm values.
A processor-based device 40, namely any device that includes a processor, shown in
In some embodiments, two human body securable electrodes of contacts 12 and 14 may be used to make two different measurements of a characterizing human physiological condition. Thus, the processor-based device 40 may include a contact area 46 which may be simply the surface of a housing or a maybe a touch or pushbutton, normally pushed or touched in order to operate the device. In addition, the device 40 may typically have a display screen 42 surrounded by a housing 44.
In this example, when the user puts his or her fingers on the contact area 46, for example, to begin operation of the device, the user makes electrical contact with the two contacts 12 and 14. Then two different electro-biometric measurements may be made, in some embodiments seriatim automatically without even notifying the user. That is, simply by attempting to operate the device, the device may automatically, entirely on its own, take two biometric measurements and use those measurements in order to identify the user. The user may be identified, for example during the normal boot-up sequence of the device 40, and the user may in some cases have no idea that a biometric analysis for purposes of authentication has been undertaken. In some cases the device 40 cannot be used if authentication fails.
In addition, the physiological data that is captured may be stored and used for a variety of purposes. It may be used for monitoring the health of the individual user in some embodiments. It may be aggregated with information made over a computer network automatically with information from a variety of other users in order to track physiological trends.
The following clauses and/or examples pertain to further embodiments:
One example embodiment may be a computer executed method comprising extracting data from electro-physiological signals belonging to an individual, and using said data to authenticate said individual. The method may also include calculating deviations in said data from standard statistical norms belonging to the individual, where the standard statistical norms are established and adjusted periodically when the individual performs an authentication transaction using a data-based biometric apparatus. Another method wherein the extracted data comprises EKG data. Another method wherein the data comprises consumer healthcare indices that include at least one of heart rate, level of stress, mood, EKG diagnostic landmarks, and any other indices that can be extracted from a heartbeat. Another method wherein deviations from the standard statistical norms are defined as changes exceed certain norm thresholds. Another method wherein norm thresholds are calculated as representing values with some statistical probability, such as values external to an average plus/minus an x number of standard deviations.
In another example embodiment there may be one or more non-transitory computer readable media storing instructions to implement a sequence comprising extracting data from electro-physiological signals belonging to an individual, and using said data to authenticate said individual. The media may further store instructions to implement a sequence including calculating deviations in said data from standard statistical norms belonging to the individual, where the standard statistical norms are established and adjusted periodically when the individual performs an authentication transaction using a data-based biometric apparatus. Another media wherein the extracted data comprises EKG data. Another media wherein the data comprises consumer healthcare indices that include at least one of heart rate, level of stress, mood, EKG diagnostic landmarks, and any other indices that can be extracted from a heartbeat. Another media wherein deviations from the standard statistical norms are defined as changes exceed certain norm thresholds. Another media wherein wherein norm thresholds are calculated as representing values with some statistical probability, such as values external to an average plus/minus an x number of standard deviations
Another example embodiment may be an apparatus comprising a pair of electrodes, and a processor coupled to said electrodes to develop electro-physiological signals from an individual and to use said data to authenticate that individual. The apparatus may include said processor to calculate deviations in said data from standard statistical norms belonging to the individual, where the standard statistical norms are established and adjusted periodically when the individual performs an authentication transaction using a data-based biometric apparatus. Another apparatus wherein the extracted data comprises EKG data. Another apparatus wherein the data comprises consumer healthcare indices that include at least one of heart rate, level of stress, mood, EKG diagnostic landmarks, and any other indices that can be extracted from a heartbeat. Another apparatus wherein norm thresholds are calculated as representing values with some statistical probability, such as values external to an average plus/minus an x number of standard deviations. Another apparatus may also be in the form of a computer, a cellular telephone or a television remote control.
While various embodiments have been described above, it should be understood that they have been presented by way of example only, and not limitation. The descriptions are not intended to limit the scope of the invention to the particular forms set forth herein. Thus, the breadth and scope of a preferred embodiment should not be limited by any of the above-described exemplary embodiments. It should be understood that the above description is illustrative and not restrictive. To the contrary, the present descriptions are intended to cover such alternatives, modifications, and equivalents as may be included within the spirit and scope of the invention as defined by the appended claims and otherwise appreciated by one of ordinary skill in the art. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the appended claims along with their full scope of equivalents.
While the present invention has been described with respect to a limited number of embodiments, those skilled in the art will appreciate numerous modifications and variations therefrom. It is intended that the appended claims cover all such modifications and variations as fall within the true spirit and scope of this present invention.
Number | Name | Date | Kind |
---|---|---|---|
7689833 | Lange | Mar 2010 | B2 |
7773780 | Schneider | Aug 2010 | B2 |
7809170 | Phoha | Oct 2010 | B2 |
7809954 | Miller et al. | Oct 2010 | B2 |
8412158 | Forutanpour et al. | Apr 2013 | B2 |
8651373 | Block et al. | Feb 2014 | B1 |
8719911 | Novack | May 2014 | B2 |
8768838 | Hoffman | Jul 2014 | B1 |
8997191 | Stark | Mar 2015 | B1 |
9094211 | Klevan | Jul 2015 | B2 |
20020128867 | Goetzke et al. | Sep 2002 | A1 |
20020138743 | Murakami et al. | Sep 2002 | A1 |
20020152034 | Kondo | Oct 2002 | A1 |
20020162031 | Levin et al. | Oct 2002 | A1 |
20030073917 | Echauz et al. | Apr 2003 | A1 |
20030126448 | Russo | Jul 2003 | A1 |
20040064453 | Ruiz | Apr 2004 | A1 |
20040133582 | Howard et al. | Jul 2004 | A1 |
20050022034 | Chaudhari et al. | Jan 2005 | A1 |
20050050367 | Burger | Mar 2005 | A1 |
20050273333 | Morin et al. | Dec 2005 | A1 |
20050288954 | McCarthy et al. | Dec 2005 | A1 |
20060031102 | Teller et al. | Feb 2006 | A1 |
20060115129 | Abe | Jun 2006 | A1 |
20060210119 | Willis | Sep 2006 | A1 |
20070061166 | Ramasubramanian et al. | Mar 2007 | A1 |
20080097550 | Dicks et al. | Apr 2008 | A1 |
20080104415 | Palti-Wasserman et al. | May 2008 | A1 |
20080214903 | Orbach | Sep 2008 | A1 |
20080229408 | Dinges et al. | Sep 2008 | A1 |
20080294907 | Hively | Nov 2008 | A1 |
20090003663 | Webster | Jan 2009 | A1 |
20090185723 | Kurtz et al. | Jul 2009 | A1 |
20090234198 | Vorse | Sep 2009 | A1 |
20090271343 | Vaiciulis | Oct 2009 | A1 |
20090328200 | Phoha | Dec 2009 | A1 |
20100162386 | Li et al. | Jun 2010 | A1 |
20100217837 | Ansari et al. | Aug 2010 | A1 |
20100331649 | Chou | Dec 2010 | A1 |
20110092825 | Gopinathan et al. | Apr 2011 | A1 |
20110126024 | Beatson | May 2011 | A1 |
20110213700 | Sant'Anselmo | Sep 2011 | A1 |
20120036261 | Salazar et al. | Feb 2012 | A1 |
20120109851 | Sanders | May 2012 | A1 |
20120150651 | Hoffberg et al. | Jun 2012 | A1 |
20120151515 | Atsmon | Jun 2012 | A1 |
20130013327 | Horseman | Jan 2013 | A1 |
20130054576 | Karmarkar et al. | Feb 2013 | A1 |
20130111580 | Checco | May 2013 | A1 |
Entry |
---|
Sufi, et al, ‘ECG-Based Authentication’, Springer 2010, Handbook of Information and Communication Security, pp. 309-331, http://goanna.cs.rmit.edu.au/˜jiankun/Sample—Publication/ECG—Based.pdf. |
Rostami, et al, ‘Heart-to-Heart (H2H): Authentication for Implanted Medical Devices’, acm.org., CCS'13, Nov. 4-8, 2013, entire document, http://www.arijuels.com/wp-content/uploads/2013/09/RJK131.pdf. |
U.S. Appl. No. 13/711,973, filed Dec. 12, 2012, entitled “Multi Electro-Biometric User Recognition.” |
U.S. Appl. No. 61/722,857, filed Nov. 6, 2012, entitled “Determining Social Sentiment Using Physiological Data.” |
Number | Date | Country | |
---|---|---|---|
20140165184 A1 | Jun 2014 | US |