METHOD AND SYSTEM FOR VERIFYING USER AUTHENTICITY IN AN ACCESS CONTROL SYSTEM

FIELD OF THE INVENTION

The disclosure generally relates to an access control system, and more specifically related to a method and a system for verifying user authenticity in the access control system.

BACKGROUND

One of the key decisions a user has to make when installing or upgrading a security system for business or personal use is how to handle access control systems. Each access control system may have its own distinct set of features, advantages, and disadvantages. For example, organizations may use one or more of card readers and key cards as their primary form of access control, keypad readers in conjunction with physical key cards (card readers) to increase security, or biometric readers. However, these methods may have multiple shortcomings.

SUMMARY

This summary is provided to introduce a selection of concepts, in a simplified format, that are further described in the detailed description of the disclosure. This summary is neither intended to identify key or essential inventive concepts of the disclosure nor is it intended for determining the scope of the disclosure.

Disclosed herein is a method at an access reader for verifying authenticity of a user. The method includes detecting, by the access reader, that the user is in proximity to the access reader based on one of a command received from the user or an electronic communication device, associated with the user, present within a predefined threshold distance from the access reader. Furthermore, the method includes transmitting a signal to the electronic communication device in response to detecting that the user is in proximity to the access reader, wherein the signal is indicative of verifying the authenticity of the user. Furthermore, the method includes receiving, from the electronic communication device, biometric information associated with the user for verifying the authenticity of the user after transmitting the signal to the electronic communication device. Furthermore, the method includes verifying, by the access reader, the authenticity of the user based on the verification of the biometric information with user data stored in a database in communication with the access reader.

In one or more embodiments, the method includes triggering a command to provide access to the user based on the verification of the authenticity of the user.

In one or more embodiments, the method includes recording, by the access reader at the database, an access log associated with the verification of the authenticity of the user.

In one or more embodiments, the method includes establishing a secure wireless communication link with the access reader, wherein the wireless communication link is one of a Bluetooth communication link, Ultra-wideband communication link, or another near-field communication link.

In one or more embodiments, receiving the biometric information comprises receiving a voice signature from the user.

Also disclosed herein is a method at the electronic communication device for verifying the authenticity of the user. The method includes generating a prompt message for the user to confirm whether to access the access reader within a vicinity of the electronic communication device. Furthermore, the method includes receiving an input associated with biometric information of the user to access the access reader in response to the generation of the prompt message. Furthermore, the method includes transmitting, to the access reader, the input associated with the biometric information of the user, wherein the biometric information is verified by the access reader to provide access to the access reader.

In one or more embodiments, prior to generating the prompt message, the method includes receiving a signal from the access reader based on the reception of one of a command received from the user or the electronic communication device, associated with the user, present within a predefined threshold distance from the access reader, wherein the signal is indicative of verifying the authenticity of the user.

In one or more embodiments, receiving the input from the user to access the access reader comprises receiving an identity of the access reader, from among the plurality of access readers.

In one or more embodiments, the method includes establishing the secure wireless communication link with the access reader, wherein the wireless communication link is one of the Bluetooth or Ultra-wideband communication link(s).

Also disclosed herein is a system at an access reader for verifying the authenticity of the user. The system includes an access control engine coupled with a processor and a memory. The access control engine is configured to detect that the user is in proximity to the access reader based on one of the command received from the user or the electronic communication device, associated with the user, present within the predefined threshold distance from the access reader. Furthermore, the access control engine is configured to transmit the signal to the electronic communication device in response to detecting that the user is in proximity to the access reader, wherein the signal is indicative of verifying the authenticity of the user. Furthermore, the access control engine is configured to receive, from the electronic communication device, biometric information associated with the user for verifying the authenticity of the user after transmitting the signal to the electronic communication device. Furthermore, the access control engine is configured to verify the authenticity of the user based on the verification of the biometric information with user data stored in a database in communication with the access reader.

In one or more embodiments, the access control engine is configured to trigger a command to provide access to the user based on the verification of the authenticity of the user.

In one or more embodiments, the access control engine is configured to record, by the access reader at the database, an access log associated with the verification of the authenticity of the user.

In one or more embodiments, the access control engine is configured to establish a secure wireless communication link with the access reader, wherein the wireless communication link is one of a Bluetooth communication link, Ultra-wideband communication link, or another near-field communication link.

In one or more embodiments, the access control engine is configured to receive the biometric information, the access control engine is further configured to receive a voice signature from the user.

Also disclosed herein is a system at the electronic communication device for verifying the authenticity of a user. The system includes an access control engine coupled with a processor and a memory. The access control engine is configured to generate the prompt message for the user to confirm whether to access the access reader within the vicinity of the electronic communication device. Furthermore, the access control engine is configured to receive the input associated with biometric information of the user to access the access reader in response to the generation of the prompt message. Furthermore, the access control engine is configured to transmit, to the access reader, the input associated with the biometric information of the user, wherein the biometric information is verified by the access reader to provide access to the access reader.

In one or more embodiments, the access control engine is configured to, prior to generation of the prompt message, receive a signal from the access reader based on the reception of one of a command received from the user or the electronic communication device, associated with the user, present within a predefined threshold distance from the access reader, wherein the signal is indicative of verifying the authenticity of the user.

In one or more embodiments, the access control engine is configured to receive the input from the user to access the access reader, the access control engine is configured to receive an identity of the access reader, from among the plurality of access readers.

To further clarify the advantages and features of the methods, systems, and apparatuses, a more particular description of the methods, systems, and apparatuses will be rendered by reference to specific embodiments thereof, which are illustrated in the appended drawings. It is appreciated that these drawings depict only typical embodiments of the disclosure and are therefore not to be considered limiting of its scope. The disclosure will be described and explained with additional specificity and detail in the accompanying drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other features, aspects, and advantages of the disclosure will become better understood when the following detailed description is read with reference to the accompanying drawings in which like characters represent like parts throughout the drawings, wherein:

FIG. 1 illustrates a block diagram of an access reader for verifying user authenticity in an access control system;

FIG. 2 illustrates a block diagram of an electronic communication device for verifying the user authenticity in the access control system;

FIGS. 3A-3B is a flow diagram illustrating a method at the access reader for verifying user authenticity in the access control system;

FIG. 4 is a flow diagram illustrating the method at the electronic communication device for verifying user authenticity in the access control system;

FIG. 5 is an example sequence diagram illustrating the method for verifying user authenticity in the access control system;

FIG. 6 is another example sequence diagram illustrating the method for verifying user authenticity in the access control system; and

FIGS. 7A-7B is an exemplary scenario illustrating the method for verifying user authenticity in the access control system.

Further, skilled artisans will appreciate that elements in the drawings are illustrated for simplicity and may not have necessarily been drawn to scale. For example, the flow charts illustrate the method in terms of the most prominent steps involved to help to improve understanding of aspects of the disclosure. Furthermore, in terms of the construction of the device, one or more components of the device may have been represented in the drawings by conventional symbols, and the drawings may show only those specific details that are pertinent to understanding the embodiments of the disclosure so as not to obscure the drawings with details that will be readily apparent to those of ordinary skill in the art having the benefit of the description herein.

DETAILED DESCRIPTION OF FIGURES

For the purpose of promoting an understanding of the principles of the disclosure, reference will now be made to the embodiment illustrated in the drawings and specific language will be used to describe the same. It will nevertheless be understood that no limitation of the scope of the disclosure is thereby intended, such alterations and further modifications in the illustrated system, and such further applications of the principles of the disclosure as illustrated therein being contemplated as would normally occur to one skilled in the art to which the disclosure relates.

It will be understood by those skilled in the art that the foregoing general description and the following detailed description are explanatory of the disclosure and are not intended to be restrictive thereof.

Reference throughout this specification to “an aspect”, “another aspect” or similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the disclosure. Thus, appearances of the phrase “in an embodiment”, “In one or more embodiments”, and similar language throughout this specification may, but do not necessarily, all refer to the same embodiment.

The terms “comprise”, “comprising”, or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a process or method that comprises a list of steps does not include only those steps but may include other steps not expressly listed or inherent to such process or method. Similarly, one or more devices or sub-systems or elements or structures or components proceeded by “comprises . . . a” does not, without more constraints, preclude the existence of other devices or other sub-systems or other elements or other structures or other components or additional devices or additional sub-systems or additional elements or additional structures or additional components.

The embodiments herein and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments that are illustrated in the accompanying drawings and detailed in the following description. Descriptions of well-known components and processing techniques are omitted so as to not unnecessarily obscure the embodiments herein. Also, the various embodiments described herein are not necessarily mutually exclusive, as some embodiments can be combined with one or more other embodiments to form new embodiments. The term “or” as used herein, refers to a non-exclusive or unless otherwise indicated. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein can be practiced and to further enable those skilled in the art to practice the embodiments herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments herein.

As is traditional in the field, embodiments may be described and illustrated in terms of blocks that carry out a described function or functions. These blocks, which may be referred to herein as units or modules or the like, are physically implemented by analog or digital circuits such as logic gates, integrated circuits, microprocessors, microcontrollers, memory circuits, passive electronic components, active electronic components, optical components, hardwired circuits, or the like, and may optionally be driven by firmware and software. The circuits may, for example, be embodied in one or more semiconductor chips, or on substrate supports such as printed circuit boards and the like. The circuits constituting a block may be implemented by dedicated hardware, or by a processor (e.g., one or more programmed microprocessors and associated circuitry), or by a combination of dedicated hardware to perform some functions of the block and a processor to perform other functions of the block. Each block of the embodiments may be physically separated into two or more interacting and discrete blocks without departing from the scope of the disclosure. Likewise, the blocks of the embodiments may be physically combined into more complex blocks without departing from the scope of the disclosure.

The accompanying drawings are used to help easily understand various technical features and it should be understood that the embodiments presented herein are not limited by the accompanying drawings. As such, the disclosure should be construed to extend to any alterations, equivalents, and substitutes in addition to those which are particularly set out in the accompanying drawings. Although the terms first, second, etc. may be used herein to describe various elements, these elements should not be limited by these terms. These terms are generally only used to distinguish one element from another.

One of the key decisions a user has to make when installing or upgrading a security system for business or personal use is how to handle access control systems. The term “access control system” refers to physical or technological security measures that govern entrances and exits from spaces within and around a building. The access control system includes everything from a physical lock on a door to a key card/electronic device that opens specific storage areas. There are several options for access control readers when installing the access control system (e.g., card readers, keypad readers, two-factor or multifactor authentication readers, biometric readers, etc.). Each access control system has its own distinct set of features, advantages, and disadvantages.

For example, in one scenario, many organizations use card readers as their primary form of access control. To gain access, card readers use key cards rather than physical keys or codes. There are two types of access control key card readers, viz., proximity and magnetic. Both of these key card options enable organizations to view a history of which cards are used at which entry points, making it simple to narrow down users in the event of a security incident. The disadvantage of using key card readers is that users can easily lose or lend their cards, making an organization's security less effective. In another scenario, keypad readers can be used in conjunction with physical key cards (card readers) to increase security. These are referred to as two-factor or multifactor authentication readers. Although two-factor authentication is more secure than a single access control reader, even this type of access control can be hacked with a stolen card and personal identification number (PIN). In another scenario, biometric readers such as fingerprints would be used for access control rather than key cards or PIN numbers. Biometric access control, especially when combined with another type of access control reader, is by far the most effective form of security for organizations seeking the ultimate in access control. Although biometric readers are effective, they are also more expensive than others. Another disadvantage of using fingerprints to prove identity and gain access is the resulting high-touch surface, which may pose a sanitation issue and become an uninvited source of virus and bacteria transmission.

In some scenarios, the user may be unable to tap the card readers/electronic device and/or provide the fingerprint and/or use face recognition mechanism to the access control system to gain access to entrances and exits from the spaces within and around the building for a variety of reasons, including having bags in both hands, lab devices in both hands, speaking to another person, and so on. The present disclosure addresses the above-mentioned disadvantages or other shortcomings or at least provide a useful alternative for verifying user authenticity in the access control system.

Referring now to the drawings, and more particularly to FIGS. 1 to 7B, where similar reference characters denote corresponding features consistently throughout the figures, there are shown preferred embodiments.

FIG. 1 illustrates a block diagram of an access reader 100 for verifying user authenticity in an access control system. Examples of the access reader 100 include, but not limited to card readers, keypad readers, two-factor or multifactor authentication readers, biometric readers, etc.

In an embodiment, the access reader 100 may include a system 101. The system 101 may include a memory 110, a processor 120, a communicator 130, and an access control engine 140.

In an embodiment, the memory 110 may store instructions to be executed by the processor 120 for verifying authenticity of a user, as discussed throughout the disclosure. The memory 110 may include non-volatile storage elements. Examples of such non-volatile storage elements may include magnetic hard discs, optical discs, floppy discs, flash memories, or forms of electrically programmable memories (EPROM) or electrically erasable and programmable (EEPROM) memories. In addition, the memory 110 may, in some examples, be considered a non-transitory storage medium. The term “non-transitory” may indicate that the storage medium is not embodied in a carrier wave or a propagated signal. However, the term “non-transitory” should not be interpreted that the memory 110 is non-movable. In some examples, the memory 110 can be configured to store larger amounts of information than the memory. In certain examples, a non-transitory storage medium may store data that can, over time, change (e.g., in Random Access Memory (RAM) or cache). The memory 110 can be an internal storage unit, or it can be an external storage unit of the access reader 100, a cloud storage, or any other type of external storage.

The processor 120 may communicate with the memory 110, the communicator 130, and the access control engine 140. The processor 120 may be configured to execute instructions stored in the memory 110 and to perform various processes for verifying authenticity of the user, as discussed throughout the disclosure. The processor 120 may include one or a plurality of processors, which may be a general-purpose processor, such as, a central processing unit (CPU), an application processor (AP), or the like, a graphics-only processing unit such as a graphics processing unit (GPU), a visual processing unit (VPU), and/or an Artificial intelligence (AI) dedicated processor such as a neural processing unit (NPU).

The communicator 130 may be configured to communicate internally between internal hardware components and with external devices (e.g., server, electronic communication device, etc.) via one or more networks (e.g., radio technology, bluetooth, bluetooth low energy (BLE), wireless fidelity (Wi-Fi), etc.), as described in conjunction with FIG. 5, FIG. 6, FIG. 7A, and FIG. 7B. The communicator 130 may include an electronic circuit specific to a standard that enables wired or wireless communication. Furthermore, the communicator 130 may transmit a signal to an electronic communication device when the user is in proximity to the access reader 100, where the signal is indicative of verifying the authenticity of the user. Furthermore, the communicator 130 may receive biometric information associated with the user for verifying the authenticity of the user after transmitting the signal to the electronic communication device.

The access control engine 140 may be implemented by processing circuitry such as logic gates, integrated circuits, microprocessors, microcontrollers, memory circuits, passive electronic components, active electronic components, optical components, hardwired circuits, or the like, and may optionally be driven by firmware. The circuits may, for example, be embodied in one or more semiconductor chips, or on substrate supports such as printed circuit boards and the like.

In an embodiment, the access control engine 140 may include a sensor(s) 141, an input-output (I/O) controller 142, a verification engine 143, an access log controller 144, and an AI engine 145.

The sensor(s) 141 may be configured to capture sensor data associated with the access reader 100. Examples of the sensor(s) 141 include, but not limited to, a camera, a microphone, a temperature sensor, an audio sensor, an accelerometer, a pressure sensor, a location sensor, a humidity sensor, a global positioning system (GPS) sensor, a magnetic field sensor, an electric field sensor, a light sensor, an infrared light sensor, a proximity sensor, a biometric sensor (e.g., fingerprint, iris, facial pattern, etc.), and so on, as illustrated in FIG. 7A and FIG. 7B. The sensor data is, for example, a signal transmitted by the sensor(s) 141 in response to physical stimulation. In another embodiment, the access reader 100 may take a security-related action based on the security-related data of the sensors(s) 141. The security-related sensor data or action is data, or an action related to controlling or restricting access to an area protected by the access reader 100. An example of the area protected by the access reader 100 is the inside of an object whose access is controlled or restricted by an apparatus, such as a door, gate, lid, drawer, etc., that can be secured and locked in a closed position by the access reader 100 that is coupled to the apparatus. The object includes a house, a building, an automobile, a safe, a container, a cabinet, and so on.

In one example embodiment, the security-related data for a motion sensor may indicate the motion of the door, gate, lid, drawer, or other apparatus to which the access reader 100 is connected. The motion of the door or other apparatus indicates that the door or other apparatus is being opened/closed to allow/restrict access to the area.

In one example embodiment, the security-related data for a proximity sensor may indicate that the user is near a door and may attempt to break/open through the door, that the door is closed or open based on its proximity to a door frame in which the door is installed, and so on. Furthermore, the proximity sensor's security-related data includes a count of users who pass by the access reader 100 and the number of users who enter or exit the protected area. Furthermore, the sensor(s) 141 sends a message indicating the counts to the owner or administrator of the access reader 100/access log controller 144, a third party, etc.

In one example embodiment, the security-related data for a microphone may indicate that a user is knocking on the door. When the microphone may determine that the user is knocking on the door, the microphone then sends a signal to a wirelessly connected light sensor/light bulb, causing the light bulb to illuminate an area near the access reader 100. For example, the light bulb can illuminate the area in front of the door, the area inside the house containing the door, and so on.

In one example embodiment, the security-related data for the proximity sensor may indicate that the user is within a predetermined distance/predefined threshold distance (e.g., 2 meters) of the access reader 100, the access reader 100 may initiate a video stream to the administrator/owner of the access reader 100 via the camera and an audio stream via the microphone to the administrator/owner of the access reader 100. The administrator/owner uses the video stream to see what is going on near the door, and the access reader 100 may use a two-way audio stream to communicate with the user who is nearby.

In one example embodiment, the security-related data may indicate a potential security issue in which the access reader 100 communicates via a signal to be sent to a speaker/audio sensor, causing the speaker to emit an alarm sound. In another case, when security-related data indicates a potential security issue, the access reader 100 may send a signal that causes the camera to start recording or taking images, for example, to capture an image or video of a burglar attempting to break into the area protected by the access reader 100.

The I/O controller 142 may include an input device(s) and an output device(s). The input device(s) allows the user to communicate with the access reader 100, as illustrated in FIG. 5, FIG. 7A, and FIG. 7B. Examples of input devices include, but not limited to, a keypad, a camera, a microphone, and so on. The user may enter a password, passcode, or other information using the keypad. When the camera is used as the input device(s), the camera recognizes the user's face or other identifiable body parts, as well as physical gestures used for communication. When the input device(s) is/are a microphone, the user can speak commands, passwords, passphrases, and so on, which the microphone receives and speech or voice recognition can be used to understand the words spoken, identify the user, and so on.

The verification engine 143 may verify the authenticity of the user based on verification of the biometric information with user data stored at a database (e.g., cloud server) (not shown in FIG. 1) in communication with the access reader 100, as described in conjunction with FIG. 5, FIG. 7A, and FIG. 7B. The biometric information may include a voice signature (e.g., voice command to open the door, “please open the door”) from the user. The verification engine 143 may establish a secure wireless communication link, by utilizing the communicator 130, with the access reader 100, wherein the wireless communication link is one of a Bluetooth communication link, ultra-wideband communication link, or another near-field communication link. The access log controller 144 may record an access log associated with the verification of the authenticity of the user in the database.

A function associated with the AI engine 145 may be performed through the non-volatile memory, the volatile memory, and the processor 120. One or a plurality of processors controls the processing of the input data in accordance with a predefined operating rule or AI model stored in the non-volatile memory and the volatile memory. The predefined operating rule or AI model is provided through training or learning. Here, being provided through learning means that, by applying a learning algorithm to a plurality of learning data, a predefined operating rule or AI model of the desired characteristic is made. The learning may be performed in a device itself in which AI according to an embodiment is performed, and/or may be implemented through a separate server/system. The learning algorithm is a method for training a predetermined target device (for example, a robot) using a plurality of learning data to cause, allow, or control the target device (e.g., access reader 100) to decide or predict the authenticity of the user. Examples of learning algorithms include, but not limited to, supervised learning, unsupervised learning, semi-supervised learning, or reinforcement learning.

The AI engine 145 may consist of a plurality of neural network layers. Each layer has a plurality of weight values and performs a layer operation through a calculation of a previous layer and an operation of a plurality of weights. Examples of neural networks include, but not limited to, convolutional neural network (CNN), deep neural network (DNN), recurrent neural network (RNN), restricted boltzmann machine (RBM), deep belief network (DBN), bidirectional recurrent deep neural network (BRDNN), generative adversarial networks (GAN), and deep Q-networks.

Although FIG. 1 shows various hardware components of the access reader 100, but it is to be understood that other embodiments are not limited thereon. In other embodiments, the access reader 100 may include less or more number of components. Further, the labels or names of the components are used only for illustrative purpose and does not limit the scope of the invention. One or more components can be combined to perform the same or substantially similar functions to verify the authenticity of the user in the access control system.

FIG. 2 illustrates a block diagram of an electronic communication device 200 for verifying user authenticity in the access control system. Examples of the electronic communication device 200 include, but not limited to, a smartphone, a tablet computer, a Personal Digital Assistance (PDA), an Internet of Things (IoT) device, a wearable device, etc.

In an embodiment, the electronic communication device 200 may include a system 201. The system 201 may include a memory 210, a processor 220, a communicator 230, a display 240, a camera 250, and an access control engine 260.

In an embodiment, the memory 210 may store instructions to be executed by the processor 220 for verifying authenticity of the user, as discussed throughout the disclosure. The memory 210 may include non-volatile storage elements. Examples of such non-volatile storage elements may include magnetic hard discs, optical discs, floppy discs, flash memories, or forms of electrically programmable memories (EPROM) or electrically erasable and programmable (EEPROM) memories. In addition, the memory 210 may, in some examples, be considered a non-transitory storage medium. The term “non-transitory” may indicate that the storage medium is not embodied in a carrier wave or a propagated signal. However, the term “non-transitory” should not be interpreted that the memory 210 is non-movable. In some examples, the memory 210 can be configured to store larger amounts of information than the memory. In certain examples, a non-transitory storage medium may store data that can, over time, change (e.g., in Random Access Memory (RAM) or cache). The memory 210 can be an internal storage unit, or it can be an external storage unit of the electronic communication device 200, a cloud storage, or any other type of external storage.

The processor 220 may communicate with the memory 210, the communicator 230, the display 240, the camera 250, and the access control engine 260. The processor 220 may be configured to execute instructions stored in the memory 210 and to perform various processes for verifying authenticity of the user, as discussed throughout the disclosure. The processor 220 may include one or a plurality of processors, may be a general-purpose processor, such as a central processing unit (CPU), an application processor (AP), or the like, a graphics-only processing unit such as a graphics processing unit (GPU), a visual processing unit (VPU), and/or an Artificial intelligence (AI) dedicated processor such as a neural processing unit (NPU).

The communicator 230 may be configured to communicate internally between internal hardware components and with external devices (e.g., access reader 100) via one or more networks (e.g., radio technology), as illustrated in FIG. 5, FIG. 6, FIG. 7A, and FIG. 7B. The communicator 230 may include an electronic circuit specific to a standard that enables wired or wireless communication.

The display 240 can accept user inputs and is made of a liquid crystal display (LCD), a light emitting diode (LED), an organic light emitting diode (OLED), or another type of display, as illustrated in FIG. 7A, and FIG. 7B. The user inputs may include, but not limited to, touch, swipe, drag, gesture, voice command, and so on. The camera 250 may include one or more image sensors (e.g., charged coupled device (CCD), complementary metal-oxide semiconductor (CMOS)) to capture one or more images/image frames.

The access control engine 260 may be implemented by processing circuitry such as logic gates, integrated circuits, microprocessors, microcontrollers, memory circuits, passive electronic components, active electronic components, optical components, hardwired circuits, or the like, and may optionally be driven by firmware. The circuits may, for example, be embodied in one or more semiconductor chips, or on substrate supports such as printed circuit boards and the like.

In an embodiment, the access control engine 260 may include a prompt message generator 261, an input detector 262, and an AI engine 263. The prompt message generator 261 may generate a prompt message (e.g., voice message, display message, etc.) for the user to confirm whether to access the access reader 100 within a vicinity of the electronic communication device 200, as illustrated in FIG. 5. Prior to generating the prompt message, receiving, by the communicator 230, a signal from the access reader 100 based on the reception of one of a command (e.g., open the door) received from the user or the electronic communication device 200, associated with the user, present within the predefined threshold distance from the access reader 100, where the signal is indicative of verifying the authenticity of the user.

The input detector 262 may receive an input (e.g., voice signature) associated with the biometric information of the user to access the access reader 100 in response to the generation of the prompt message, as described in conjunction with FIG. 5, and FIG. 7A. Furthermore, the input detector 262 may receive the input from the user to access the access reader 100 including receiving an identity of the access reader 100 (e.g., Door-1), from among the plurality of access readers (100n) (e.g., Door-1 to Door-n), not shown in FIG. 2. The communicator 230 then may transmit the input associated with the biometric information of the user to the access reader 100, where the biometric information is verified by the access reader 100 to provide access to the access reader 100, as illustrated in FIG. 5, FIG. 6, FIG. 7A, and FIG. 7B. The communicator 230 may establish the secure wireless communication link with the access reader 100, where the wireless communication link is, for example, one of the Bluetooth or ultra-wideband communication link(s).

A function associated with the AI engine 263 may be performed through the non-volatile memory, the volatile memory, and the processor 220. One or a plurality of processors controls the processing of the input data (e.g., voice signature) in accordance with a predefined operating rule or AI model stored in the non-volatile memory and the volatile memory. The predefined operating rule or AI model is provided through training or learning. Here, being provided through learning means that, by applying a learning algorithm to a plurality of learning data, a predefined operating rule or AI model of the desired characteristic is made. The learning may be performed in a device itself in which AI according to an embodiment is performed, and/or may be implemented through a separate server/system. The learning algorithm is a method for training a predetermined target device (for example, a robot) using a plurality of learning data to cause, allow, or control the target device to decide or predict. Examples of learning algorithms include, but not limited to, supervised learning, unsupervised learning, semi-supervised learning, or reinforcement learning.

The AI engine 263 may consist of a plurality of neural network layers. Each layer has a plurality of weight values and performs a layer operation through a calculation of a previous layer and an operation of a plurality of weights. Examples of neural networks include, but not limited to, convolutional neural network (CNN), deep neural network (DNN), recurrent neural network (RNN), restricted boltzmann machine (RBM), deep belief network (DBN), bidirectional recurrent deep neural network (BRDNN), generative adversarial networks (GAN), and deep Q-networks.

Although FIG. 2 shows various hardware components of the electronic communication device 200, but it is to be understood that other embodiments are not limited thereon. In other embodiments, the electronic communication device 200 may include less or more number of components. Further, the labels or names of the components are used only for illustrative purpose and does not limit the scope of the invention. One or more components can be combined to perform the same or substantially similar functions to verify the authenticity of the user in the access control system.

FIGS. 3A-3B is a flow diagram illustrating a method 300 at the access reader 100 for verifying user authenticity in the access control system. Steps (301 to 309) may be performed by the access reader 100 to verify the authenticity of the user in the access control system.

At step 301, the method 300 may include detecting that the user is in proximity to the access reader 100 based on one of the command(s) received from the user or the electronic communication device 200, associated with the user, present within the predefined threshold distance from the access reader 100, as illustrated in FIG. 5 and FIG. 7B.

At step 302, the method 300 may include transmitting the signal to the electronic communication device 200 in response to detecting that the user is in proximity to the access reader 100, where the signal is indicative of verifying the authenticity of the user, as illustrated in FIG. 5 and FIG. 7B.

At step 303, the method 300 may include receiving from the electronic communication device 200, the biometric information associated with the user for verifying the authenticity of the user after transmitting the signal to the electronic communication device 200, as illustrated in FIG. 5, FIG. 7A and FIG. 7B. In one embodiment, the biometric information may include the voice signature from the user.

At step 304, the method 300 may include verifying the authenticity of the user based on verification of the biometric information with user data stored in the database in communication with the access reader 100, as illustrated in FIG. 5 and FIG. 7B.

At step 305, the method 300 may include determining whether the received biometric information associated with the user matches the stored biometric information, in the database, associated with the user, as illustrated in FIG. 5 and FIG. 7B.

At step 306, the method 300 may include no access in response to determining that the received biometric information associated with the user does not match the stored biometric information.

At step 307, the method 300 may include triggering the command to provide access to the user in response to determining that the received biometric information associated with the user matches the stored biometric information, as illustrated in FIG. 5 and FIG. 7B.

At step 308, the method 300 may include recording the access log associated with the verification of the authenticity of the user in the database, as illustrated in FIG. 5 and FIG. 7B.

At step 309, the method 300 may include establishing the secure wireless communication link with the electronic communication device 200, as illustrated in FIG. 5 and FIG. 7B.

FIG. 4 is a flow diagram 400 illustrating the method at the electronic communication device 200 for verifying user authenticity in the access control system. Steps (401 to 404) may be performed by the electronic communication device 200 to verify the authenticity of the user in the access control system.

At step 401, the method 400 may include receiving the signal from the access reader 100, where the signal is indicative of verifying the authenticity of the user, as illustrated in FIG. 5 and FIG. 7B.

At step 402, the method 400 may include generating the prompt message for the user to confirm whether to access the access reader 100 within the vicinity of the electronic communication device 200, as illustrated in FIG. 5 and FIG. 7B. In one embodiment, prior to generating the prompt message, the method 400 may include receiving the signal from the access reader 100 based on reception of one of the command received from the user or the electronic communication device 200, associated with the user, present within the predefined threshold distance from the access reader 100, wherein the signal is indicative of verifying the authenticity of the user.

At step 403, the method 400 may include receiving the input associated with the biometric information of the user to access the access reader 100 in response to the generation of the prompt message, as illustrated in FIG. 5 and FIG. 7B. In one embodiment, the method 400 may include receiving the input from the user to access the access reader 100 comprises receiving the identity of the access reader 100, from among the plurality of access readers (100n).

At step 404, the method 400 may include transmitting the input associated with the biometric information of the user, where the biometric information is verified by the access reader 100 to provide access to the access reader 100, as illustrated in FIG. 5 and FIG. 7B. In one embodiment, the method 400 may include establishing the secure wireless communication link with the access reader 100, wherein the wireless communication link is one of the Bluetooth or Ultra-wideband communication link.

FIG. 5 is an example sequence diagram illustrating the method for verifying user authenticity in the access control system 500.

At step 501, the access reader 100 may detect the user 200A is in proximity to the access reader based on the command/mobile command (e.g., the voice command “open the door”) received from the user 200A and/or the electronic communication device 200 associated with the user 200A, when the user 200A is present within the predefined threshold distance from the access reader 100, which relates to step 301 of FIG. 3. At step 502, the access reader 100 may transmit the signal to the electronic communication device 200 in response to detecting that the user 200A is in proximity to the access reader 100, where the signal is indicative of verifying the authenticity of the user 200A, which relates to step 302 of FIG. 3.

At step 503, the electronic communication device 200 may generate the prompt message (e.g., a message displayed on a screen of the electronic communication device 200 “Please enter your registered information for validation”, a voice message “provide a password to open the door”) for the user 200A to confirm whether or not to access the access reader 100 located near the electronic communication device 200, which relates to step 402 of FIG. 4. In response to the prompt message, the electronic communication device 200 receives input (e.g., voice signature) associated with the user's biometric information to access the access reader 100, which relates to step 403 of FIG. 4. At step 504, the electronic communication device 200 then may transmit the input associated with the biometric information of the user 200A to the database (e.g., cloud database 500B) for verifying the authenticity of the user 200A, which relates to step 404 of FIG. 4.

At step 505, the cloud database 500B may determine whether the received biometric information associated with the user 200A matches the stored biometric information associated with the user 200A, which relates to step 305 of FIG. 3. The cloud database 500B may trigger the command to provide access to the user 200A in response to determining that the received biometric information associated with the user 200A matches the stored biometric information (i.e., valid user), which relates to step 307 of FIG. 3. Further, the cloud database 500B may record the access log associated with the verification of authenticity of the user 200A at the cloud database 500B, which relates to step 308 of FIG. 3. Then, the secure wireless communication link establishes between the access reader 100 and the electronic communication device 200, which relates to step 309 of FIG. 3.

At step 506, the electronic communication device 200 may send a message signal to access the access reader 100 to the user 200A. Example of the message signal includes, but not limited to a message displayed on the screen of the electronic communication device 200 “Please enter door identity/door number”, a voice message “provide a door identity”, a voice message “would you like to open door-100A or 100B or 100N?”, etc., which relates to step 403 of FIG. 4. At step 507, the access reader 100 may receive the message signal from the user 200A via the electronic communication device 200. Example of the received message signal includes, but not limited to a message displayed on the screen of the electronic communication device 200 “Please confirm by pressing the OK button”, a voice message “please open the door-100A”, etc., which relates to step 403 of FIG. 4 At step 508, the access reader 100 may trigger the command to provide access to the user 200A based on the verification of the authenticity of the user 200A and the received message. The access reader 100 triggers the command, to building space/door 500A, to provide access to the user 200A based on the verification of the authenticity of the user 200A and the received message, which relates to step 309 of FIG. 3. At step 509, the access reader 100 may record the access log associated with the verification of the authenticity of the user 200A in the cloud database 500B, which relates to step 308 of FIG. 3.

FIG. 6 is another example sequence diagram illustrating the method for verifying user authenticity in the access control system 600.

At steps 601-602, the access reader 100 may detect the user 200A is in proximity to the access reader 100 based on the command/mobile command (e.g., the voice command “open the door”) received from the user 200A and/or the electronic communication device 200 associated with the user 200A when the user 200A is present within the predefined threshold distance from the access reader 100, which relates to step 301 of FIG. 3. The access reader 100 speaks to the user 200A via the electronic communication device 200 (e.g., an application associated with mobile credential access control). At step 603, the electronic communication device 200 may receive the input (e.g., biometric information, the identity of the access reader 100, etc.) from the user 200A (e.g., a voice message/signature “please open the door-100A”), which relates to step 403 of FIG. 4. At steps 604-605, the electronic communication device 200 may send the received input to the access reader 100, which relates to step 404 of FIG. 4. The access reader 100 then verifies the received input by utilizing the cloud database 500B and the cloud database 500B triggers the command to provide access to the user 200A when the received biometric information associated with the user 200A matches the stored biometric information (i.e., valid user), which relates to step 305 of FIG. 3. Then, the access reader 100 may trigger the command, which relates to step 307 of FIG. 3, to building space/door 500A, to provide access to the user 200A based on the verification of the authenticity of the user 200A and the received message and the secure wireless communication link establishes between the access reader 100 and the electronic communication device 200, which relates to step 309 of FIG. 3. At step 606, the access reader 100 may record the access log associated with the verification of the authenticity of the user 200A in the cloud database 500B, which relates to step 308 of FIG. 3.

The various actions, acts, blocks, steps, or the like in the flow/sequence diagrams may be performed in the order presented, in a different order, or simultaneously. Further, in some embodiments, some of the actions, acts, blocks, steps, or the like may be omitted, added, modified, skipped, or the like without departing from the scope of the invention.

FIGS. 7A-7B is an exemplary scenario illustrating the method for verifying user authenticity in the access control system 1000.

Referring to FIG. 7A: at an initial stage, the user 200A of the electronic communication device 200 may pair 701 with the access reader 100 by using various technologies of the electronic communication device 200, where the access reader 100 mounted on door/wall 500A (building space/door). Examples of the various technologies include, but not limited to, first technology as Bluetooth and second technology as WI-FI, etc. Furthermore, the user 200A registers 702 the biometric information with the access reader 100 and/or the cloud database 500B. Examples of biometric information include, but not limited to, first biometric as voice signature, second biometric as fingerprint, etc. Furthermore, the access reader 100 of the door 100A may include various sensors(s) 141 to capture sensor data, and the input device(s) and the output device(s). Examples of the sensors(s) 141 include, but not limited to, the camera 703, the microphone 704, the biometric sensor 705, the audio sensor 706, and the proximity sensor (not shown in FIG. 7A). Examples of the input device(s) include, but not limited to, a keypad 707. Examples of the output device(s) include, but not limited to, a display 708.

Referring to FIG. 7B: The access reader 100 may detect the user 200A is in proximity to the access reader 100 based on the command/mobile command (e.g., the voice command “open the door”) received from the user 200A and/or the electronic communication device 200 associated with the user 200A when the user 200A is present within the predefined threshold distance ({circle around (1)}) from the access reader 100, which relates to step 501 of FIG. 5. The access reader 100 may transmit the signal ({circle around (2)}) to the electronic communication device 200 in response to detecting that the user 200A is in proximity to the access reader 100, where the signal is indicative of verifying the authenticity of the user 200A, which relates to step 502 of FIG. 5.

The electronic communication device 200 may generate a prompt message ({circle around (3)}) (e.g., a message displayed 709 on a screen of the electronic communication device 200 “Please enter your registered information for validation”, a voice message “provide a password to open the door”) for the user 200A to confirm whether or not to access the access reader 100 located near the electronic communication device 200, which relates to step 503 of FIG. 5. In response to the prompt message, the electronic communication device 200 may receive input (e.g., voice signature) associated with the user's biometric information to access the access reader 100, which relates to step 503 of FIG. 5. The electronic communication device 200 then may transmit ({circle around (4)}) the input associated with the biometric information of the user 200A to the database (e.g., cloud database 500B) for verifying ({circle around (5)}) the authenticity of the user 200A, which relates to step 504 of FIG. 5. The cloud database 500B determines whether the received biometric information associated with the user 200A matches the stored biometric information associated with the user 200A, which relates to step 505 of FIG. 5. The cloud database 500B may trigger the command to provide access to the user 200A in response to determining that the received biometric information associated with the user 200A matches the stored biometric information (i.e., valid user), which relates to step 505 of FIG. 5. Further, the cloud database 500B may record the access log associated with the verification of authenticity of the user 200A at the cloud database 500B. Then, the secure wireless communication link may establish between the access reader 100 and the electronic communication device 200.

The electronic communication device 200 may send a message signal ({circle around (6)}) to access the access reader 100 to the user 200A, which relates to step 506 of FIG. 5. Example of the message signal includes, but not limited to a message displayed 710 on the screen of the electronic communication device 200 “Please enter door identity/door number”, a voice message “provide a door identity”, a voice message “would you like to open door-100A or 100B or 100N?”, etc. The access reader 100 may receive the message signal ({circle around (7)}) from the user 200A via the electronic communication device 200. Example of the received message signal includes, but is not limited to, a message displayed on the screen of the electronic communication device 200 “Please confirm by pressing the OK button”, a voice message “please open the door-100A”, etc., which relates to step 507 of FIG. 5. The access reader 100 may trigger the command to provide access to the user 200A based on the verification of the authenticity of the user 200A and the received message, which relates to step 508 of FIG. 5. The access reader 100 then may record ({circle around (5)}) the access log associated with the verification of the authenticity of the user 200A in the cloud database 500B, which relates to step 509 of FIG. 5.

Unlike existing methods and systems, the disclosed method/system uses the electronic communication device 200 (e.g., mobile phones, smartphones, tablets, wearable electronic devices, and so on) and allows the electronic communication device 200 to serve as a user's credentials to gain access to, for example, offices or other business facilities or any organization. As more employers/users promote the Bring Your Own Device (BYOD) trend, the disclosed method/system shall provide a mechanism for adding an extra layer of security to any organization. Further, by using the cloud-based encrypted technology, the disclosed method/system provides secure access to, for example, offices or other business facilities with just a few clicks on the electronic communication device 200 and ensures a higher level of security. Furthermore, the disclosed method/system also detects and prevents tailgating. Furthermore, the disclosed method/system provides a low-cost solution for efficiently managing user credentials identification. Because of its simplicity and ease of use, the disclosed method/system is an undeniably promising alternative to physical cards/expensive biometric readers for verifying the user's authenticity.

Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one ordinary skilled in the art to which this disclosure belongs. The system, methods, and examples provided herein are illustrative only and not intended to be limiting.

While specific language has been used to describe the subject matter, any limitations arising on account thereto, are not intended. As would be apparent to a person in the art, various working modifications may be made to the method to implement the inventive concept as taught herein. The drawings and the forgoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be split into multiple functional elements. Elements from one embodiment may be added to another embodiment.

The embodiments disclosed herein can be implemented using at least one hardware device and performing network management functions to control the elements.

The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modification within the scope of the embodiments as described herein.

METHOD AND SYSTEM FOR VERIFYING USER AUTHENTICITY IN AN ACCESS CONTROL SYSTEM

Information

Publication Number

Date Filed

Date Published

Inventors

Original Assignees

CPC

International Classifications

Abstract

Description

Claims

CROSS REFERENCE TO RELATED APPLICATION

Provisional Applications (1)