Patent Application
20230334924
The present disclosure generally relates to electronic lock, and more particularly to multi-factor authentication electronic locks, multi-factor authentication electronic lock systems and methods of using the secure electronic lock systems.
Many electronic door locks are powered by batteries, and the battery life for these electronic locks is not very long. Currently, on the market, most electronic door locks are fingerprint electronic locks, finger vein electronic locks, facial recognition electronic locks, and keypad electronic locks. These electronic locks use only one type of authentication methods and they are easy to defeat. For example, fingerprint can be copied, and user can be forced to use his fingerprint or finger vein under gun point. A user’s face can be forged using a facemask, and passcode can be stolen using video cameras nearby. Therefore, a new electronic lock having low power consumption and enhanced security is desirable.
Therefore, heretofore unaddressed needs still exist in the art to address the aforementioned deficiencies and inadequacies.
In one aspect, present disclosure relates to a multi-factor authentication electronic lock. In certain embodiments, the multi-factor authentication electronic lock includes: a user presence detection system, a biometrics authentication system, and a multi-factor authentication electronic lock controller.
In certain embodiment, the multi-factor authentication electronic lock controller includes a battery. The multi-factor authentication electronic lock controller is used to register a group of authorized users, to store user profiles of the group of authorized users registered, and to manage the operation of the multi-factor authentication electronic lock.
In certain embodiment, the user presence detection system is powered by the battery constantly and the user presence detection system detects presence of a user using one of a set of user presence detection devices of the user presence detection system, and preliminarily authenticates the user detected to be one of the group of authorized user registered using one of a set of preliminary user authentication devices of the user presence detection system.
In certain embodiments, the biometrics authentication system further authenticates the authorized user detected using one of a set of biometrics authentication devices, and the biometrics authentication system is powered on after the authorized user has been detected by the user presence detection device and preliminarily authenticated to be one of the group of authorized users registered.
When the user approaches the multi-factor authentication electronic lock, the user presence detection system detects whether the user is one of the group of authorized users registered, once the user is determined to be one of the group of authorized users registered, the biometrics authentication system and the rest of the multi-factor authentication electronic lock are powered on, and the biometrics authentication system further authenticates the authorized user detected, and the multi-factor authentication electronic lock is operable only when the authorized user detected is authenticated again by the biometrics authentication system.
In certain embodiments, the user presence detection system includes: a set of user presence detection devices, and a set of preliminary user authentication devices. The set of user presence detection devices includes: a passive infrared (PIR) motion sensor; a radio frequency doppler (RFD) motion sensor; and a video camera having object detection ability. These user presence detection devices detect that the user is approaching and within a predetermined distance of the multi-factor authentication electronic lock. The set of preliminary user authentication devices includes: a keypad to enter user identification number (UID), and a Bluetooth user authentication module in communication with a handheld mobile communication device of the user detected. These preliminary user authentication devices determine whether the authorized user detected by the user presence detection device is one of the group of authorized users registered, and once the user is determined to be one of the group of authorized users registered, the biometrics authentication system is powered on and further authenticates the authorized user detected.
In certain embodiments, the biometrics authentication system includes one or more of: a fingerprint authentication sensor, a finger vein authentication sensor, a facial recognition authentication sensor, and a keypad. The fingerprint authentication sensor authenticates the authorized user detected using fingerprint data stored in an authorized user profile storage module. The finger vein authentication sensor authenticates the authorized user detected using finger vein data stored in the authorized user profile storage module. The facial recognition authentication sensor authenticates the authorized user detected using facial recognition data stored in the authorized user profile storage module. The keypad is used for the user to enter his/her personal identification number (PIN). The keypad authenticates the authorized user detected using his/her PIN corresponding to his/her UID data stored in the authorized user profile storage module. Once the user detected is determined to be one of the group of authorized users registered, the biometrics authentication system is powered on and further authenticates the authorized user detected, and the multi-factor authentication electronic lock is operable only when the authorized user detected passes authentication again by the biometrics authentication system.
In certain embodiments, user profile of each of the group of authorized users registered stored in the authorized user profile storage module includes at least: a user’s name, a user’s contact phone number, a user’s email address, a user’s handheld mobile communication device MAC address used to authenticate the user detected through the Bluetooth user authentication module, a user’s UID used to identify whether the user is one of the group of authorized users registered, a user’s PIN used to authenticate the authorized user detected as the authorized user having corresponding UID, a user’s fingerprint authentication data used by the fingerprint authentication sensor to authenticate the authorized user detected as one of the group of authorized users registered, a user’s finger vein authentication data used by the finger vein authentication sensor to authenticate the authorized user detected as one of the group of authorized users registered, a user’s facial recognition authentication data used by the facial recognition authentication sensor to authenticate the authorized user detected as one of the group of authorized users registered, and any combinations of the user profile information.
In certain embodiments, the facial recognition authentication sensor further includes: a speaker, and a multi-colored light emit diode (LED). The speaker is used to prompt the user to move the user’s face to certain location such that the facial recognition authentication sensor can acquire one or more images of the user’s face in a predetermined range for facial recognition. The LED lights in green indicating that user’s face is within the predetermined range for facial recognition; and in red indicating that user’s face is not within the predetermined range for facial recognition.
In certain embodiments, the facial recognition authentication sensor further includes a display screen. The display screen is used to assist the user to move the user’s face to certain location such that the facial recognition authentication sensor can acquire one or more images of the user’s face in the predetermined range for facial recognition.
In certain embodiments, the multi-factor authentication electronic lock controller includes: a processor, and a non-volatile memory storing an operating system and computer executable instructions. The computer executable instructions include: a user detection module, a communication module, a user authentication module, an electrical power module, an authorized user profile storage module, and an electronic lock control module.
In certain embodiments, when executed at the processor, the computer executable instructions cause the processor to perform one or more of operations:
In certain embodiments, the facial recognition authentication sensor is able to determine whether more than one users are approaching the multi-factor authentication electronic lock. When the multi-factor authentication electronic lock is set up to accept only one user to operate the multi-factor authentication electronic lock, the multi-factor authentication electronic lock can be shut down when the facial recognition authentication sensor determines more than one users are approaching the multi-factor authentication electronic lock.
In certain embodiments, the computer executable instructions of the multi-factor authentication electronic lock controller include: the user detection module, the communication module, the user authentication module, the electrical power module, the authorized user profile storage module, and the electronic lock control module.
In certain embodiments, the user detection module is connected to the user presence detection system and determines whether a user detected in front of the multi-factor authentication electronic lock is one of the group of authorized users registered. The communication module includes at least a Bluetooth module and the Bluetooth module is in communication with the handheld mobile communication device of the authorized user detected to authenticate the authorized user detected. The user authentication module is in communication with the biometrics authentication system to authenticate the authorized user detected using the communication module when the authorized user detected carries the handheld mobile communication device, and to authenticate the authorized user detected using the keypad and the PIN of the authorized user detected when the authorized user detected does not carry the handheld mobile communication device.
In certain embodiments, the electrical power module provides electrical power from the battery to the user presence detection system constantly, and provides electrical power to the rest of the multi-factor authentication electronic lock when the user presence detection system determines the user detected in front of the multi-factor authentication electronic lock is one of the group of authorized users registered. The authorized user profile storage module stores user profiles of the group of authorized users registered, and the user profiles of the group of authorized users registered were entered into the authorized user profile storage module during a registration process. The electronic lock control module controls locking and unlocking of the multi-factor authentication electronic lock only when the detected user is first authenticated by the user presence detection system and authenticated again by the biometrics authentication system to be one of the group of authorized users registered.
In another aspect, the present disclosure relates to a multi-factor authentication electronic lock system. In certain embodiments, the multi-factor authentication electronic lock system includes: a multi-factor authentication electronic lock system server, a communication network, and a group of multi-factor authentication electronic locks. The multi-factor authentication electronic lock system server includes a user profile database. Each of the group of multi-factor authentication electronic locks includes: a user presence detection system, a biometrics authentication system, and a multi-factor authentication electronic lock controller.
In certain embodiment, the multi-factor authentication electronic lock controller includes a battery. The multi-factor authentication electronic lock controller is used to register a group of authorized users, to store user profiles of the group of authorized users registered, and to manage the operation of the multi-factor authentication electronic lock.
In certain embodiment, the user presence detection system is powered by the battery constantly and the user presence detection system detects presence of a user using one of a set of user presence detection devices of the user presence detection system, and preliminarily authenticates the user detected to be one of the group of authorized user registered using one of a set of preliminary user authentication devices of the user presence detection system.
In certain embodiments, the biometrics authentication system further authenticates the authorized user detected using one of a set of biometrics authentication devices, and the biometrics authentication system is powered on after the authorized user has been detected by the user presence detection device and preliminarily authenticated to be one of the group of authorized users registered.
When the user approaches the multi-factor authentication electronic lock, the user presence detection system detects whether the user is one of the group of authorized users registered, once the user is determined to be one of the group of authorized users registered, the biometrics authentication system and the rest of the multi-factor authentication electronic lock are powered on, and the biometrics authentication system further authenticates the authorized user detected, and the multi-factor authentication electronic lock is operable only when the authorized user detected is authenticated again by the biometrics authentication system.
In certain embodiments, the user presence detection system includes: a set of user presence detection devices, and a set of preliminary user authentication devices. The set of user presence detection devices includes: a passive infrared (PIR) motion sensor; a radio frequency doppler (RFD) motion sensor; and a video camera having object detection ability. These user presence detection devices detect that the user is approaching and within a predetermined distance of the multi-factor authentication electronic lock. The set of preliminary user authentication devices includes: a keypad to enter user identification number (UID), and a Bluetooth user authentication module in communication with a handheld mobile communication device of the user detected. These preliminary user authentication devices determine whether the authorized user detected by the user presence detection device is one of the group of authorized users registered, and once the user is determined to be one of the group of authorized users registered, the biometrics authentication system is powered on and further authenticates the authorized user detected.
In certain embodiments, the biometrics authentication system includes one or more of: a fingerprint authentication sensor, a finger vein authentication sensor, a facial recognition authentication sensor, and a keypad. The fingerprint authentication sensor authenticates the authorized user detected using fingerprint data stored in an authorized user profile storage module. The finger vein authentication sensor authenticates the authorized user detected using finger vein data stored in the authorized user profile storage module. The facial recognition authentication sensor authenticates the authorized user detected using facial recognition data stored in the authorized user profile storage module. The keypad is used for the user to enter his/her personal identification number (PIN). The keypad authenticates the authorized user detected using his/her PIN corresponding to his/her UID data stored in the authorized user profile storage module. Once the user detected is determined to be one of the group of authorized users registered, the biometrics authentication system is powered on and further authenticates the authorized user detected, and the multi-factor authentication electronic lock is operable only when the authorized user detected passes authentication again by the biometrics authentication system.
In certain embodiments, user profile of each of the group of authorized users registered stored in the authorized user profile storage module includes at least: a user’s name, a user’s contact phone number, a user’s email address, a user’s handheld mobile communication device MAC address used to authenticate the user detected through the Bluetooth user authentication module, a user’s UID used to identify whether the user is one of the group of authorized users registered, a user’s PIN used to authenticate the authorized user detected as the authorized user having corresponding UID, a user’s fingerprint authentication data used by the fingerprint authentication sensor to authenticate the authorized user detected as one of the group of authorized users registered, a user’s finger vein authentication data used by the finger vein authentication sensor to authenticate the authorized user detected as one of the group of authorized users registered, a user’s facial recognition authentication data used by the facial recognition authentication sensor to authenticate the authorized user detected as one of the group of authorized users registered, and any combinations of the user profile information.
In certain embodiments, the facial recognition authentication sensor further includes: a speaker, and a multi-colored light emit diode (LED). The speaker is used to prompt the user to move the user’s face to certain location such that the facial recognition authentication sensor can acquire one or more images of the user’s face in a predetermined range for facial recognition. The LED lights in green indicating that user’s face is within the predetermined range for facial recognition; and in red indicating that user’s face is not within the predetermined range for facial recognition.
In certain embodiments, the facial recognition authentication sensor further includes a display screen. The display screen is used to assist the user to move the user’s face to certain location such that the facial recognition authentication sensor can acquire one or more images of the user’s face in the predetermined range for facial recognition.
In certain embodiments, the multi-factor authentication electronic lock controller includes: a processor, and a non-volatile memory storing an operating system and computer executable instructions. The computer executable instructions include: a user detection module, a communication module, a user authentication module, an electrical power module, an authorized user profile storage module, and an electronic lock control module.
In certain embodiments, when executed at the processor, the computer executable instructions cause the processor to perform one or more of operations:
operating, by the electronic lock control module, the multi-factor authentication electronic lock only when the authorized user detected is determined by the biometrics authentication system again to be one of the group of authorized users registered.
In certain embodiments, the facial recognition authentication sensor is able to determine whether more than one users are approaching the multi-factor authentication electronic lock. When the multi-factor authentication electronic lock is set up to accept only one user to operate the multi-factor authentication electronic lock, the multi-factor authentication electronic lock can be shut down when the facial recognition authentication sensor determines more than one users are approaching the multi-factor authentication electronic lock.
In certain embodiments, the computer executable instructions of the multi-factor authentication electronic lock controller include: the user detection module, the communication module, the user authentication module, the electrical power module, the authorized user profile storage module, and the electronic lock control module.
In certain embodiments, the user detection module is connected to the user presence detection system and determines whether a user detected in front of the multi-factor authentication electronic lock is one of the group of authorized users registered. The communication module includes at least a Bluetooth module and the Bluetooth module is in communication with the handheld mobile communication device of the authorized user detected to authenticate the authorized user detected, and a wireless communication module to communicate with the multi-factor authentication electronic lock system server. The user authentication module is in communication with the biometrics authentication system to authenticate the authorized user detected using the communication module when the authorized user detected carries the handheld mobile communication device, and to authenticate the authorized user detected using the keypad and the PIN of the authorized user detected when the authorized user detected does not carry the handheld mobile communication device.
In certain embodiments, the electrical power module provides electrical power from the battery to the user presence detection system constantly, and provides electrical power to the rest of the multi-factor authentication electronic lock when the user presence detection system determines the user detected in front of the multi-factor authentication electronic lock is one of the group of authorized users registered. The authorized user profile storage module stores user profiles of the group of authorized users registered, and the user profiles of the group of authorized users registered were entered into the authorized user profile storage module during a registration process. The electronic lock control module controls locking and unlocking of the multi-factor authentication electronic lock only when the detected user is first authenticated by the user presence detection system and authenticated again by the biometrics authentication system to be one of the group of authorized users registered.
In yet another aspect, the present disclosure relates to a method of using a multi-factor authentication electronic lock system. In certain embodiments, the method of using a multi-factor authentication electronic lock system includes:
In certain embodiments, the user presence detection system includes: a set of user presence detection devices, and a set of preliminary user authentication devices. The set of user presence detection devices includes: a passive infrared (PIR) motion sensor; a radio frequency doppler (RFD) motion sensor; and a video camera having object detection ability. These user presence detection devices detect that the user is approaching and within a predetermined distance of the multi-factor authentication electronic lock. The set of preliminary user authentication devices includes: a keypad to enter user identification number (UID), and a Bluetooth user authentication module in communication with a handheld mobile communication device of the authorized user detected. These preliminary user authentication devices determine whether the authorized user detected by the user presence detection device is one of the group of authorized users registered, and once the user is determined to be one of the group of authorized users registered, the biometrics authentication system is powered on and further authenticates the authorized user detected.
In certain embodiments, the biometrics authentication system includes one or more of: a fingerprint authentication sensor, a finger vein authentication sensor, a facial recognition authentication sensor, and a keypad. The fingerprint authentication sensor authenticates the authorized user detected using fingerprint data stored in an authorized user profile storage module. The finger vein authentication sensor authenticates the authorized user detected using finger vein data stored in the authorized user profile storage module. The facial recognition authentication sensor authenticates the authorized user detected using facial recognition data stored in the authorized user profile storage module. The keypad is used for the user to enter his/her personal identification number (PIN). The keypad authenticates the authorized user detected using his/her PIN corresponding to his/her UID data stored in the authorized user profile storage module. Once the user detected is determined to be one of the group of authorized users registered, the biometrics authentication system is powered on and further authenticates the authorized user detected, and the multi-factor authentication electronic lock is operable only when the authorized user detected passes authentication again by the biometrics authentication system.
These and other aspects of the present disclosure will become apparent from the following description of the preferred embodiment taken in conjunction with the following drawings, although variations and modifications therein may be effected without departing from the spirit and scope of the novel concepts of the disclosure.
The accompanying drawings illustrate one or more embodiments of the present disclosure, and features and benefits thereof, and together with the written description, serve to explain the principles of the present invention. Wherever possible, the same reference numbers are used throughout the drawings to refer to the same or like elements of an embodiment, and wherein:
The present disclosure is more particularly described in the following examples that are intended as illustrative only since numerous modifications and variations therein will be apparent to those skilled in the art. Various embodiments of the disclosure are now described in detail. Referring to the drawings, like numbers, if any, indicate like components throughout the views. As used in the description herein and throughout the claims that follow, the meaning of “a”, “an”, and “the” includes plural reference unless the context clearly dictates otherwise. Also, as used in the description herein and throughout the claims that follow, the meaning of “in” includes “in” and “on” unless the context clearly dictates otherwise. Moreover, titles or subtitles may be used in the specification for the convenience of a reader, which shall have no influence on the scope of the present disclosure. Additionally, some terms used in this specification are more specifically defined below.
The terms used in this specification generally have their ordinary meanings in the art, within the context of the disclosure, and in the specific context where each term is used. Certain terms that are used to describe the disclosure are discussed below, or elsewhere in the specification, to provide additional guidance to the practitioner regarding the description of the disclosure. For convenience, certain terms may be highlighted, for example using italics and/or quotation marks. The use of highlighting has no influence on the scope and meaning of a term; the scope and meaning of a term is the same, in the same context, whether or not it is highlighted. It will be appreciated that same thing can be said in more than one way. Consequently, alternative language and synonyms may be used for any one or more of the terms discussed herein, nor is any special significance to be placed upon whether or not a term is elaborated or discussed herein. Synonyms for certain terms are provided. A recital of one or more synonyms does not exclude the use of other synonyms. The use of examples anywhere in this specification including examples of any terms discussed herein is illustrative only, and in no way limits the scope and meaning of the disclosure or of any exemplified term. Likewise, the disclosure is not limited to various embodiments given in this specification.
Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure pertains. In the case of conflict, the present document, including definitions will control.
As used herein, “around”, “about” or “approximately” shall generally mean within 20 percent, preferably within 10 percent, and more preferably within 5 percent of a given value or range. Numerical quantities given herein are approximate, meaning that the term “around”, “about” or “approximately” can be inferred if not expressly stated.
As used herein, “plurality” means two or more.
As used herein, the terms “comprising,” “including,” “carrying,” “having,” “containing,” “involving,” and the like are to be understood to be open-ended, i.e., to mean including but not limited to.
As used herein, the term digital key is defined as a digital code stored in the physical electronic key to electronically operate the electronic lock. The active electronic key may store an active digital key, and the passive electronic key may store a passive digital key. In order to increase security of the electronic lock, these digital keys may be encrypted during the transmission of the digital keys between the electronic keys and the electronic lock. As used herein, the phrase at least one of A, B, and C should be construed to mean a logical (A or B or C), using a non-exclusive logical OR. It should be understood that one or more steps within a method may be executed in different order (or conventionally) without altering the principles of the present disclosure. As used herein, the term module may refer to, be part of, or include an Application Specific Integrated Circuit (ASIC); an electronic circuit; a combinational logic circuit; a field programmable gate array (FPGA); an electronic key processor (shared, dedicated, or group) that executes code; other suitable hardware components that provide the described functionality; or a combination of some or all of the above, such as in a system-on-chip. The term module may include memory (shared, dedicated, or group) that stores code executed by the electronic key processor.
The term code, as used above, may include software, firmware, and/or microcode, and may refer to programs, routines, functions, classes, and/or objects. The term shared, as used above, means that some or all code from multiple modules may be executed using a single (shared) electronic key processor. In addition, some or all code from multiple modules may be stored by a single (shared) memory. The term group, as used above, means that some or all code from a single module may be executed using a group of electronic key processors. In addition, some or all code from a single module may be stored using a group of memories.
The apparatuses and methods described herein may be implemented by one or more computer programs executed by one or more electronic key processors. The computer programs include electronic key processor-executable instructions that are stored on a non-transitory tangible computer readable medium. The computer programs may also include stored data. Non-limiting examples of the non-transitory tangible computer readable medium are nonvolatile memory, magnetic storage, and optical storage.
The present disclosure will now be described more fully hereinafter with reference to the accompanying drawings, in which embodiments of the disclosure are shown. This disclosure may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art. Like numbers refer to like elements throughout.
In one aspect, as shown in
In certain embodiment, the multi-factor authentication electronic lock controller 130 includes a battery 136. The multi-factor authentication electronic lock controller 130 is used to register a group of authorized users, to store user profiles of the group of authorized users registered, and to manage the operation of the multi-factor authentication electronic lock 100.
In certain embodiment, the user presence detection system 110 detects presence of a user using one of a set of user presence detection devices 112 of the user presence detection system 110, and preliminarily authenticates the user detected to be one of the group of authorized user registered using one of a set of preliminary user authentication devices 114 of the user presence detection system 110. In certain embodiments, the biometrics authentication system 120 further authenticates the authorized user detected using one of a set of biometrics authentication devices 120, and the biometrics authentication system 120 is powered on after the authorized user has been detected by the user presence detection device 112 and preliminarily authenticated to be one of the group of authorized users registered.
The user presence detection system 110 is powered by the battery 136 constantly, and the rest of the multi-factor authentication electronic lock 100 including the biometrics authentication system 120 and the multi-factor authentication electronic lock controller 130 are only powered up between the time when the user presence detection system 110 preliminarily determines that a user detected by the user presence detection system 110 is one of the group of authorized user registered, and the completion of operation of the multi-factor authentication electronic lock 100. Once the operation of the multi-factor authentication electronic lock 100 is completed, the rest of the multi-factor authentication electronic lock 100 including the biometrics authentication system 120 and the multi-factor authentication electronic lock controller 130 are powered off to save the electrical power and prolong the life of the battery 136.
In certain embodiments, when the user approaches the multi-factor authentication electronic lock 100, the user presence detection system 110 detects whether the user is one of the group of authorized users registered, once the user is determined to be one of the group of authorized users registered, the biometrics authentication system 120 and the rest of the multi-factor authentication electronic lock 100 are powered on, and the biometrics authentication system 120 further authenticates the authorized user detected. The multi-factor authentication electronic lock 100 is operable only when the authorized user detected is authenticated again by the biometrics authentication system 120.
In certain embodiments, as shown in
In certain embodiments, when the user does not carry the handheld mobile communication device 201 having the Bluetooth module, the user may use the keypad 124 to enter his/her UID to pass the preliminary authentication using the user presence detection system 110. Once the user is determined to be one of the group of authorized users registered, the biometrics authentication system 120 is powered on and further authenticates the authorized user detected.
In certain embodiments, the biometrics authentication system 120 includes one or more of: a fingerprint authentication sensor 121 as shown in
In certain embodiments, when the user does not carry the handheld mobile communication device 201 having the Bluetooth module, the keypad 124 may be used for the user to enter his/her PIN for the second authentication using the biometrics authentication system 120. The keypad 124 authenticates the authorized user detected using his/her PIN corresponding to his/her UID data stored in the authorized user profile storage module 13445.
In certain embodiments, once the user detected is determined to be one of the group of authorized users registered, the biometrics authentication system 120 is powered on and further authenticates the authorized user detected. The multi-factor authentication electronic lock 100 is operable only when the authorized user detected passes authentication again by the biometrics authentication system 120. This second authentication enhance the security of the multi-factor authentication electronic lock 100.
In certain embodiments, user profile of each of the group of authorized users registered stored in the authorized user profile storage module 13445 includes at least: a user’s name, a user’s contact phone number, a user’s email address, a user’s handheld mobile communication device MAC address used to authenticate the user detected through the Bluetooth user authentication module 1142, a user’s UID used to identify whether the user is one of the group of authorized users registered, a user’s PIN used to authenticate the authorized user detected as the authorized user having corresponding UID, a user’s fingerprint authentication data used by the fingerprint authentication sensor 121 to authenticate the authorized user detected as one of the group of authorized users registered, a user’s finger vein authentication data used by the finger vein authentication sensor 122 to authenticate the authorized user detected as one of the group of authorized users registered, a user’s facial recognition authentication data used by the facial recognition authentication sensor 123 to authenticate the authorized user detected as one of the group of authorized users registered, and any combinations of the user profile information. The user profile of each of the group of authorized users registered stored in the authorized user profile storage module 13445 is entered during a registration process.
In certain embodiments, the facial recognition authentication sensor 123 further includes: a speaker 1233, and a multi-colored light emit diode (LED) 1232, as shown in
In certain embodiments, as shown in
In certain embodiments, as shown in
In certain embodiments, when executed at the processor 132, the computer executable instructions 1344 cause the processor 132 to perform one or more of operations:
In certain embodiments, in order to enhance the security of the multi-factor authentication electronic lock 100, especially in a situation when the user is forced by another person to open the multi-factor authentication electronic lock 100, the facial recognition authentication sensor 123 is able to determine whether more than one users are approaching the multi-factor authentication electronic lock 100. When the multi-factor authentication electronic lock 100 is set up to accept only one user to operate the multi-factor authentication electronic lock 100, the multi-factor authentication electronic lock 100 can be shut down when the facial recognition authentication sensor 123 determines more than one users are approaching the multi-factor authentication electronic lock 100.
In certain embodiments, the computer executable instructions 1344 of the multi-factor authentication electronic lock controller 130 include: the user detection module 13441, the communication module 13442, the user authentication module 13443, the electrical power module 13444, the authorized user profile storage module 13445, and the electronic lock control module 13446.
In certain embodiments, the user detection module 13441 is connected to the user presence detection system 110 and determines whether a user detected in front of the multi-factor authentication electronic lock 100 is one of the group of authorized users registered. The communication module 13442 includes at least a Bluetooth module and the Bluetooth module is in communication with the handheld mobile communication device 201 of the authorized user detected to authenticate the authorized user detected, and a wireless communication module 1143 to communicate with the multi-factor authentication electronic lock system server 12. The user authentication module 13443 is in communication with the biometrics authentication system 120 to authenticate the authorized user detected using the communication module 13442 when the authorized user detected carries the handheld mobile communication device 201, and to authenticate the authorized user detected using the keypad 124 and the PIN of the authorized user detected when the authorized user detected does not carry the handheld mobile communication device 201.
In certain embodiments, the electrical power module 13444 provides electrical power from the battery 136 to the user presence detection system 110 constantly, and provides electrical power to the rest of the multi-factor authentication electronic lock 100 when the user presence detection system 110 determines the user detected in front of the multi-factor authentication electronic lock 100 is one of the group of authorized users registered. The authorized user profile storage module 13445 stores user profiles of the group of authorized users registered, and the user profiles of the group of authorized users registered were entered into the authorized user profile storage module 13445 during a registration process. The electronic lock control module 13446 controls locking and unlocking of the multi-factor authentication electronic lock 100 only when the detected user is first authenticated by the user presence detection system 110 and authenticated again by the biometrics authentication system 120 to be one of the group of authorized users registered.
In another aspect, as shown in
In certain embodiment, as shown in
In certain embodiment, the user presence detection system 110 detects presence of a user using one of a set of user presence detection devices 112 of the user presence detection system 110, and preliminarily authenticates the user detected to be one of the group of authorized user registered using one of a set of preliminary user authentication devices 114 of the user presence detection system 110. In certain embodiments, the biometrics authentication system 120 further authenticates the authorized user detected using one of a set of biometrics authentication devices 120, and the biometrics authentication system 120 is powered on after the authorized user has been detected by the user presence detection device 112 and preliminarily authenticated to be one of the group of authorized users registered.
The user presence detection system 110 is powered by the battery 136 constantly, and the rest of the multi-factor authentication electronic lock 100 including the biometrics authentication system 120 and the multi-factor authentication electronic lock controller 130 are only powered up between the time when the user presence detection system 110 preliminarily determines that a user detected by the user presence detection system 110 is one of the group of authorized user registered, and the completion of operation of the multi-factor authentication electronic lock 100. Once the operation of the multi-factor authentication electronic lock 100 is completed, the rest of the multi-factor authentication electronic lock 100 including the biometrics authentication system 120 and the multi-factor authentication electronic lock controller 130 are powered off to save the electrical power and prolong the life of the battery 136.
In certain embodiments, when the user approaches the multi-factor authentication electronic lock 100, the user presence detection system 110 detects whether the user is one of the group of authorized users registered, once the user is determined to be one of the group of authorized users registered, the biometrics authentication system 120 and the rest of the multi-factor authentication electronic lock 100 are powered on, and the biometrics authentication system 120 further authenticates the authorized user detected. The multi-factor authentication electronic lock 100 is operable only when the authorized user detected is authenticated again by the biometrics authentication system 120.
In certain embodiments, as shown in
In certain embodiments, when the user does not carry the handheld mobile communication device 201 having the Bluetooth module, the user may use the keypad 124 to enter his/her UID to pass the preliminary authentication using the user presence detection system 110. Once the user is determined to be one of the group of authorized users registered, the biometrics authentication system 120 is powered on and further authenticates the authorized user detected.
In certain embodiments, the biometrics authentication system 120 includes one or more of: a fingerprint authentication sensor 121 as shown in
In certain embodiments, when the user does not carry the handheld mobile communication device 201 having the Bluetooth module, the keypad 124 may be used for the user to enter his/her PIN for the second authentication using the biometrics authentication system 120. The keypad 124 authenticates the authorized user detected using his/her PIN corresponding to his/her UID data stored in the authorized user profile storage module 13445.
In certain embodiments, once the user detected is determined to be one of the group of authorized users registered, the biometrics authentication system 120 is powered on and further authenticates the authorized user detected. The multi-factor authentication electronic lock 100 is operable only when the authorized user detected passes authentication again by the biometrics authentication system 120. This second authentication enhance the security of the multi-factor authentication electronic lock 100.
In certain embodiments, user profile of each of the group of authorized users registered stored in the authorized user profile storage module 13445 includes at least: a user’s name, a user’s contact phone number, a user’s email address, a user’s handheld mobile communication device MAC address used to authenticate the user detected through the Bluetooth user authentication module 1142, a user’s UID used to identify whether the user is one of the group of authorized users registered, a user’s PIN used to authenticate the authorized user detected as the authorized user having corresponding UID, a user’s fingerprint authentication data used by the fingerprint authentication sensor 121 to authenticate the authorized user detected as one of the group of authorized users registered, a user’s finger vein authentication data used by the finger vein authentication sensor 122 to authenticate the authorized user detected as one of the group of authorized users registered, a user’s facial recognition authentication data used by the facial recognition authentication sensor 123 to authenticate the authorized user detected as one of the group of authorized users registered, and any combinations of the user profile information. The user profile of each of the group of authorized users registered stored in the authorized user profile storage module 13445 is entered during a registration process. Each of the group of multi-factor authentication electronic locks 100 has a user profile, and these user profiles of the group of multi-factor authentication electronic locks 100 are stored in the authorized user profile storage module 13445 of corresponding multi-factor authentication electronic lock 100, and also stored in a user profile database 1201 connected to the multi-factor authentication electronic lock system server 12.
In certain embodiments, the facial recognition authentication sensor 123 further includes: a speaker 1233, and a multi-colored light emit diode (LED) 1232, as shown in
In certain embodiments, as shown in
In certain embodiments, as shown in
In certain embodiments, when executed at the processor 132, the computer executable instructions 1344 cause the processor 132 to perform one or more of operations:
In certain embodiments, in order to enhance the security of the multi-factor authentication electronic lock 100, especially in a situation when the user is forced by another person to open the multi-factor authentication electronic lock 100, the facial recognition authentication sensor 123 is able to determine whether more than one users are approaching the multi-factor authentication electronic lock 100. When the multi-factor authentication electronic lock 100 is set up to accept only one user to operate the multi-factor authentication electronic lock 100, the multi-factor authentication electronic lock 100 can be shut down when the facial recognition authentication sensor 123 determines more than one users are approaching the multi-factor authentication electronic lock 100.
In certain embodiments, the computer executable instructions 1344 of the multi-factor authentication electronic lock controller 130 include: the user detection module 13441, the communication module 13442, the user authentication module 13443, the electrical power module 13444, the authorized user profile storage module 13445, and the electronic lock control module 13446.
In certain embodiments, the user detection module 13441 is connected to the user presence detection system 110 and determines whether a user detected in front of the multi-factor authentication electronic lock 100 is one of the group of authorized users registered. The communication module 13442 includes at least a Bluetooth module and the Bluetooth module is in communication with the handheld mobile communication device 201 of the authorized user detected to authenticate the authorized user detected, and a wireless communication module 1143 to communicate with the multi-factor authentication electronic lock system server 12. The user authentication module 13443 is in communication with the biometrics authentication system 120 to authenticate the authorized user detected using the communication module 13442 when the authorized user detected carries the handheld mobile communication device 201, and to authenticate the authorized user detected using the keypad 124 and the PIN of the authorized user detected when the authorized user detected does not carry the handheld mobile communication device 201.
In certain embodiments, the electrical power module 13444 provides electrical power from the battery 136 to the user presence detection system 110 constantly, and provides electrical power to the rest of the multi-factor authentication electronic lock 100 when the user presence detection system 110 determines the user detected in front of the multi-factor authentication electronic lock 100 is one of the group of authorized users registered. The authorized user profile storage module 13445 stores user profiles of the group of authorized users registered, and the user profiles of the group of authorized users registered were entered into the authorized user profile storage module 13445 during a registration process. The electronic lock control module 13446 controls locking and unlocking of the multi-factor authentication electronic lock 100 only when the detected user is first authenticated by the user presence detection system 110 and authenticated again by the biometrics authentication system 120 to be one of the group of authorized users registered.
In yet another aspect, the present disclosure relates to a method of using a multi-factor authentication electronic lock system 10. In certain embodiments, the method of using a multi-factor authentication electronic lock system 10 includes:
In certain embodiments, the user presence detection system 110 includes: a set of user presence detection devices 112, and a set of preliminary user authentication devices 114. The set of user presence detection devices 112 includes: a passive infrared (PIR) motion sensor 1121; a radio frequency doppler (RFD) motion sensor 1122; and a video camera having object detection ability 1123. These user presence detection devices 112 detect that the user is approaching and within a predetermined distance of the multi-factor authentication electronic lock 100. The set of preliminary user authentication devices 114 includes: a keypad 1141 to enter user identification number (UID), and a Bluetooth user authentication module 1142 in communication with a handheld mobile communication device 201 of the user detected. These preliminary user authentication devices 114 determine whether the authorized user detected by the user presence detection device 112 is one of the group of authorized users registered, and once the user is determined to be one of the group of authorized users registered, the biometrics authentication system 120 is powered on and further authenticates the authorized user detected.
In certain embodiments, the biometrics authentication system 120 includes one or more of: a fingerprint authentication sensor 121, a finger vein authentication sensor 122, a facial recognition authentication sensor 123, and a keypad 124. The fingerprint authentication sensor 121 authenticates the authorized user detected using fingerprint data stored in an authorized user profile storage module 13445. The finger vein authentication sensor 122 authenticates the authorized user detected using finger vein data stored in the authorized user profile storage module 13445. The facial recognition authentication sensor 123 authenticates the authorized user detected using facial recognition data stored in the authorized user profile storage module 13445. The keypad 124 is used for the user to enter his/her personal identification number (PIN). The keypad 124 authenticates the authorized user detected using his/her PIN corresponding to his/her UID data stored in the authorized user profile storage module 13445. Once the user detected is determined to be one of the group of authorized users registered, the biometrics authentication system 120 is powered on and further authenticates the authorized user detected, and the multi-factor authentication electronic lock 100 is operable only when the authorized user detected passes authentication again by the biometrics authentication system 120.
Referring now to
At block 902, a multi-factor authentication electronic lock system 10 is installed by a system administrator, and using a handheld mobile communication device having at least Bluetooth capability to register a group of authorized users for each of the group of multi-factor authentication electronic locks 100 and to enter user profiles of the group of authorized users registered for each of the group of multi-factor authentication electronic locks 100. The multi-factor authentication electronic lock system 10 includes a multi-factor authentication electronic lock system server 12 having a user profile database 1201, a communication network 14, and a group of multi-factor authentication electronic locks 100.
At block 904, for each of the group of multi-factor authentication electronic locks 100, providing, by a battery 136 of the multi-factor authentication electronic lock 100, to a user presence detection system 110 to detect any human objects approaching the multi-factor authentication electronic lock 100.
At block 906, any human objects approaching the multi-factor authentication electronic lock 100 will be detected by one of a set of user presence detection devices 112 of the user presence detection system 110, and once a user is detected in the predetermined range of the multi-factor authentication electronic lock 100, the user detected is authenticated by one of a set of preliminary user detection devices 114 of the user presence detection system 110 to determine whether the user detected is one of the group of authorized users registered.
At query block 908, the preliminary user detection devices 114 of the user presence detection system 110 determines whether the user detected is one of the group of authorized users registered. When the preliminary user detection devices 114 of the user presence detection system 110 determines that the user detected is one of the group of authorized users registered, method proceeds to block 910. When the preliminary user detection devices 114 of the user presence detection system 110 determines that the user detected is not one of the group of authorized users registered, method proceeds to block 906.
At block 910, when the preliminary user detection devices 114 of the user presence detection system 110 determines that the user detected is one of the group of authorized users registered providing electrical power, the rest of the multi-factor authentication electronic lock 100 including the biometrics authentication system 120 and the multi-factor authentication electronic lock controller 130 is powered on by the battery 136 of the multi-factor authentication electronic lock 100, and the authorized user detected is authenticated again by the biometrics authentication system 120.
At query block 912, the biometrics authentication system 120 authenticate the authorized user detected again to determine whether the biometrics data of the authorized user detected matches the biometrics data of one of the group of authorized users registered. When the biometrics authentication system 120 determines that the biometrics data of the authorized user detected matches the biometrics data of one of the group of authorized users registered, the method proceeds to block 914. Otherwise, the method proceeds to block 906.
At block 914, when the biometrics authentication system 120 determines that the biometrics data of the authorized user detected matches the biometrics data of one of the group of authorized users registered, the multi-factor authentication electronic lock 100 can be operated by an electronic locking mechanism 138 of the multi-factor authentication electronic lock 100 only when the authorized user detected is authenticated again by the biometrics authentication system 120 of the multi-factor authentication electronic lock 100.
Such a method reduces the electrical power consumption of the multi-factor authentication electronic lock 100, prolongs the life of the battery used to power the multi-factor authentication electronic lock 100, and enhances the security of the multi-factor authentication electronic lock 100 by performing multi-factor authentication.
The foregoing description of the exemplary embodiments of the disclosure has been presented only for the purposes of illustration and description and is not intended to be exhaustive or to limit the disclosure to the precise forms disclosed. Many modifications and variations are possible in light of the above teaching.
The embodiments were chosen and described in order to explain the principles of the disclosure and their practical application so as to enable others skilled in the art to utilize the disclosure and various embodiments and with various modifications as are suited to the particular use contemplated. Alternative embodiments will become apparent to those skilled in the art to which the present disclosure pertains without departing from its spirit and scope. Accordingly, the scope of the present disclosure is defined by the appended claims rather than the foregoing description and the exemplary embodiments described therein.
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/CN2020/140906 | 12/29/2020 | WO |
