Patent Application
20130024334
The field of the inventions disclosed is privacy-oriented worker authentication and secure timekeeping. The field of the inventions is also personal biometric privacy. Inventions herein help ensure and improve timekeeping accuracy (actual work-hours, reliably reported) at local, mobile, and remote timekeeping locations. Improved timekeeping equipment and practices help better control costs by reducing fraud. The field also includes flexible timekeeping management and oversight for centralized, distributed, and mobile applications.
Definitions of the terminology used are included at the end of “Specific Examples of Operation”.
The practice of requiring employees to account exactly for their work hours is well-known in the art. Unfortunately, there are many ways that clever but unscrupulous employees can circumvent or subvert reasonable timekeeping objectives of establishing audit trails and keeping honest track of employee hours worked and locations and activities of employee work.
Since the “industrial revolution” began, timekeeping devices have been used. One common device is the time-clock for employee “punch-in and -out” (on-duty and off-duty). Also, newer equipment has been deployed to log employees on and off work, manage employee activities on-the-job (e.g., ID card checking, smartcard log-in, RFID log-in, electric eye log-in, etc.).
There have also been employee-generated tactics to thwart or mislead timekeeping systems such as time-clocks. A widespread infamous dishonest practice is called “buddy punching”. This fraudulent practice is accomplished when an on-site employee punches-in or punches-out his friends who are not present at the time-clock. This common practice facilitates “stealing hours” from employers, because it defrauds timekeeping and thwarts timekeeping/time auditing machines such as time-clocks.
In order to thwart such practices, some time clocks have been fitted with biometric sensors to ensure that the person who is claiming to be reporting to work is actually that person, thereby better ensuring timekeeping accuracy and reliability, and help control costs. This is done, however, by providing fixed biometric time clock stations that restrict employee mobility. It also requires that the employees' fingerprint templates be stored in the stations or in a central database, thereby increasing the risk of identity theft if the database is compromised. It also adds to employee concern that they may be fingerprinted for law-enforcement purposes, causing some valued employees to refuse the fingerprinting process.
It must be noted that there are other biometric timekeeping systems in existence; however, they are not directly comparable to the present inventions. Superficially-comparable biometric timekeeping systems on the market do not offer the privacy and security features of the present invention.
More specifically, the existing state-of-the-art, even when conscious of privacy issues surrounding biometrics, does not provide a means for retaining the biometric data (such as a fingerprint template) on a biometric device carried by a user. Current biometric timekeeping systems require workers to be enrolled into the actual timekeeping station or a central database. By contrast, the present invention retains each enrolled user biometric on the user's carried device and enables user authentication to be performed wherever the device is used.
If this device is used on a computer to log into the timekeeping system, there is no need to preload a program on the computer. Thus, the employee can punch-in or punch-out on any internet connected computer without prior arrangement. After users self-authenticate to their respective devices, a cryptographic signal acknowledging successful authentication of each user, is sent to the timekeeping station on a wireless or wired network without the user's biometric being exposed outside his or her personally-assigned device.
Accordingly, there exists latent demand for the present invention. In a modern company, employees are expected to keep accurate records even though they are working on their computers at a client site, at home or at a library in a foreign city. Truckers may punch-in from a restaurant or inside of a truck. Construction workers may punch-in or out from a construction site, or a salesman may report in from a. hotel on the road. My invention is thus necessary in order to help effectuate management best practices and efficiency and effectiveness in timekeeping and in employee management, regardless of the work environment. It is a unique feature of the present invention that allows and improves tracking of employee productivity. The invention allows employee time to be supervised at remote locations where there are no time-clocks and/or where there is a need for accurate time accountability and the employee may not be fully trusted (or able) to keep accurate records of their work hours. Until the advent of the present invention, there has been a lack of non-refutable, authenticated timekeeping that is available wherever the worker is deployed. Until now, there has been no device that has the security property of non-repudiation (comparable to my invention).
It is a first primary object of the present invention, to provide the employee with their own personal mobile biometric authentication device to facilitate worker accountability and oversight for both stationary and for mobile work environments.
It is another primary object of the present invention, to defeat “buddy punching”, i.e., the unauthorized punch-in of an employee not present at a time-clock, by a friend (a co-conspiring employee) who is present at the time-clock (who may also attempt to punch-in others as if they were actually “on the job” even when they are not present and in fact they are not on the job.
It is a related object of the present invention, to implement and enforce authenticated timekeeping and employee management best practices by (1) irrefutably authenticating employees, using mobile biometric authentication devices to (2) substantiate employee identity, (3) actual work hours, and to (4) monitor authenticated employee movements, actions, and activities at (5) one or more designated work sites. Note that the property of irrefutability (i.e., non-repudiation) facilitates authenticated record-keeping. Employees cannot refute time-keeping records by claiming records are in error or records were made by another party. Thus, biometrically-authenticated timekeeping also establishes an irrefutable audit trail for employee work history development and documentation, accurate and exact timekeeping on the job and/or simplifies employee time management.
It is another primary object of the invention, to supplant, back-up, (or in the alternate) replace conventional time-clocks, for the purpose of increasing security and accountability in timekeeping and employee management.
It is yet another object of the invention to allow for employee self-enrollment in the USB biometric device without additional assistance.
It is yet also another object of the invention to reduce the company and employee's dependency on needing to remember conventional passwords.
It is another primary object of the invention to protect employee identity privacy, because the invention keeps the fingerprint authentication within the mobile biometric device itself.
In one preferred embodiment, the timekeeping database management system of the present invention is adapted for end-user login via a hand-held USB-based biometric authentication device. The USB-based biometric authentication device includes a fingerprint authentication sensor, memory containing the assigned user's fingerprint template, fingerprint recognition algorithm, and processing electronics to carry out the fingerprint authentication.
Each employee is initially assigned and issued a personalized USB device that they personally enroll into. Each employee “self-enrolls”—i.e., they personally initialize and customize their biometric device—by teaching their fingerprints to the biometric sensor.
As an employee starts the workday or arrives at a job site, they simply insert their authentication apparatus . . . typically a USB thumb-drive . . . into the USB interface of any PC. By each employee swiping their finger, the biometric timekeeping verification process is initialized: the employee's start time is noted and recorded in the timekeeping and employee management database. The database compiles the work history of each authenticated employee using time-stamps, at multiple times throughout the day as required (e.g., typically at the beginning of a work day; a move from a base location to a warehouse; a move to loading dock; charging breaks and/or time off in cafeteria; punch back into work after lunch by returning to warehouse; punching out at the end of work day).
The USB-based device can optionally receive a random challenge number and encrypt it to form a reply indicating the result of the authentication process using a unique cryptographic key to encrypt the response message. At the timekeeping center, this response can be decrypted using the same key and examined to see if the user finger matched the template stored in the USB-based device.
Note that other biometric authentication modalities can optionally be deployed for comparable/equifinal timekeeping authentication applications. Note also, however, that ˜70% of biometrics users or prospective users prefer fingerprint sensors for their authentication needs, given the mobility and flexibility of devices such as USB-interface, fingerprint biometrics devices (Frost & Sullivan, Mar. 2, 2010).
Effectively, the timekeeping database management system provides an organized and irrefutable mechanism for monitoring time, location, and certain activities of employees working locally or in remote or distant sites. The timekeeping system can be customized and adapted to continuously monitor timekeeping events, it can report 24×7 hours, and the system can conduct workforce activity accounting for a mobile, stationary, or hybrid workforce.
The fully-automated workforce time management system provides 100% authentication for payroll management, clients, and employees. The company system owner/customer can be assured of the integrity of the process and can confidently charge for billable hours, verify off-site services or telecommuting productivity. This can be accomplished while respecting and protecting personal privacy of employees.
Additional disaggregation is possible, e.g., a database interface can facilitate accounting for employees by crew, department, office, vehicle, weekends, etc. Whenever employees authenticate to their biometric device for timekeeping purposes, records are made of the time of authentication. The total hours worked by any particular employee, class of employee, worksite, etc., can be tabulated and reported in summary or detail form as needed. The data can be easily imported into conventional database products and payroll processing applications.
The greatest benefits of the invention are achieved in very mobile workforces that are required to travel between destinations for work, typically this involves delivery, shipping, and pick-up applications. Notwithstanding, the present invention is particularly useful for stationary workforces because it prevents “buddy punching”, accounts for time and location, special or assigned daily activities requiring contemporaneous tracking, as well as facilitates tracking and sign-in (check in/out) of inbound or outbound deliveries.
In practice, authorized workers (or other end-users) are each assigned a personal authentication device. These individually-assigned authentication devices are hand-held, mobile, portable, AuthentikTime™ biometric fingerprint-readers. The devices are issued to all personnel expected to authenticate to one or more local or remote complementary AuthentikTime™ timekeeping and tracking systems. The hand-held devices are usually assigned to workers by a company system administrator, security officer, or other official. The handheld biometric devices interoperate with all AuthentikTime™ timekeeping systems. Interfaced complementary systems include permanently-installed AuthentikTime™ base stations; USB-equipped mobile laptops; dashboard-based USB equipment; and other USB-interfaced devices requiring worker authentication assurance.
After user self-authentication, and authentication interface to the AuthentikTime™ timekeeping station, user ID verification-related applications are connected onto the AuthentikTime™ website or other designated sites.
More specifically, once assigned an AuthentikTime™ biometric device is assigned, each worker enrolls their own fingerprint(s) into the device. Once a worker and their device are enrolled, the worker can interface timekeeping stations, laptops, and other predetermined devices. Enrolled and authorized workers (or other end-users) authenticate themselves initially (1) to their own device and then (2) subsequently and/or as needed to one or more timekeeping database systems, typically via a USB-PC interface via the internet to the AuthentikTime™ website, and/or via other distributed (e.g., laptop) or central user log-in system interface devices (e.g., this is analogous to and comparable with a “punch-in” card system, only using additional biometric authentication).
Depending on the application and the configuration designed by the customer, there may be multiple different destinations and/or times which the end-user/employee logs into one or more timekeeping system interfaces, in one or more locations, typically usually using their USB-based fingerprint authentication device by first authenticating into it and secondly, logging in whenever and wherever else needed.
Once authenticated to their own assigned device, users are able to irrefutably report to one or more timekeeping system locations and interfaces, either whenever required or whenever they choose or need to securely update the company of their whereabouts and activities.
Typically, a customer user must keep track of employees' hours worked on the job, including all reportable aspects of the hours worked. For example, in a hypothetical trucking company application, the company employs (e.g.) 5 (five) truck drivers on various duty shifts. In this hypothetical example, the company owns (e.g.) 3 (three) trucks. The trucks operate on a daily basis with one or more drivers, depending on the job, day of week, and time of day. The hypothetical company ships (e.g.) perishable produce over a multi-state territory, and sends the goods to many different destination sites every week.
It is very important that the trucking company monitors the timely shipment and delivery of the perishable produce. Accordingly, the drivers equipped with their USB fingerprint sensor authentication devices can (1) check into their device at the beginning of the work day, then (2) interface and authenticate with a main timekeeping-USB-interface master device (e.g.) at the company's dispatcher office (a permanently-installed timekeeping device).
After insertion of the USB device into the permanently-installed timekeeping device and authenticating himself by signing in, the truck driver receives a work assignment for the day. At this point (e.g.) truck driver(s) are assigned trucks to commence their work day deliveries. A first driver proceeds to his truck, and (3) uses his already-authenticated USB device, to further authenticate himself to a truck-based dashboard interface fitting which notes that the driver logged onto his truck, at (e.g.) 0800, started the engine without trouble at 0801,then drove out to make a first delivery.
In this example, driver departs (e.g.) the city of Metropolis headed for his first delivery at (e.g.) Green City . . . a drive of 110 miles, which the timekeeping system expects him to reach in ˜2 +/− hours. At the Green City delivery location “Store XYZ”, (4) the driver logs into a loading dock time keeping system. The driver logs into the store's system upon arrival. After about 1 hour—by the end of “hour 3” after his initial login—(5) the driver logs out of the Store XYZ loading dock and then drives to his second delivery stop (e.g.) the town of Smithtown. After reaching the Smithtown location (e.g.) Store ABC, (6) the driver logs into another loading dock time keeping system of the present invention. Upon completing delivery, (7) the driver logs out of the timekeeping system at Store ABC and departs for his next destination, Store MNO, located in Perimeter City. After arriving at the Perimeter City delivery location, (8) the driver logs into the loading dock timekeeping system, makes his delivery, then (9) logs out of that local system. After the last logout, the driver returns to his original location, the Metropolis home base of the trucking company. Upon arrival, (10) the driver logs back in (or out) at his home base system. If the driver is done for the day, he goes home after logging out. Optionally, if he's not done for the day yet, he remains logged in, completes work as required by his shift, and then (11) logs out a final time for the day before going home.
The preferred embodiment teaches that an authenticated user (such as the driver in the above example) updates the timekeeping database at all required junctures. This can be implemented either at every work milestone completion, and/or at every new work location, and/or with new task (or however required) by authenticating and interacting with a computer interface to evidence the driver's work task, location, time, etc.
The system can also be interfaced with a company message center, operator, receptionist, dispatcher, human resources, financial department, supply and inventory department, etc., or any company office which tracks employee movements, locations, reportable activities, or deliverables. Additionally, the user company can interface a database management system for timekeeping of their enrolled users, with inventory, finance, security, and/or other interfaces.
For purposes of this application, “timekeeping” refers to accounting for and adding up totals of a worker's hours across specified accounting periods (e.g., hours, days, weeks, etc.). The term also refers to the hours a worker dedicates to assigned project(s). The term as used herein also means timekeeping across assigned projects, destinations, and locations. Ideally, employee timekeeping is most accurate, reliable, and easiest to corroborate when its audit trail is non-reputable and irrefutable.
The term “employee management” refers to mobile activities of workers who are required to go to one or more specified or assigned locations or travel stops. The phrase “timekeeping and employee management” refers to improving and ensuring the availability of a fully and properly documented audit trail. This is effectuated by simultaneously tracking worker's hours on a job (i.e., proven to be “punched in”); plus exactly where a worker is working (or has travelled to/or is “in-transit” to); and optionally, what project or task the worker has been working on.
The term “privacy-oriented biometrics” refers to privacy-oriented biometric authentication techniques. Such techniques include can optionally also including cryptographic techniques which help eliminate or reduce identity theft, timekeeping fraud, and “buddy punching” (when one worker punches-in another worker who's “not present”). The techniques of the present invention additionally reserve privacy of personal biometric fingerprint data of each worker or employee, to their own personal and private biometric authentication device.
Referring again to
To be more specific, workers assigned one or more biometric devices [100a . . . 100n], are persons who biometrically self-authenticate to such device(s) whenever necessary (e.g., for security, policy, timekeeping, location logging, task start or completion, or other purposes). Here, such persons comprise the company's enrolled workers, drivers, contractors, and/or consultants, persons [102a, 102b . . . 102n]. These people can be any enrolled employee: e.g., on- or off-premises workers (local, remote, or in-transit); drivers or personnel who are driving as part of their job (truck, car, or assigned-task driver), a consultant or contractor, or any other person others whose work time periods, work locations, and work destinations are subject to oversight or timekeeping by the company.
Referring yet again to
When enrolled and monitored workers enter any building equipped with a Gate Station, after first authenticating themselves to their own assigned device, they then use their device to authenticate (and log-into) the local AuthentikTime™ timekeeping Gate Station. For simplicity sake, as shown here, time and location monitoring in each building is accomplished by local Gate Stations [108a, 110a, 112a, 114a and 116a] which are installed or are made operable at fixed or mobile or in-transit locations within buildings 108, 110, 112, 114, and 116 and/or within cars and trucks equipped with authentication interfaces of the present invention which are portable and/or mobile. Note also that employees, drivers, workers, contractors, and consultants proceed either to their own building and/or other assigned building(s) where they log in. The workers can also be required to log-in to “movable asset(s)” during the course of any work day. Truck drivers, for illustration here, log-in to assigned vehicles [116a . . . 116n].
Detail shown on Device 200 includes fingerprint swipe sensor 202, for biometric enrollment and subsequent self-authentication of a worker or other designee. Optional antenna 204 (an external wraparound antenna) is also shown—it can be used for wireless communication. Note, as a counterpoint, an internal component-based antenna can also be specified if contactless communication features are implemented. Here, antenna 204 includes a GPS-communicating antenna comprised within (one preferred product option).
USB male connector 206 can be inserted into a USB female fitting (not shown) on gate station(s) so equipped. Conversely, a user device could have a female USB interface for a male port interface (not shown).
Referring now to
