System and method for biometric authentication with device attestation

Description

BACKGROUND

Field of the Invention

This invention relates generally to the field of data processing systems. More particularly, the invention relates to a system and method for biometric authentication with device attestation.

Description of Related Art

Existing systems have been designed for providing secure user authentication over a network using biometric sensors. For example, Patent Application No. 2011/0082801 (“'801 Application”) describes a framework for user registration and authentication on a network which provides strong authentication (e.g., protection against identity theft and phishing), secure transactions (e.g., protection against “malware in the browser” and “man in the middle” attacks for transactions), and enrollment/management of client authentication tokens (e.g., fingerprint readers, facial recognition devices, smartcards, trusted platform modules, etc).

Biometric sensors have been used for local computer authentication for years in commercial off-the-shelf computer systems such as Lenovo® Thinkpads® and HP® Elite Books®. Biometric sensors integrated into these computer systems typically can rely on the integrity of the computer system as convenience as opposed to attack resistance is their primary goal. Additionally commercial computer systems typically aren't robust against physical tampering at all. So adding physical protection for the fingerprint sensor alone hasn't been a priority.

While biometric devices have been used for remote authentication to certain applications, strict organizational methods have been required to protect the integrity of biometric systems. For example, these biometric systems are typically sealed and their interface to computer systems is accessible only to authorized and trusted personnel (e.g., a trusted individual or group which ensures that a known acceptable biometric device is used and is not tampered with).

With the increased adoption of cloud services, a new use case for biometric authentication has evolved, i.e., biometric-based authentication to cloud services. In this case, at least the biometric sensor may be attached to an unsupervised machine. This unsupervised case has two important consequences:

- a) The biometric device should have integrated anti-spoofing methods (i.e. detection of fake biometrics) as there is no supervisor checking the system is not being spoofed; and
- b) The machine's and the biometric device's integrity cannot be assumed to be protected by external methods and hence need their own shielding mechanisms.

The need for (a) is well identified and addressed by the research community (Murali Mohan Chakka, 2011) (Marcialis, 2009) (Umut Uludag, Anil K. Jain; Department of Computer Science and Engineering, Michigan State University). However, techniques for (b) have yet to be fully developed. In particular, there are currently no standardized techniques for an Application to determine whether it is communicating with a real biometric device or with a piece of malware. Additionally, no acceptable techniques exist for a remote relying party such as a cloud service to determine whether a request to access the service is being sent by a trusted Application or by malware.

FIG. 1 illustrates an exemplary client 120 with a biometric device 100. When operated normally, a biometric sensor 102 reads raw biometric data from the user (e.g., capture the user's fingerprint, record the user's voice, snap a photo of the user, etc) and a feature extraction module 103 extracts specified characteristics of the raw biometric data (e.g., focusing on certain regions of the fingerprint, certain facial features, etc). A matcher module 104 compares the extracted features 133 with biometric reference data 110 stored in a secure storage on the client 120 and generates a score 135 based on the similarity between the extracted features and the biometric reference data 110. The biometric reference data 110 is typically the result of an enrollment process in which the user enrolls a fingerprint, voice sample, image or other biometric data with the device 100. An application 105 may then use the score 135 to determine whether the authentication was successful (e.g., if the score is above a certain specified threshold).

An attacker may target various locations 130-136 within the biometric pipeline. At 130, for example, the attacker may submit fake biometric data to the biometric sensor 102 (e.g., submitting a recording of the user's voice or a photo of the user's fingerprint). At 131, the attacker may re-submit an old signal containing previously-captured features to the feature extraction module 103 or, at 132, may override the feature extraction function entirely. At 133, the attacker may tamper with feature representation provided to the matcher 104 or, at 134, may override the matching function. At 136, the attacker may provide forged biometric reference data to the matcher 104 or, at 135, may provide a forged score to the application 105. Thus, as illustrated in FIG. 1, there are numerous locations within the biometric pipeline which may be susceptible to targeting by an attacker.

BRIEF DESCRIPTION OF THE DRAWINGS

A better understanding of the present invention can be obtained from the following detailed description in conjunction with the following drawings, in which:

FIG. 1 illustrates an exemplary client equipped with a biometric device.

FIG. 2 illustrates one embodiment of a system architecture for biometric authentication with device attestation.

FIG. 3A-C illustrate transaction diagrams showing exemplary transactions between a relying party and a cryptographic engine on a biometric device.

FIGS. 4A-B illustrate two different embodiments of a secure authentication system architecture.

DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS

Described below are embodiments of an apparatus, method, and machine-readable medium for implementing an authentication framework with device attestation in a client-server environment. Throughout the description, for the purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without some of these specific details. In other instances, well-known structures and devices are not shown or are shown in a block diagram form to avoid obscuring the underlying principles of the present invention.

The embodiments of the invention discussed below involve client devices with authentication capabilities such as biometric devices or PIN entry. These devices are sometimes referred to herein as “tokens,” “authentication devices,” or “authenticators.” Various different biometric devices may be used including, but not limited to, fingerprint sensors, voice recognition hardware/software (e.g., a microphone and associated software for recognizing a user's voice), facial recognition hardware/software (e.g., a camera and associated software for recognizing a user's face), and optical recognition capabilities (e.g., an optical scanner and associated software for scanning the retina of a user). The authentication capabilities may also include non-biometric devices such as trusted platform modules (TPMs) and smartcards.

As mentioned above, in a mobile biometric implementation, the biometric device may be remote from the relying party. As used herein, the term “remote” means that the biometric sensor is not part of the security boundary of the computer it is communicatively coupled to (e.g., it is not embedded into the same physical enclosure as the relying party computer). By way of example, the biometric device may be coupled to the relying party via a network (e.g., the Internet, a wireless network link, etc) or via a peripheral input such as a USB port. Under these conditions, there may be no way for the relying party to know if the device is one which is authorized by the relying party (e.g., one which provides an acceptable level of authentication and integrity protection) and/or whether a hacker has compromised the biometric device. Confidence in the biometric device depends on the particular implementation of the device.

One embodiment of the invention employs cryptographic attestation to ensure to the relying party that the correct biometric device is being used. The biometric device may enter into a cryptographic attestation transaction with the relying party to verify the type of sensor it has. In particular, a cryptographic engine with a secure attestation key storage is included with the biometric device to provide for secure attestation to the relying parties.

FIG. 2 illustrates one embodiment of the invention which includes a cryptographic engine 205 for attesting to the model and/or the integrity of an Authenticator 200. In particular, as discussed in detail below, the cryptographic engine 205 performs an attestation transaction with a relying party 207 to prove the integrity of the Authenticator 200. In this embodiment, the relying party 207 will trust the score generated by the matcher 204 only if it is also able to verify the proof of integrity of the Authenticator 200. As indicated in FIG. 2, in one embodiment, the relying party 207 may be a cloud service. However, the underlying principles of the invention are not limited to any particular type of relying party.

In operation, the cryptographic engine 205 is provided with access to a secure key storage 211 for storing an attestation key used during the attestation transaction. For example, the key may be a private key stored in the Authenticator 200 at manufacture time and the relying party 207 may store a corresponding public key. However, the underlying principles of the invention are not limited to any particular asymmetric or symmetric key implementation.

In one embodiment, the biometric device includes additional protection logic that protects the attestation key. In response to detecting attempt to tamper with the key, the protection logic automatically erases the key. In one embodiment, secure key storage 211 may be the same secure storage as that used to store the biometric reference data 210, although the underlying principles of the invention are not limited to this implementation.

FIG. 3a illustrates a series of attestation transactions employed in one embodiment of the invention. The relying party 207 generates a challenge in transaction 300 and sends it to the application 206 in transaction 301, which forwards it to the cryptographic engine 205 in transaction 302. In one embodiment, the challenge is a random number or nonce selected by the relying party 207. In operation 303, the cryptographic engine 205 generates a signature over the challenge and the score using the attestation key. As is understood by those of skill in the art, generating a signature may involve implementing a hash function over the challenge using the attestation key.

The matcher 204 generates a score in operation 304 and provides the score together with the User-ID to the cryptographic engine 205 in operation 305. Generating the score may be performed as previously described. For example, the biometric sensor 202 may read raw biometric data from the user (e.g., capture the user's fingerprint, record the user's voice, snap a photo of the user, etc) and a feature extraction module 203 may extract specified characteristics of the raw biometric data (e.g., focusing on certain regions of the fingerprint, certain facial features, etc). The matcher module 204 compares the extracted features with biometric reference data 210 stored in a secure storage on the client 220 and generates a score based on the similarity between the extracted features and the biometric reference data 210. As previously described, the biometric reference data 210 may be the result of an enrollment process in which the user enrolls a fingerprint, voice sample, image or other biometric data with the Authenticator 200. The application 206 or relying party 207 may subsequently use the score to determine whether the authentication was successful (e.g., if the score is above a certain threshold needed for the particular transaction).

In operation 306, the cryptographic engine 205 sends the combined signature, User ID, and score to the application 206 which it forwards to the relying party 207 in operation 307. The relying party 207 now knows the challenge (e.g., a nonce or random number which it previously generated) and the signature provided by the cryptographic engine 205. In operation 308, it uses its own key to verify the signature using the random number, thereby verifying the attestation key owned by the cryptographic engine. As mentioned, in one embodiment, the key used by the relying party is a public key for verifying the signature generated on the challenge using the private key. Alternatively, the cryptographic engine and relying party may use the same key (i.e., a symmetric key pair may be used). The underlying principles of the invention are not limited to any particular public/private key implementation. The cryptographic engine simply needs to be capable of generating a signature over the challenge which may be verified by the relying party.

If each biometric device is assigned its own unique attestation key, the key may be used as a global correlation handle for uniquely identifying the user. This creates a privacy problem in some regions of the world. By way of example, the CPUID instruction introduced by Intel® in 1993 could be used to retrieve a CPU's serial number. This feature was subsequently removed in response to privacy concerns.

To address privacy concerns, in one embodiment, the same attestation key may be used for multiple biometric devices. For example, all fingerprint sensors of a certain type (e.g., using a certain type of sensor, or being produced in one batch) may use the same shared attestation key. For example, the shared attestation key may identify a particular biometric device as having a sensor of “type X.” Thus, with a shared attestation key, an individual user/device cannot be uniquely identified, thereby preserving each user's privacy.

One disadvantage of this configuration is that if the key is extracted by a potential hacker, the attestation process will be compromised. For this reason, the trusted computing group (“TCG”) developed direct anonymous attestation (DAA), a cryptographic protocol which enables remote authentication of a trusted platform while preserving the user's privacy. In one embodiment, DAA is implemented between the relying party 207 and cryptographic engine 205 to attest to the integrity of the Authenticator 200. In particular, the cryptographic engine 205 may comprise a trusted platform module (TPM) and perform attestation and authentication with the relying party 207 as described, for example, in Ernie Brickell et al, Direct Anonymous Attestation (Feb. 11, 2004) or Liqun Chen et al, Flexible and Scalable Digital Signatures in TPM 2.0 (2013).

Using Direct Anonymous Attestation in one embodiment, the Cryptographic Engine 205 can be prepared in two alternative ways before the attestation shown in FIG. 3a can be executed.

In the embodiment illustrated in FIG. 3b, the DAA Issuer 370 is remote to the production line 371. At the production time of the Authenticator, in operation 351, the endorsement key pair is generated inside the cryptographic engine 205. Alternatively, in one embodiment, it may be injected together with the endorsement key certificate by the production line 371. This key is unique to the Authenticator. This doesn't present a privacy issue as the key is used one single time and only in conjunction with one relying party, the DAA-Issuer. In operation 352, the endorsement public key is extracted and in operation 353, a unique endorsement key certificate is created. In operation 354, the unique endorsement key certificate is injected into the cryptographic engine 205.

In one embodiment, the endorsement certificate is used once, i.e. in conjunction with the DAA-Issuer 370 in order to authenticate itself for the DAA-Join operation, performed at 356. During the DAA-Join operation, a DAA key pair is generated and a DAA “certificate” is sent from the DAA-Issuer to the cryptographic engine.

In the embodiment illustrated in FIG. 3c, the DAA Issuer 380 is directly coupled to the production line. In this embodiment, the DAA-Join operation 375 can be performed by the DAA-Issuer (as part of the production line). No additional endorsement key and certificate is required in this embodiment.

Regardless of which embodiment is implemented using DAA, the cryptographic engine 205 will use the DAA-Sign operation instead of the normal signature in step 303 of FIG. 3a.

Exemplary System Architectures

FIGS. 4A-B illustrate two embodiments of a system architecture comprising client-side and server-side components for authenticating a user. The embodiment shown in FIG. 4A uses a browser plugin-based architecture for communicating with a website while the embodiment shown in FIG. 4B does not require a browser. The various techniques described herein for biometric authentication with device attestation using a cryptographic engine may be implemented on either of these system architectures. For example, an authentication device 410-412 and its associated interface 402 shown in FIGS. 4A-B may include the biometric sensor 202, feature extraction module 203, matcher 204, and cryptographic engine 205 shown in FIG. 2. The biometric reference data 210 illustrated in FIG. 2 may be implemented with the secure storage 420 shown in FIGS. 4A-B. While the secure storage 420 is illustrated outside of the secure perimeter of the authentication device(s) 410-412, in one embodiment, each authentication device 410-412 may have its own integrated secure storage. Alternatively, each authentication device 410-412 may cryptographically protect the biometric reference data records (e.g., wrapping them using a symmetric key to make the storage 420 secure).

The application 206 illustrated in FIG. 2 may be the application 454 and/or secure transaction service 401 shown in FIG. 4B. In a browser implementation, the application 206 may be the browser 404/secure transaction plugin 405 and/or the secure transaction service 401 shown in FIG. 4A. The relying party 207 may be the secure enterprise or web destination 430 shown in FIGS. 4A-B. It should be noted, however, that the embodiment illustrated in FIG. 2 stands on its own and may be implemented using logical arrangements of hardware and software other than those shown in FIGS. 4A-B.

Turning first to FIG. 4A, the illustrated embodiment includes a client 400 equipped with one or more authentication devices 410-412 for enrolling and authenticating an end user. As mentioned above, the authentication devices 410-412 may include biometric devices such as fingerprint sensors, voice recognition hardware/software (e.g., a microphone and associated software for recognizing a user's voice), facial recognition hardware/software (e.g., a camera and associated software for recognizing a user's face), and optical recognition capabilities (e.g., an optical scanner and associated software for scanning the retina of a user) and non-biometric devices such as a trusted platform modules (TPMs) and smartcards.

The authentication devices 410-412 are communicatively coupled to the client through an interface 402 (e.g., an application programming interface or API) exposed by a secure transaction service 401. The secure transaction service 401 is a secure application for communicating with one or more secure transaction servers 432-433 over a network and for interfacing with a secure transaction plugin 405 executed within the context of a web browser 404. As illustrated, the Interface 402 may also provide secure access to a secure storage device 420 on the client 400 which stores information related to each of the authentication devices 410-412 such as a device identification code, user identification code, user enrollment data (e.g., scanned fingerprint or other biometric data), and keys used to perform the secure authentication techniques described herein. For example, as discussed in detail below, a unique key may be stored into each of the authentication devices and used when communicating to servers 430 over a network such as the Internet.

As discussed below, certain types of network transactions are supported by the secure transaction plugin 405 such as HTTP or HTTPS transactions with websites 431 or other servers. In one embodiment, the secure transaction plugin is initiated in response to specific HTML tags inserted into the HTML code of a web page by the web server 431 within the secure enterprise or Web destination 430 (sometimes simply referred to below as “server 430”). In response to detecting such a tag, the secure transaction plugin 405 may forward transactions to the secure transaction service 401 for processing. In addition, for certain types of transactions (e.g., such as secure key exchange) the secure transaction service 401 may open a direct communication channel with the on-premises transaction server 432 (i.e., co-located with the website) or with an off-premises transaction server 433.

The secure transaction servers 432-433 are coupled to a secure transaction database 440 for storing user data, authentication device data, keys and other secure information needed to support the secure authentication transactions described below. It should be noted, however, that the underlying principles of the invention do not require the separation of logical components within the secure enterprise or web destination 430 shown in FIG. 4A. For example, the website 431 and the secure transaction servers 432-433 may be implemented within a single physical server or separate physical servers. Moreover, the website 431 and transaction servers 432-433 may be implemented within an integrated software module executed on one or more servers for performing the functions described below.

As mentioned above, the underlying principles of the invention are not limited to a browser-based architecture shown in FIG. 4A. FIG. 4B illustrates an alternate implementation in which a stand-alone application 454 utilizes the functionality provided by the secure transaction service 401 to authenticate a user over a network. In one embodiment, the application 454 is designed to establish communication sessions with one or more network services 451 which rely on the secure transaction servers 432-433 for performing the user/client authentication techniques described in detail below.

In either of the embodiments shown in FIGS. 4A-B, the secure transaction servers 432-433 may generate the keys which are then securely transmitted to the secure transaction service 401 and stored into the authentication devices within the secure storage 420. Additionally, the secure transaction servers 432-433 manage the secure transaction database 420 on the server side.

Embodiments of the invention may include various steps as set forth above. The steps may be embodied in machine-executable instructions which cause a general-purpose or special-purpose processor to perform certain steps. Alternatively, these steps may be performed by specific hardware components that contain hardwired logic for performing the steps, or by any combination of programmed computer components and custom hardware components.

Elements of the present invention may also be provided as a machine-readable medium for storing the machine-executable program code. The machine-readable medium may include, but is not limited to, floppy diskettes, optical disks, CD-ROMs, and magneto-optical disks, ROMs, RAMs, EPROMs, EEPROMs, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic program code.

Throughout the foregoing description, for the purposes of explanation, numerous specific details were set forth in order to provide a thorough understanding of the invention. It will be apparent, however, to one skilled in the art that the invention may be practiced without some of these specific details. For example, it will be readily apparent to those of skill in the art that the functional modules and methods described herein may be implemented as software, hardware or any combination thereof. Moreover, although some embodiments of the invention are described herein within the context of a mobile computing environment, the underlying principles of the invention are not limited to a mobile computing implementation. Virtually any type of client or peer data processing devices may be used in some embodiments including, for example, desktop or workstation computers. Accordingly, the scope and spirit of the invention should be judged in terms of the claims which follow.

Claims

1. An apparatus for remotely attesting to authenticator integrity comprising: an authenticator to read biometric authentication data from a user and determine whether to successfully authenticate the user based on a comparison with biometric reference data, a score being generated from the comparison; anda cryptographic engine comprising a processor and non-transitory machine-readable medium having program code, which, when executed by the processor, causes the cryptographic engine to: receive a challenge from a relying party that is outside of a physical enclosure of the apparatus, the challenge comprising a randomly generated nonce,sign the challenge and the score using an attestation key to generate an attestation signature, wherein the attestation key is established after an endorsement key certificate is generated, using a product line, specifically for the relying party, wherein the product line extracts a public endorsement key from an endorsement key pair to generate and return the endorsement key certificate to the cryptographic engine, and wherein the endorsement key certificate corresponds to the attestation key, andsend a user identifier (ID), the score, and the attestation signature to the relying party, wherein the relying party verifies that the attestation signature is valid using a key corresponding to the endorsement key certificate, and wherein the score is used to determine whether the authentication of the user is successful.
2. The apparatus as in claim 1 wherein the cryptographic engine is integrated within the authenticator.
3. The apparatus as in claim 1 wherein the attestation key is a private key and the key of the relying party is a public key associated with the private key.
4. The apparatus as in claim 1 wherein attesting to the integrity of the authenticator comprises implementing a series of direct anonymous attestation (DAA) transactions between the cryptographic engine and the relying party.
5. The apparatus as in claim 4 wherein the DAA transactions include DAA-Sign and DAA-Verify transactions.
6. The apparatus as in claim 1 further comprising: protection logic to erase cryptographic data of the cryptographic engine upon detecting tampering with the cryptographic data.
7. The apparatus as in claim 1 wherein the authenticator is to: read the biometric authentication data from a user;extract specified portions of the biometric authentication data having certain features; andcompare the specified portions of the biometric authentication data with biometric reference data and responsively generate the score based on the comparison, the score indicating a level of similarity between the specified portions of the biometric authentication data and the biometric reference data.
8. A method for remotely attesting to authenticator integrity comprising: reading biometric authentication data from a user and determining whether to successfully authenticate the user based on a comparison with biometric reference data, a score being generated from the comparison, wherein the reading and determining are performed by an authenticator; andprotecting communication with a relying party that is outside of a physical enclosure of the authenticator; andperforming an attestation transaction with the relying party to attest to the integrity of the authenticator to the relying party, the attestation comprising: receiving a challenge from the relying party, the challenge comprising a randomly generated nonce;signing the challenge and the score using an attestation key to generate an attestation signature, wherein the attestation key is established after an endorsement key certificate is generated, using a product line specifically for the relying party, wherein the product line extracts a public endorsement key from an endorsement key pair to generate and return the endorsement key certificate for signing the challenge and the score, and wherein the endorsement key certificate corresponds to the attestation key; andsending a user identifier (ID), the score, and the attestation signature to the relying party, wherein the relying party verifies that the attestation signature is valid using a key corresponding to the endorsement key certificate, and wherein the score is used to determine whether the authentication of the user is successful.
9. The method as in claim 8 wherein a cryptographic engine which performs the attestation transaction is integrated within an authenticator that reads the biometric authentication data from the user and determines whether to successfully authenticate the user based on a comparison with the biometric reference data.
10. The method as in claim 8 wherein the attestation key is a private key and the key of the relying party is a public key associated with the private key.
11. The method as in claim 8 wherein attesting to the integrity of the authenticator comprises implementing a series of direct anonymous attestation (DAA) transactions between a cryptographic engine and the relying party.
12. The method as in claim 11 wherein the DAA transactions include DAA-Sign and DAA-Verify transactions.
13. The method as in claim 8 further comprising: erasing cryptographic data upon detecting tampering with the cryptographic data.
14. The method as in claim 8 wherein determining whether to successfully authenticate the user further comprises: reading the biometric authentication data from a user;extracting specified portions of the biometric authentication data having certain features;comparing the specified portions of the biometric authentication data with biometric reference data and responsively generate the score based on the comparison, the score indicating a level of similarity between the specified portions of the biometric authentication data and the biometric reference data.
15. A non-transitory machine-readable medium having program code stored thereon which, when executed by a machine, causes the machine to perform: reading biometric authentication data from a user and determining whether to successfully authenticate the user based on a comparison with biometric reference data, a score being generated from the comparison, wherein the operations of reading and determining are performed by an authenticator; andprotecting communication with a relying party that is outside of a physical enclosure of the authenticator; andperforming an attestation transaction with the relying party to attest to integrity of the authenticator to the relying party, the attestation comprising: receiving a challenge from the relying party, the challenge comprising a randomly generated nonce;signing the challenge and the score using an attestation key to generate an attestation signature, wherein the attestation key is established after an endorsement key certificate is generated, using a product line, specifically for the relying party, wherein the product line extracts a public endorsement key from an endorsement key pair to generate and return the endorsement key certificate for signing the challenge and the score, and wherein the endorsement key certificate corresponds to the attestation key; andsending a user identifier (ID), the score, and the attestation signature to the relying party, wherein the relying party verifies that the attestation signature is valid using a key corresponding to the endorsement key certificate, and wherein the score is used to determine whether the authentication of the user is successful.
16. The machine-readable medium as in claim 15 wherein a cryptographic engine which performs the attestation transaction is integrated within an authenticator that reads the biometric authentication data from the user and determines whether to successfully authenticate the user based on a comparison with the biometric reference data.
17. The machine-readable medium as in claim 15 wherein the attestation key is a private key and the key of the relying party is a public key associated with the private key.
18. The machine-readable medium as in claim 15 wherein attesting to the integrity of the authenticator comprises implementing a series of direct anonymous attestation (DAA) transactions between a cryptographic engine and the relying party.
19. The machine-readable medium as in claim 18 wherein the DAA transactions include DAA-Sign and DAA-Verify transactions.
20. The machine-readable medium as in claim 15 further comprising: erasing cryptographic data upon detecting tampering with the cryptographic data.
21. The machine-readable medium as in claim 15 wherein determining whether to successfully authenticate the user further comprises: reading the biometric authentication data from a user;extracting specified portions of the biometric authentication data having certain features;comparing the specified portions of the biometric authentication data with biometric reference data and responsively generate the score based on the comparison, the score indicating a level of similarity between the specified portions of the biometric authentication data and the biometric reference data.

CLAIM TO PRIORITY

This application claims the benefit of U.S. Provisional Patent Application No. 61/829,081, filed May 30, 2013, entitled, “Combining Biometric Authentication With Device Attestation” which is assigned to the assignee of the present nonprovisional application and is hereby incorporated by reference.

US Referenced Citations (303)

Number	Name	Date	Kind
5280527	Gullman et al.	Jan 1994	A
5764789	Pare, Jr. et al.	Jun 1998	A
6088450	Davis et al.	Jul 2000	A
6178511	Cohen et al.	Jan 2001	B1
6377691	Swift et al.	Apr 2002	B1
6618806	Brown et al.	Sep 2003	B1
6751733	Nakamura	Jun 2004	B1
6842896	Redding et al.	Jan 2005	B1
6938156	Wheeler et al.	Aug 2005	B2
7155035	Kondo et al.	Dec 2006	B2
7194763	Potter et al.	Mar 2007	B2
7263717	Boydstun et al.	Aug 2007	B1
7444368	Wong et al.	Oct 2008	B1
7487357	Smith	Feb 2009	B2
7512567	Bemmel et al.	Mar 2009	B2
7698565	Bjorn et al.	Apr 2010	B1
7865937	White	Jan 2011	B1
7941669	Foley et al.	May 2011	B2
8060922	Crichton	Nov 2011	B2
8166531	Suzuki	Apr 2012	B2
8245030	Lin	Aug 2012	B2
8284043	Judd et al.	Oct 2012	B2
8291468	Chickering	Oct 2012	B1
8353016	Pravetz et al.	Jan 2013	B1
8359045	Hopkins, III	Jan 2013	B1
8458465	Stern et al.	Jun 2013	B1
8489506	Hammad et al.	Jul 2013	B2
8516552	Raleigh	Aug 2013	B2
8555340	Potter et al.	Oct 2013	B2
8561152	Novak et al.	Oct 2013	B2
8584224	Pei et al.	Nov 2013	B1
8607048	Nogawa	Dec 2013	B2
8646060	Ben Ayed	Feb 2014	B1
8713325	Ganesan	Apr 2014	B2
8719905	Ganesan	May 2014	B2
8776180	Kumar et al.	Jul 2014	B2
8856541	Chaudhury et al.	Oct 2014	B1
8949978	Lin	Feb 2015	B1
8958599	Starner	Feb 2015	B1
8978117	Bentley et al.	Mar 2015	B2
9015482	Baghdasaryan et al.	Apr 2015	B2
9032485	Chu	May 2015	B2
9083689	Lindemann et al.	Jul 2015	B2
9161209	Ghoshal et al.	Oct 2015	B1
9171306	He et al.	Oct 2015	B1
9172687	Baghdasaryan et al.	Oct 2015	B2
9396320	Lindemann	Jul 2016	B2
20010037451	Bhagavatula et al.	Nov 2001	A1
20020010857	Karthik	Jan 2002	A1
20020016913	Wheeler et al.	Feb 2002	A1
20020040344	Preiser et al.	Apr 2002	A1
20020073316	Collins	Jun 2002	A1
20020073320	Rinkevich et al.	Jun 2002	A1
20020087894	Foley et al.	Jul 2002	A1
20020112170	Foley et al.	Aug 2002	A1
20020174344	Ting	Nov 2002	A1
20020174348	Ting	Nov 2002	A1
20030055792	Kinoshita et al.	Mar 2003	A1
20030065805	Barnes	Apr 2003	A1
20030084300	Koike	May 2003	A1
20030087629	Juitt	May 2003	A1
20030115142	Brickell et al.	Jun 2003	A1
20030135740	Talmor et al.	Jul 2003	A1
20030152252	Kondo et al.	Aug 2003	A1
20030226036	Bivens et al.	Dec 2003	A1
20030236991	Letsinger	Dec 2003	A1
20040101170	Tisse	May 2004	A1
20040123153	Wright et al.	Jun 2004	A1
20050021964	Bhatnagar et al.	Jan 2005	A1
20050080716	Belyi et al.	Apr 2005	A1
20050097320	Golan et al.	May 2005	A1
20050125295	Tidwell et al.	Jun 2005	A1
20050160052	Schneider	Jul 2005	A1
20050187883	Bishop et al.	Aug 2005	A1
20050223236	Yamada	Oct 2005	A1
20050278253	Meek et al.	Dec 2005	A1
20060026671	Potter et al.	Feb 2006	A1
20060029062	Rao	Feb 2006	A1
20060156385	Chiviendacz et al.	Jul 2006	A1
20060161435	Atef et al.	Jul 2006	A1
20060161672	Jolley et al.	Jul 2006	A1
20060282670	Karchov	Dec 2006	A1
20070005988	Zhang et al.	Jan 2007	A1
20070077915	Black et al.	Apr 2007	A1
20070088950	Wheeler et al.	Apr 2007	A1
20070100756	Varma	May 2007	A1
20070106895	Huang et al.	May 2007	A1
20070107048	Halls et al.	May 2007	A1
20070118883	Potter et al.	May 2007	A1
20070165625	Elsner	Jul 2007	A1
20070168677	Kudo	Jul 2007	A1
20070169182	Wolfond	Jul 2007	A1
20070198435	Siegal et al.	Aug 2007	A1
20070239980	Funayama	Oct 2007	A1
20070278291	Rans et al.	Dec 2007	A1
20070286130	Shao et al.	Dec 2007	A1
20080005562	Sather et al.	Jan 2008	A1
20080025234	Zhu	Jan 2008	A1
20080028453	Nguyen et al.	Jan 2008	A1
20080034207	Cam-Winget et al.	Feb 2008	A1
20080046334	Lee et al.	Feb 2008	A1
20080046984	Bohmer	Feb 2008	A1
20080049983	Miller et al.	Feb 2008	A1
20080086759	Colson	Apr 2008	A1
20080134311	Medvinsky	Jun 2008	A1
20080141339	Gomez et al.	Jun 2008	A1
20080172725	Fujii et al.	Jul 2008	A1
20080209545	Asano	Aug 2008	A1
20080232565	Kutt et al.	Sep 2008	A1
20080235801	Soderberg et al.	Sep 2008	A1
20080271150	Boerger et al.	Oct 2008	A1
20080289019	Lam	Nov 2008	A1
20080289020	Cameron et al.	Nov 2008	A1
20080313719	Kaliski, Jr. et al.	Dec 2008	A1
20080320308	Kostiainen et al.	Dec 2008	A1
20090049510	Zhang et al.	Feb 2009	A1
20090064292	Carter et al.	Mar 2009	A1
20090089870	Wahl	Apr 2009	A1
20090100269	Naccache	Apr 2009	A1
20090116651	Liang	May 2009	A1
20090133113	Schneider	May 2009	A1
20090138724	Chiou et al.	May 2009	A1
20090138727	Campello	May 2009	A1
20090158425	Chan et al.	Jun 2009	A1
20090183003	Haverinen	Jul 2009	A1
20090187988	Hulten et al.	Jul 2009	A1
20090193508	Brenneman et al.	Jul 2009	A1
20090196418	Tkacik	Aug 2009	A1
20090199264	Lang	Aug 2009	A1
20090204964	Foley	Aug 2009	A1
20090235339	Mennes et al.	Sep 2009	A1
20090271618	Camenisch	Oct 2009	A1
20090271635	Liu	Oct 2009	A1
20090300714	Ahn	Dec 2009	A1
20090300720	Guo et al.	Dec 2009	A1
20090307139	Mardikar et al.	Dec 2009	A1
20090327131	Beenau et al.	Dec 2009	A1
20090328197	Newell	Dec 2009	A1
20100010932	Law et al.	Jan 2010	A1
20100023454	Exton et al.	Jan 2010	A1
20100029300	Chen	Feb 2010	A1
20100042848	Rosener	Feb 2010	A1
20100062744	Ibrahim	Mar 2010	A1
20100070424	Monk	Mar 2010	A1
20100082484	Erhart et al.	Apr 2010	A1
20100083000	Kesanupalli	Apr 2010	A1
20100094681	Almen et al.	Apr 2010	A1
20100105427	Gupta	Apr 2010	A1
20100107222	Glasser	Apr 2010	A1
20100114776	Weller et al.	May 2010	A1
20100169650	Brickell	Jul 2010	A1
20100175116	Gum	Jul 2010	A1
20100186072	Kumar	Jul 2010	A1
20100192209	Steeves et al.	Jul 2010	A1
20100223663	Morimoto et al.	Sep 2010	A1
20100242088	Thomas	Sep 2010	A1
20100287369	Monden	Nov 2010	A1
20100325427	Ekberg et al.	Dec 2010	A1
20100325664	Grebenick et al.	Dec 2010	A1
20100325684	Grebenik	Dec 2010	A1
20100325711	Etchegoyen	Dec 2010	A1
20110004933	Dickinson et al.	Jan 2011	A1
20110022835	Schibuk	Jan 2011	A1
20110047608	Levenberg	Feb 2011	A1
20110071841	Fomenko et al.	Mar 2011	A1
20110078443	Greentstein et al.	Mar 2011	A1
20110082801	Baghdasaryan et al.	Apr 2011	A1
20110083016	Kesanupalli et al.	Apr 2011	A1
20110093942	Koster et al.	Apr 2011	A1
20110107087	Lee et al.	May 2011	A1
20110138450	Kesanupalli et al.	Jun 2011	A1
20110157346	Zyzdryn et al.	Jun 2011	A1
20110167154	Bush et al.	Jul 2011	A1
20110167472	Evans et al.	Jul 2011	A1
20110191200	Bayer et al.	Aug 2011	A1
20110197267	Gravel et al.	Aug 2011	A1
20110219427	Hito et al.	Sep 2011	A1
20110225431	Stufflebeam, Jr. et al.	Sep 2011	A1
20110228330	Nogawa	Sep 2011	A1
20110231911	White et al.	Sep 2011	A1
20110246766	Orsini	Oct 2011	A1
20110265159	Ronda	Oct 2011	A1
20110279228	Kumar	Nov 2011	A1
20110280402	Ibrahim	Nov 2011	A1
20110296518	Faynberg et al.	Dec 2011	A1
20110307706	Fielder	Dec 2011	A1
20110307949	Ronda	Dec 2011	A1
20110313872	Carter et al.	Dec 2011	A1
20110314549	Song et al.	Dec 2011	A1
20110320823	Saroiu et al.	Dec 2011	A1
20120018506	Hammad et al.	Jan 2012	A1
20120023568	Cha et al.	Jan 2012	A1
20120046012	Forutanpour et al.	Feb 2012	A1
20120075062	Osman et al.	Mar 2012	A1
20120084566	Chin et al.	Apr 2012	A1
20120102553	Hsueh et al.	Apr 2012	A1
20120124639	Shaikh et al.	May 2012	A1
20120124651	Ganesan	May 2012	A1
20120144461	Rathbun	Jun 2012	A1
20120159577	Belinkiy	Jun 2012	A1
20120191979	Feldbau	Jul 2012	A1
20120203906	Jaudon et al.	Aug 2012	A1
20120204032	Wilkings	Aug 2012	A1
20120210135	Panchapakesan et al.	Aug 2012	A1
20120249298	Sovio et al.	Oct 2012	A1
20120272056	Ganesan	Oct 2012	A1
20120278873	Calero et al.	Nov 2012	A1
20120291114	Poliashenko et al.	Nov 2012	A1
20120313746	Rahman et al.	Dec 2012	A1
20120317297	Bailey	Dec 2012	A1
20130042327	Chow	Feb 2013	A1
20130046976	Rosati	Feb 2013	A1
20130046991	Lu et al.	Feb 2013	A1
20130054967	Davoust et al.	Feb 2013	A1
20130061055	Schibuk	Mar 2013	A1
20130067546	Thavasi et al.	Mar 2013	A1
20130073859	Carlson et al.	Mar 2013	A1
20130086669	Sondhi et al.	Apr 2013	A1
20130090939	Robinson	Apr 2013	A1
20130097682	Zeljkovic	Apr 2013	A1
20130104187	Weidner	Apr 2013	A1
20130104190	Simske	Apr 2013	A1
20130119130	Braams	May 2013	A1
20130124285	Pravetz et al.	May 2013	A1
20130124422	Hubert et al.	May 2013	A1
20130125197	Pravetz	May 2013	A1
20130125222	Pravetz et al.	May 2013	A1
20130133049	Peirce	May 2013	A1
20130133054	Davis et al.	May 2013	A1
20130144785	Karpenko et al.	Jun 2013	A1
20130159413	Davis et al.	Jun 2013	A1
20130159716	Buck et al.	Jun 2013	A1
20130160083	Schrix et al.	Jun 2013	A1
20130167196	Spencer et al.	Jun 2013	A1
20130219456	Sharma et al.	Aug 2013	A1
20130227646	Haggerty et al.	Aug 2013	A1
20130239173	Dispensa	Sep 2013	A1
20130282589	Shoup et al.	Oct 2013	A1
20130308778	Fosmark et al.	Nov 2013	A1
20130318343	Bjarnason et al.	Nov 2013	A1
20130337777	Deutsch et al.	Dec 2013	A1
20130346176	Alolabi et al.	Dec 2013	A1
20140002238	Taveau et al.	Jan 2014	A1
20140007215	Romano	Jan 2014	A1
20140013422	Janus et al.	Jan 2014	A1
20140033271	Barton et al.	Jan 2014	A1
20140040987	Haugsnes	Feb 2014	A1
20140044265	Kocher et al.	Feb 2014	A1
20140047510	Belton et al.	Feb 2014	A1
20140066015	Aissi	Mar 2014	A1
20140068746	Gonzalez	Mar 2014	A1
20140075516	Chermside	Mar 2014	A1
20140089243	Oppenheimer	Mar 2014	A1
20140096182	Smith	Apr 2014	A1
20140101439	Pettigrew et al.	Apr 2014	A1
20140109174	Barton	Apr 2014	A1
20140115702	Li et al.	Apr 2014	A1
20140130127	Toole et al.	May 2014	A1
20140137191	Goldsmith et al.	May 2014	A1
20140164776	Hook et al.	Jun 2014	A1
20140173754	Barbir	Jun 2014	A1
20140188770	Agrafioti et al.	Jul 2014	A1
20140189350	Baghdasaryan	Jul 2014	A1
20140189360	Baghdasaryan	Jul 2014	A1
20140189779	Baghdasaryan	Jul 2014	A1
20140189791	Lindemann	Jul 2014	A1
20140189807	Cahill et al.	Jul 2014	A1
20140189808	Mahaffey et al.	Jul 2014	A1
20140189828	Baghdasaryan	Jul 2014	A1
20140189835	Umerley	Jul 2014	A1
20140201809	Choyi et al.	Jul 2014	A1
20140230032	Duncan	Aug 2014	A1
20140245391	Adenuga	Aug 2014	A1
20140250523	Savvides et al.	Sep 2014	A1
20140258125	Gerber et al.	Sep 2014	A1
20140258711	Brannon	Sep 2014	A1
20140282868	Sheller et al.	Sep 2014	A1
20140282945	Smith	Sep 2014	A1
20140282965	Sambamurthy	Sep 2014	A1
20140289117	Baghdasaryan	Sep 2014	A1
20140289820	Lindemann et al.	Sep 2014	A1
20140289833	Briceno et al.	Sep 2014	A1
20140289834	Lindemann	Sep 2014	A1
20140298419	Boubez	Oct 2014	A1
20140304505	Dawson	Oct 2014	A1
20150046340	Dimmick	Feb 2015	A1
20150058931	Miu et al.	Feb 2015	A1
20150095999	Toth et al.	Apr 2015	A1
20150134330	Baldwin et al.	May 2015	A1
20150142628	Suplee et al.	May 2015	A1
20150180869	Verma	Jun 2015	A1
20150244696	Ma	Aug 2015	A1
20150269050	Filimonov	Sep 2015	A1
20150326529	Morita	Nov 2015	A1
20150381580	Graham et al.	Dec 2015	A1
20160036588	Thackston	Feb 2016	A1
20160072787	Balabine et al.	Mar 2016	A1
20160078869	Syrdal et al.	Mar 2016	A1
20160087952	Tartz et al.	Mar 2016	A1
20160087957	Shah et al.	Mar 2016	A1
20160188958	Martin	Jun 2016	A1
20170004487	Hagen et al.	Jan 2017	A1
20170109751	Dunkelberger et al.	Apr 2017	A1

Foreign Referenced Citations (7)

Number	Date	Country
1705925	Dec 2005	CN
101394283	Mar 2009	CN
102763111	Oct 2012	CN
2005003985	Jan 2005	WO
WO2013082190	Jun 2013	WO
2014105994	Jul 2014	WO
2015130734	Sep 2015	WO

Non-Patent Literature Citations (252)

Entry
Brickell, Ernie, Jan Camenisch, and Liqun Chen. “Direct anonymous attestation.” Proceedings of the 11th ACM conference on Computer and communications security. ACM, 2004, 6 pages.
Chen, Liqun, and Jiangtao Li. “Flexible and scalable digital signatures in TPM 2.0.” Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 2013.
Chakka, Murali Mohan, et al. “Competition on counter measures to 2-d facial spoofing attacks.” Biometrics (IJCB), 2011 International Joint Conference on. IEEE, 2011, 6 pages.
Marcialis, Gian Luca, et al. “First international fingerprint liveness detection competition—livdet 2009.” Image Analysis and Processing—ICIAP 2009. Springer Berlin Heidelberg, 2009. 12-23.
Uludag, Umut, and Anil K. Jain. “Attacks on biometric systems: a case study in fingerprints.” Electronic Imaging 2004. International Society for Optics and Photonics, 2004, 12 pages.
Ratha, Nalini K., Jonathan H. Connell, and Ruud M. Bolle. “An analysis of minutiae matching strength.” Audio-and Video-Based Biometric Person Authentication. Springer Berlin Heidelberg, 2001, 7 pages.
Anthony J. Nicholson, “Mobile Device Security Using Transient Authentication,” IEEE Transactions on Mobile Computing vol. 5, No. 11, pp. 1489-1502 (Nov. 2006).
Mohammad O. Derawi, “Unobtrusive User-Authentication on Mobile Phones using Biometric Gait Recognition” (2010).
Koichiro Niinuma, Anil K. Jain, “Continuous User Authentication Using Temporal Information” (currently at http://www.cse.msu.edu/biometrics/Publications/Face/NiinumaJain_ContinuousAuth_SPIE10.pdf).
BehavioSec, “Measuring FAR/FRR/EER in Continuous Authentication,” Stockholm, Sweden (2009).
The Online Certificate Status Protocol (OCSP, RFC2560).
See current WikiPedia article for “Eye Tracking” at en.wikipedia.org/wiki/Eye_tracking.
(See Hartzell, “Crazy Egg Heatmap Shows Where People Click on Your Website” (Nov. 30, 2012), currently at www.michaelhartzell.com/Blog/bid/92970/Crazy-Egg-Heatmap-shows-where-people-click-on-your-website).
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US13/77888, dated Aug. 8, 2014, 10 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US14/39627, dated Oct. 16, 2014, 3 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US14/31344, dated Nov. 3, 2014, 8 pages.
Office Action from U.S. Appl. No. 14/066,384, dated Jan. 7, 2015, 24 pages.
Office Action from U.S. Appl. No. 14/145,439, dated Feb. 12, 2015, 18 pages.
Office Action from U.S. Appl. No. 14/145,533, dated Jan. 26, 2015, 13 pages.
Office Action from U.S. Appl. No. 14/145,607, dated Mar. 20, 2015, 22 pages.
Office Action from U.S. Appl. No. 14/218,551, dated Apr. 23, 2015, 9 pages.
Office Action from U.S. Appl. No. 14/218,575, dated Feb. 10, 2015, 17 pages.
Office Action from U.S. Appl. No. 14/066,273, dated May 8, 2015, 31 pages.
Notice of Allowance from U.S. Appl. No. 14/145,533, dated May 11, 2015, 5 pages.
Notice of Allowance from U.S. Appl. No. 14/145,439, dated Jul. 6, 2015, 6 pages.
Transmittal of International Preliminary Report on Patentability from foreign counterpart PCT/US2013/077888, dated Jul. 9, 2015, 7 pages.
Office Action from U.S. Appl. No. 14/268,733, dated Jul. 16, 2015, 13 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US2015/028924, dated Jul. 30, 2015, 10 pages.
Office Action from U.S. Appl. No. 14/218,575, dated Aug. 7, 2015, 19 pages.
Final Office Action from U.S. Appl. No. 14/066,384, dated Aug. 20, 2015, 23 pages.
Office Action from U.S. Appl. No. 14/268,619, dated Aug. 24, 2015, 17 pages.
Notice of Allowance from U.S. Appl. No. 14/145,607, dated Sep. 2, 2015, 19 pages.
Final Office Action from U.S. Appl. No. 14/218,551, dated Sep. 9, 2015, 15 pages.
Notice of Allowance from U.S. Appl. No. 14/145,533, dated Sep. 14, 2015, 13 pages.
Notice of Allowance from U.S. Appl. No. 14/448,697, dated Sep. 15, 2015, 14 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US2015/042785, dated Oct. 16, 2015, 8 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US2015/042799, dated Oct. 19, 2015, 13 pages.
Office Action from U.S. Appl. No. 14/448,641, dated Nov. 9, 2015, 21 pages.
Barker et al; “Recommendation for key management Part 3: Application-Specific Key Management Guidance”; NIST special Publication 800-57, pp. 1-103, Dec. 2009.
Office Action from U.S. Appl. No. 14/448,814, dated Aug. 4, 2015, 13 pages.
World Wide Web Consortium, W3C Working Draft: Media Capture and Streams (2013).
Office Action from U.S. Appl. No. 14/218,692, dated Nov. 4, 2015, 16 pages.
Notice of Allowance from U.S. Appl. No. 14/145,439, dated Oct. 28, 2015, 12 pages.
Schneier, B., “Biometrics: Uses and Abuses”. Aug. 1999. Inside Risks 110 (CACM 42, Aug. 8, 1999). http://www.schneier.com/essay-019.pdf.
Zhao, W., et al. “Face Recognition: A Literature Survey”. ACM Computing Surveys, vol. 35, No. 4. Dec. 2003, pp. 399-458.
Abate, A., et al., “2D and 3D face recognition: A survey”. Pattern Recognition Letters. 2007, 28, pp. 1885-1906.
GSM Arena. GSM Arena. [Online] Nov. 13, 2011. [Cited: Sep. 29, 2012.] http://www.gsmarena.com/ice_cream_sandwichs_face_unlock_duped_using_a_photograph-news-3377.php. Downloaded Aug. 18, 2015.
Wilson, R., James. Unbuntu Life, “How to Trick Google's New Face Unlock on Android 4.1 Jelly Bean”. Print Screen Mac. [Online] Aug. 6, 2012. [Cited: Sep. 28, 2012.] http://printscreenmac.info/how-to-trick-android-jelly-bean-face-unlock/. downloaded Aug. 13, 2015.
Phillips, P., J., et al., “Face Recognition Vendor Test 2002: Evaluation Report”. s.l. : NISTIR 6965, 2002. 56 pages. http://www.face-rec.org/vendors/FRVT_2002_ Evaluation_Report.pdf.
Phillips, P.J., et al., “FRVT 2006 and ICE 2006 Large-Scale Results”, NIST IR 7408. Gaithersburg : NIST, 2006. Mar. 29, 2007. pp. 1-55.
Grother, P.J., et al., NIST. Report on the Evaluation of 2D Still-Image Face Recognition Algorithms, NIST IR 7709. s.l. : NIST, 2011. Jun. 22, 2010. pp. 1-58.
Chakka, M., et al., “Competition on Counter Measures to 2-D Facial Spoofing Attacks”. 6 pages .2011. http://www.csis.pace.edu/˜ctappert/dps/IJCB2011/papers/130.pdf. 978-1-4577-1359-0/11.
Ratha, N., et al., IBM Thomas J. Watson Research Center. An Analysis of Minutiae Matching StrengthP. Hawthorne, NY 10532 : IBM. 7 pages. http://pdf.aminer.org/000/060/741/an_analysis_of_minutiae_matching_strength.pdf.
Roberts, C., “Biometric Attack Vectors and Defences”. Sep. 2006. 25 pages. http://otago.ourarchive.ac.nz/bitstream/handle/10523/1243/BiometricAttackVectors.pdf.
Pinto, A., et al., “Video-Based Face Spoofing Detection through Visual Rhythm Analysis”. Los Alamitos : IEEE Computer Society Conference Publishing Services, 2012. Conference on Graphics, Patterns and Images, 25. 8 pages.(SIBGRAPI). http://sibgrapi.sid.inpe.br/rep/sid.inpe.br/sibgrapi/2012/07.13.21.16?mirror=sid.inpe.br/banon/2001/03.30.15.38.24&metadatarepository=sid.inpe.br/sibgrapi/2012/07.13.21.16.53.
Li, J., et al., “Live Face Detection Based on the Analysis of Fourier Spectra”. Biometric Technology for Human Identification. 2004, pp. 296-303.
Tan, X., et al., “Face Liveness Detection from a Single Image with Sparse Low Rank Bilinear Discriminative Model”. s.l. : European Conference on Computer Vision, 2010. pp. 1-14.
Määttä, J., et al., “Machine Vision Group, University of Oulu”, Finland. “Face Spoofing Detection From Single Images Using Micro-Texture Analysis”. Oulu, Finland : IEEE, 2011. pp. 1-7. http://www.ee.oulu.fi/research/mvmp/mvg/files/pdf/131.pdf.
Heikkilä, M., et al., “A Texture-Based Method for Modeling the Background and Detecting Moving Objects”. Oulu : IEEE, Jun. 22, 2005. Draft. 16 pages. http://www.ee.oulu.fi/mvg/files/pdf/pdf_662.pdf.
Peng, Y., et al. “RASL: Robust Alignment by Sparse and Low-rank Decomposition for Linearly Correlated Images”. IEEE Conference on Computer Vision and Pattern Recognition. 2010, pp. 763-770. http://yima.csl.illinois.edu/psfile/RASL_CVPR10.pdf.
Kong, S., et al., “Recent advances in visual and infrared face recognition”—a review. Journal of Computer Vision and Image Understanding. Jun. 2005, vol. 1, 97, pp. 103-135.
Kollreider, K., et al., Halmstad University, SE-30118, Sweden. Evaluating Liveness by Face Images and the Structure Tensor. Halmstad, Sweden : s.n., 2005. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.62.6534&rep=rep1&type=pdf.
Smiatacz, M., et al., Gdansk University of Technology. Liveness Measurements Using Optical Flow for Biometric Person Authentication. Metrology and Measurement Systems. 2012, vol. XIX, 2. pp. 257-268.
Bao, W., et al., et al.,“A liveness detection method for face recognition based on optical flow field”. Image Analysis and Signal Processing, IASP 2009. Apr. 11-12, 2009, pp. 233-236. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5054589&isnumber=5054562.
Pan, G., et al., “Liveness Detection for Face Recognition”. Recent Advances in Face Recognition. Vienna : I-Tech, 2008, Ch. 9, pp. 109-124, ISBN: 978-953-7619-34-3.
National Science & Technology Council's Subcommittee on Biometrics. Biometrics Glossary. 33 pages, Last updated Sep. 14, 2006. NSTC. http://www.biometrics.gov/documents/glossary.pdf.
Ross, A., et al. “Multimodal Biometrics: An Overview”. Proceedings of 12th European Signal Processing Conference (EUSIPCO). Sep. 2004, pp. 1221-1224. http://www.csee.wvu.edu/˜ross/pubs/RossMultimodalOverview _EUSIPCO04.pdf.
Rodrigues, R.N., et al. Robustness of multimodal biometric fusion methods against spoof attacks. Journal of Visual Language and Computing. 2009. 11 pages, doi:10.1016/j.jvlc.2009.01.010; http://cubs.buffalo.edu/govind/papers/visual09.pdf.
Akhtar, Z., et al., “Spoof Attacks on Multimodal Biometric Systems”. Alfarid. Singapore : IACSIT Press, Singapore, 2011. 2011 International Conference on Information and Network Technology IPCSIT. vol. 4. pp. 46-51. http://www.ipcsit.com/vol4/9-ICINT2011T046.pdf.
Hernandez, T., “But What Does It All Mean? Understanding Eye-Tracking Results (Part 3)”, Sep. 4, 2007, 2 pages. EyeTools. Part III: What is a heatmap . . . really? [Online] [Cited: Nov. 1, 2012.] http://eyetools.com/articles/p3-understanding-eye-tracking-what-is-a-heatmap-really.
Nielsen, Jakob. useit.com. Jakob Nielsen's Alertbox—Scrolling and Attention. [Online] Mar. 22, 2010. [Cited: Nov. 1, 2012.] 6 pages. http://www.useit.com/alertbox/scrolling-attention.html.
Nielsen, Jakib. useit.com. Jakob Nielsen's Alertbox—Horizontal Attention Leans Left. [Online] Apr. 6, 2010. [Cited: Nov. 1, 2012.] 4 pages. http://www.useit.com/alertbox/horizontal-attention.html.
Lubin, G., et al., Business Insider. “16 Heatmaps That Reveal Exactly Where People Look”. [Online] May 21, 2012. [Cited: Nov. 1, 2012.] pp. 1-21. http://www.businessinsider.com/eye-tracking-heatmaps-2012-5?op=1.
Huang, L., et al., “Clickjacking: Attacks and Defenses”. s.l. : Usenix Security 2012, pp. 1-16, 2012. https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final39.pdf.
Willis, N., Linux.com. Weekend Project: Take a Tour of Open Source Eye-Tracking Software. [Online] Mar. 2, 2012. [Cited: Nov. 1, 2012.] https://www.linux.com/learn/tutorials/550880-weekend-project-take-a-tour-of-open-source-eye-tracking-software.
Chetty, G. School of ISE, University of Canberra, Australia. “Multilevel liveness verification for face-voice biometric authentication”. BYSM-2006 Symposium. Baltimore: BYSM-Symposium, 9 pages. Sep. 19, 2006. http://www.biometrics.org/bc2006/presentations/Tues_Sep_19/BSYM/19_Chetty_research.pdf.
Tresadern, P., et al., “Mobile Biometrics (MoBio): Joint Face and Voice Verification for a Mobile Platform”. 2012. http://personal.ee.surrey.ac.uk/Personal/Norman.Poh/data/tresadern_PervComp2012 _draft.pdf.
Jafri, R., et al., “A Survey of Face Recognition Techniques. Journal of Information Processing Systems”, vol. 5, No. 2, Jun. 2009. Jun. 2009, vol. 5, 2, pp. 41-68. http://www.cosy.sbg.ac.at/˜uhl/face_recognition.pdf.
Himanshu, et al., “A Review of Face Recognition”. International Journal of Research in Engineering & Applied Sciences. Feb. 2012, vol. 2, 2, pp. 835-846. http://euroasiapub.org/IJREAS/Feb2012/81.pdf.
Phillips, P. J., et al., “Biometric Image Processing and Recognition”. Chellappa. 1998. Eusipco .8 pages.
Zhou, et al., “Face Recognition from Still Images and Videos”. University of Maryland, College Park, MD 20742. Maryland : s.n., Nov. 5, 2004.pp. 1-23, http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.77.1312&rep=rep1&type=pdf.
Quinn, G.W., et al., NIST. “Performance of Face Recognition Algorithms on Compressed Images”, NIST Inter Agency Report 7830. s.l. : NIST, Dec. 4, 2011.
The Extended M2VTS Database. [Online] [Cited: Sep. 29, 2012.] downloaded Jan. 28, 2015, 1 page; http://www.ee.surrey.ac.uk/CVSSP/xm2vtsdb/.
Ratha, N. K., et al., IBM. “Enhancing security and privacy in biometrics-based authentication systems”. IBM Systems Journal. 2001, vol. 40, 3. pp. 614-634.
Schuckers, S., Schuckers SAC. “Spoofing and Anti-Spoofing Measures”. Information Security Technical Report. Dec. 10, 2002, vol. 7, 4., pp. 56-62.
Schwartz, W., et al., “Face Spoofing Detection through Partial Least Squares and Low-Level Descriptors”. s.l. : Intl. Joint Conference on Biometrics 2011. pp. 1-8.
Edited by Kresimir Delac, Mislav Grgic and Marian Stewart Bartlett. s.l. : InTech, Jun. 1, 2008. http://cdn.intechopen.com/finals/81/InTech-Recent_advances_ in_face_recognition.zip. ISBN 978-953-7619-34-3. Uploaded as Chapters 1-15.
Pan, G., et al., “Monocular camera-based face liveness detection by combining eyeblink and scene context” pp. 215-225. s.l. : Springer Science+Business Media, LLC, Aug. 4, 2010. http://www.cs.zju.edu.cn/˜gpan/publication/2011-TeleSys-liveness.pdf.
Tronci, R, et al., “Fusion of multiple clues for photo-attack detection in face recognition systems”. 09010 Pula (CA), Italy : s.n., 2011. pp. 1-6. http://prag.diee.unica.it/pra/system/files/Amilab_IJCB2011.pdf.
Rocha, A., et al., “Vision of the Unseen: Current Trends and Challenges in Digital Image and Video Forensics”. s.l. : ACM Computing Surveys, 2010. http://www.wjscheirer.com/papers/wjs_csur2011_forensics.pdf.
Linux.com, The source for Linux information. 2012. 3 pages, downloaded Jan. 28, 2015.
Kollreider, K., et al., “Non-instrusive liveness detection by face images”. Image Vis. Comput. (2007). doi:10.1016/j.imavis.2007.05.004, Received Feb. 18, 2006, received in revised form, Jan. 24, 2007 and accepted May 22, 2007. 12 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US2015/042870, dated Oct. 30, 2015, 9 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US2015/42827, dated Oct. 30, 2015, 9 pages.
Validity, OSTP Framework, 24 pages, 2010.
Notice of Allowance from U.S. Appl. No. 14/268,686, dated Nov. 5, 2015, 23 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US15/50348, dated Dec. 22, 2015, 9 pages.
Office Action from U.S. Appl. No. 14/448,868, dated Dec. 3, 2015, 15 pages.
Office Action from U.S. Appl. No. 14/487,992, dated Dec. 31, 2015, 12 pages.
Final Office Action from U.S. Appl. No. 14/268,619, dated Dec. 14, 2015, 10 pages.
Notification of Transmittal of International Search Report and Written Opinion from PCT/US2015/028927, dated Jul. 30, 2015, 12 pages.
Transmittal of International Preliminary Report on Patentability from foreign counterpart PCT Patent Application No. PCT/US2014/039627 dated Dec. 10, 2015, 8 pages.
Notice of Allowance from U.S. Appl. No. 14/448,697, dated Jan. 14, 2016, 23 pages.
Final Office Action from U.S. Appl. No. 14/268,733, dated Jan. 15, 2016, 14 pages.
Notice of Allowance from U.S. Appl. No. 14/145,533, dated Jan. 20, 2016, 12 pages.
Office Action from U.S. Appl. No. 14/218,743, dated Jan. 21, 2016, 12 pages.
Office Action from U.S. Appl. No. 14/218,551, dated Jan. 21, 2016, 11 pages.
Office Action from U.S. Appl. No. 14/218,575, dated Jan. 29, 2016, 25 pages.
Transmittal of International Preliminary Report on Patentability from foreign counterpart PCT Patent Application No. PCT/US2014/031344 dated Oct. 1, 2015, 9 pages.
Notice of Allowance from U.S. Appl. No. 14/145,607, dated Feb. 1, 2016, 28 pages.
Final Office Action from U.S. Appl. No. 14/448,814, dated Feb. 16, 2016, 14 pages.
Final Office Action from U.S. Appl. No. 14/066,273, dated Feb. 11, 2016, 29 pages.
Final Office Action from U.S. Appl. No. 14/218,692, dated Mar. 2, 2016, 24 pages.
Final Office Action from U.S. Appl. No. 14/218,646, dated Mar. 2, 2016, 23 pages.
Notice of Allowance from U.S. Appl. No. 14/145,439, dated Mar. 14, 2016, 17 pages.
Notice of Allowance from U.S. Appl. No. 14/066,384, dated Mar. 17, 2016, 40 pages.
Office Action from U.S. Appl. No. 14/268,619, dated Mar. 21, 2016, 7 pages.
Notice of Allowance from U.S. Appl. No. 14/268,686, dated Mar. 30, 2016, 38 pages.
Non-Final Office Action from U.S. Appl. No. 14/859,328 dated Sep. 15, 2016, 39 pages.
Notice of Allowance from U.S. Appl. No. 14/487,992 dated May 12, 2016, 11 pages.
Notice of Allowance from U.S. Appl. No. 14/218,551, dated Feb. 8, 2017, 8 pages.
Notice of Allowance from U.S. Appl. No. 13/730,761 dated Jun. 10, 2015, 15 pages.
Notice of Allowance from U.S. Appl. No. 13/730,761 dated Sep. 28, 2015, 5 pages.
Notice of Allowance from U.S. Appl. No. 13/730,776 dated Feb. 13, 2015, 16 pages.
Notice of Allowance from U.S. Appl. No. 13/730,776 dated Mar. 24, 2015, 3 pages.
Notice of Allowance from U.S. Appl. No. 13/730,780 dated Aug. 13, 2015, 13 pages.
Notice of Allowance from U.S. Appl. No. 13/730,791 dated Mar. 10, 2015, 17 pages.
Notice of Allowance from U.S. Appl. No. 13/730,795 dated Jan. 14, 2016, 11 pages.
Notice of Allowance from U.S. Appl. No. 13/730,795 dated May 15, 2015, 8 pages.
Notice of Allowance from U.S. Appl. No. 13/730,795 dated Sep. 17, 2015, 11 pages.
Notice of Allowance from U.S. Appl. No. 14/066,384 dated Sep. 27, 2016, 19 pages.
Notice of Allowance from U.S. Appl. No. 14/218,551 dated Feb. 8, 2017, 56 pages.
Notice of Allowance from U.S. Appl. No. 14/218,551 dated Mar. 1, 2017, 7 pages.
Notice of Allowance from U.S. Appl. No. 14/268,619 dated Oct. 3, 2016, 65 pages.
Notice of Allowance from U.S. Appl. No. 14/268,619 dated Jul. 19, 2016, 5 pages.
Notice of Allowance from U.S. Appl. No. 14/268,686 dated Apr. 18, 2016, 16 pages.
Notice of Allowance from U.S. Appl. No. 14/268,686 dated Jul. 8, 2016, 4 pages.
Notice of Allowance from U.S. Appl. No. 14/268,733 dated Sep. 23, 2016, 8 pages.
Notice of Allowance from U.S. Appl. No. 14/268,733 dated Jan. 20, 2017, 62 pages.
Notice of Allowance from U.S. Appl. No. 14/448,641 dated Jun. 7, 2016, 13 pages.
Notice of Allowance from U.S. Appl. No. 14/448,697 dated May 20, 2016, 14 pages.
Notice of Allowance from U.S. Appl. No. 14/448,697 dated Sep. 1, 2016, 3 pages.
Notice of Allowance from U.S. Appl. No. 14/448,868, dated Mar. 23, 2017, 57 pages.
Notice of Allowance from U.S. Appl. No. 14/487,992 dated Dec. 27, 2016, 28 pages.
Notice of Allowance from U.S. Appl. No. 14/487,992 dated Sep. 6, 2016, 26 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US2015/042786, dated Oct. 16, 2015, 8 pages.
Notification of Transmittal of the International Search Report and the Written Opinion from counterpart Patent Cooperation Treaty Application No. PCT/US2015/42783, dated Oct. 19, 2015, 13 pages.
Office Action from foreign counterpart Taiwan Patent Application No. 102148853, dated Feb. 17, 2017, 9 pages.
Partial Supplementary European Search Report from European Patent Application No. 14770682.4, dated Oct. 14, 2016, 8 pages.
Requirement for Restriction/Election from U.S. Appl. No. 14/218,504 dated Aug. 16, 2016, 11 pages.
Supplementary Partial European Search Report for Application No. 13867269, dated Aug. 3, 2016, 7 pages.
T. Weigold et al., “The Zurich Trusted Information Channel—An Efficient Defence against Man-in-the-Middle and Malicious Software Attacks,” P. Lipp, A.R. Sadeghi, and K.M. Koch, eds., Proc. Trust Conf. (Trust 2008), LNCS 4968, Springer-Verlag, 2008, pp. 75-91.
Vassilev, A.T.; du Castel, B.; Ali, A.M., “Personal Brokerage of Web Service Access,” Security & Privacy, IEEE , vol. 5, No. 5, pp. 24-31, Sep.-Oct. 2007.
Zhang, “Security Verification of Hardware-enabled Attestation Protocols,” IEEE, 2012, pp. 47-54.
Advisory Action from U.S. Appl. No. 13/730,791 dated Jan. 23, 2015, 4 pages.
Brickell, E., et al., Intel Corporation; Jan Camenish, IBM Research; Liqun Chen, HP Laboratories. “Direct Anonymous Attestation”. Feb. 11, 2004, pp. 1-28 [online]. Retrieved from the Internet: URL:https://eprint.iacr.org/2004/205.pdf.
Communication pursuant to Rules 161(2) and 162 EPC for EP Application No. 15826364.0, dated Mar. 7, 2017, 2 pages.
Dawei Zhang; Peng Hu, “Trusted e-commerce user agent based on USB Key”, Proceedings of the International MultiConference of Engineers and Computer Scientists 2008 vol. I, IMECS 2008, Mar. 19-21, 2008, Hong Kong, 7 pages.
Doherty, et al., Internet Engineering Task Force (IETF), “Dynamic Symmetric Key Provisioning Protocol (DSKPP)”, Dec. 2010, 105 pages.
Extended European Search Report for Application No. 13867269, dated Nov. 4, 2016, 10 pages.
Extended European Search Report for Application No. 14803988.6, dated Dec. 23, 2016, 10 pages.
Extended European Search Report from European Patent Application No. 14770682.4, dated Jan. 17, 2017, 14 pages.
Final Office Action from U.S. Appl. No. 13/730,761 dated Jan. 15, 2015, 31 pages.
Final Office Action from U.S. Appl. No. 13/730,761 dated Jul. 8, 2014, 36 pages.
Final Office Action from U.S. Appl. No. 13/730,776 dated Nov. 3, 2014, 20 pages.
Final Office Action from U.S. Appl. No. 13/730,780 dated Jan. 27, 2015, 30 pages.
Final Office Action from U.S. Appl. No. 13/730,780 dated May 12, 2014, 34 pages.
Final Office Action from U.S. Appl. No. 13/730,791 dated Nov. 13, 2014, 22 pages.
Final Office Action from U.S. Appl. No. 13/730,795 dated Aug. 14, 2014, 20 pages.
Final Office Action from U.S. Appl. No. 14/218,551 dated Sep. 16, 2016, 11 pages.
Final Office Action from U.S. Appl. No. 14/218,575 dated Jul. 7, 2016, 29 pages.
Final Office Action from U.S. Appl. No. 14/218,611, dated Jan. 27, 2017, 14 pages.
Final Office Action from U.S. Appl. No. 14/218,646 dated Aug. 11, 2016, 25 pages.
Final Office Action from U.S. Appl. No. 14/218,692 dated Feb. 28, 2017, 27 pages.
Final Office Action from U.S. Appl. No. 14/218,743 dated Mar. 3, 2017, 67 pages.
Final Office Action from U.S. Appl. No. 14/448,747, dated Feb. 13, 2017, 74 pages.
Final Office Action from U.S. Appl. No. 14/448,814 dated Jun. 14, 2016, 17 pages.
Final Office Action from U.S. Appl. No. 14/448,868 dated Aug. 19, 2016, 11 pages.
Final Office Action from U.S. Appl. No. 14/859,328 dated Mar. 6, 2017, 26 pages.
International Preliminary Report on Patentability for Application No. PCT/US2015/028924 dated Nov. 17, 2016, 9 pages.
International Preliminary Report on Patentability for Application No. PCT/US2015/028927 dated Nov. 17, 2016, 10 pages.
Julian J., et al., “Biometric Enabled Portable Trusted Computing Platform,” Trust Security and Privacy in Computing and Communications (TRUSTCOM), 2011 IEEE 10th International Conference on Nov. 16, 2011, pp. 436-442, XP032086831, DOI:10.1109/TRUSTCOM.2011.56, ISBN: 978-1-4577-2135-9.
Non-Final Office Action from U.S. Appl. No. 13/730,761 dated Feb. 27, 2014, 24 pages.
Non-Final Office Action from U.S. Appl. No. 13/730,761 dated Sep. 9, 2014, 36 pages.
Non-Final Office Action from U.S. Appl. No. 13/730,776 dated Jul. 15, 2014, 16 pages.
Non-Final Office Action from U.S. Appl. No. 13/730,780 dated Aug. 4, 2014, 30 pages.
Non-Final Office Action from U.S. Appl. No. 13/730,780 dated Mar. 12, 2014, 22 pages.
Non-Final Office Action from U.S. Appl. No. 13/730,791 dated Jun. 27, 2014, 17 pages.
Non-Final Office Action from U.S. Appl. No. 13/730,795 dated Jan. 5, 2015, 19 pages.
Non-Final Office Action from U.S. Appl. No. 13/730,795 dated Jun. 11, 2014, 14 pages.
Non-Final Office Action from U.S. Appl. No. 14/145,466 dated Sep. 9, 2016, 13 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,504, dated Feb. 27, 2017, 12 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,551 dated May 12, 2016, 11 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,611 dated Jun. 16, 2016, 13 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,646 dated Mar. 10, 2016, 23 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,646, dated Mar. 27, 2017, 24 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,677 dated Aug. 2, 2016, 15 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,677, dated Feb. 10, 2017, 18 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,692 dated Oct. 25, 2016, 33 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,743 dated Aug. 19, 2016, 11 pages.
Non-Final Office Action from U.S. Appl. No. 14/448,747 dated Aug. 19, 2016, 21 pages.
Non-Final Office Action from U.S. Appl. No. 14/448,814 dated Apr. 5, 2017, 57 pages.
Non-Final Office Action from U.S. Appl. No. 14/448,868 dated Dec. 31, 2015, 12 pages.
Non-Final Office Action from U.S. Appl. No. 14/487,992 dated Dec. 3, 2015, 15 pages.
Final Office Action from U.S. Appl. No. 14/218,575, dated Jul. 31, 2017, 42 pages.
First Office Action and Search Report from foreign counterpart China Patent Application No. 201480025959.9, dated Jul. 7, 2017, 10 pages.(Translation available only for Office Action).
International Preliminary Report on Patentability for Application No. PCT/US2015/042786, dated Feb. 9, 2017, 7 pages.
International Preliminary Report on Patentability for Application No. PCT/US2015/042799, dated Feb. 9, 2017, 7 pages.
International Preliminary Report on Patentability for Application No. PCT/US2015/042870, dated Feb. 9, 2017, 8 pages.
International Preliminary Report on Patentability for Application No. PCT/US2015/050348, dated Mar. 30, 2017, 7 pages.
International Preliminary Report on Patentability for Application No. PCT/US2015/42783, dated Feb. 9, 2017, 12 pages.
International Preliminary Report on Patentability for Application No. PCT/US2015/42827, dated Feb. 9, 2017, 6 pages.
Martins R A., et al., “A Potpourri of Authentication Mechanisms the Mobile Device Way,” CISTI, Jan. 2013, pp. 843-848.
Non-Final Office Action from U.S. Appl. No. 14/218,743, dated Aug. 2, 2017, 24 pages.
Non-Final Office Action from U.S. Appl. No. 14/859,328, dated Jul. 14, 2017, 29 pages.
Non-Final Office action from U.S. Appl. No. 15/595,460, dated Jul. 27, 2017, 09 pages.
Notice of Allowance from U.S. Appl. No. 14/066,384, dated Jul. 26, 2017, 20 pages.
Notice of Allowance from U.S. Appl. No. 14/218,551, dated Aug. 16, 2017, 24 pages.
Notice of Allowance from U.S. Appl. No. 14/448,747, dated Jun. 20, 2017, 14 pages.
Notice of Allowance from U.S. Appl. No. 14/448,868, dated Jun. 26, 2017, 14 pages.
Notice of Allowance from U.S. Appl. No. 14/487,992, dated Jul. 17, 2017, 8 pages.
Notice of Allowance from U.S. Appl. No. 14/487,992, dated Jun. 14, 2017, 14 pages.
Final Office Action from U.S. Appl. No. 14/145,466, dated Apr. 13, 2017, 61 pages.
Kim et al., “Secure User Authentication based on the Trusted Platform for Mobile Devices,” EURASIP Journal on Wireless Communications and Networking, pp. 1-15.
Non-Final Office Action from U.S. Appl. No. 14/218,575, dated May 4, 2017, 88 pages.
Non-final Office Action from U.S. Appl. No. 14/268,563, dated Apr. 21, 2017, 83 pages.
Notice of Allowance from U.S. Appl. No. 14/066,384, dated May 23, 2017, 50 pages.
Notice of Allowance from U.S. Appl. No. 14/448,868, dated Apr. 27, 2017, 62 pages.
Notice of Allowance from U.S. Appl. No. 14/487,992, dated Apr. 12, 2017, 14 pages.
TechTarget, What is network perimeter? Definition from WhatIs.com downloaded from http://searchnetworking.techtarget.com/definition/network-perimeter on Apr. 14, 2017, 5 pages.
Extended European Search Report for Application No. 15786487.7, dated Oct. 23, 2017, 8 pages.
Final Office Action from U.S. Appl. No. 14/218,504, dated Sep. 12, 2017, 83 pages.
Final Office Action from U.S. Appl. No. 14/218,646, dated Sep. 27, 2017, 81 pages.
Final Office Action from U.S. Appl. No. 14/218,677, dated Sep. 28, 2017, 16 pages.
Final Office Action from U.S. Appl. No. 14/268,563, dated Nov. 3, 2017, 46 pages.
Final Office Action from U.S. Appl. No. 14/448,814 dated Oct. 6, 2017, 24 pages.
First Office Action and Search Report from foreign counterpart China Patent Application No. 201380068869.3, dated Sep. 19, 2017, 15 pages. (translation available only for office action).
Non-Final Office Action from U.S. Appl. No. 14/218,611, dated Sep. 19, 2017, 76 pages.
Non-Final Office Action from U.S. Appl. No. 14/218,692, dated Sep. 19, 2017, 37 pages.
Non-Final Office Action from U.S. Appl. No. 15/396,452 dated Oct. 13, 2017, 76 pages.
What is network perimeter?—Definition from WhatIs.com, Tech Target, Posted by: Margaret Rouse downloaded from http://searchnetworking.techtarget.com/definition/network-perimeter on Apr. 14, 2017, 5 pages.
Extended European Search Report for Application No. 15786796.1, dated Nov. 3, 2017, 9 pages.
Extended European Search Report for Application No. 15826660.1, dated Nov. 16, 2017, 9 pages.
Extended European Search Report for Application No. 15827334.2, dated Nov. 17, 2017, 8 pages.
International Search Report and Written Opinion for Application No. PCT/US2017/045534, dated Nov. 27, 2017, 14 pages.
Kim H.C., et al., “A Design of One-Time Password Mechanism Using Public Key Infrastructure,” Networked Computing and Advanced Information Management, 2008, NCM'08, 4th International Conference on IEEE, Sep. 2, 2008, pp. 18-24.
Notice of Allowance from U.S. Appl. No. 14/066,384, dated Dec. 1, 2017, 23 pages.
Notice of Allowance from U.S. Appl. No. 14/218,551, dated Dec. 13, 2017, 13 pages.
Notice of Allowance from U.S. Appl. No. 14/448,868, dated Nov. 17, 2017, 15 pages.
Office Action and Search Report from foreign counterpart Chinese Patent Application No. 201480031042.X, dated Dec. 4, 2017, 20 pages.
Starnberger G., et al., “QR-TAN: Secure Mobile Transaction Authentication,” Availability, Reliability and Security, 2009, ARES'09, International Conference on IEEE, Mar. 16, 2009, pp. 578-585.
Uymatiao M.L.T., et al., “Time-based OTP authentication via secure tunnel (TOAST); A mobile TOTP scheme using TLS seed exchage and encrypted offline keystore,” 2014 4th IEEE International Conference on Information Science and Technology, IEEE, Apr. 26, 2014, pp. 225-229.

Related Publications (1)

	Number	Date	Country
	20160241552 A1	Aug 2016	US

Provisional Applications (1)

	Number	Date	Country
	61829081	May 2013	US

System and method for biometric authentication with device attestation

Information

Patent Number

Date Filed

Date Issued

Inventors

Original Assignees

Examiners

Agents

CPC

Field of Search

US

CPC

International Classifications

Disclaimer

Abstract