Technical Field

The present disclosure generally relates to a technique for authenticating an access. More specifically, and without limitation, methods and devices are provided for determining an unauthenticated and/or unauthorized access at an access region.

Background

In some densely populated areas, such as crowded public transportation or popular places, pickpocketing can be a prevalent crime. Valuables including cash or documents can be stolen from a pocket of a victim without being noticed.

Existing techniques for protection against this type of theft are often quite

inconvenient. They involve physical locking mechanisms or wearing the valuables at hard to access locations, for example underneath clothing. Access to the valuables can then become an effort for the owner, which is very inconvenient if the valuables include, for example, a wallet that is often accessed for payments or for showing an identification card.

Further existing techniques include electronic assistant systems that require pairing the valuable with a radio-enabled device, e.g., a smartphone. When the wallet and the device are separated from each other, an alarm is raised. While such a technique may be used as a basic theft protection, the alarm might be signaled too late, i.e., when the valuable is already gone. Hence, such a technique rather provides protection against forgetting the valuable than preventing theft.

Summary

Accordingly, there is a need for a technique that achieves a balance between immediate protection and convenience of usage.

As to one aspect, a method of assessing authentication for an access at an access region is provided. The method comprises or triggers a step of receiving a first signal through a first communication channel; a step of measuring a second signal at the access region; and a step of assessing the authentication for the access at the access region depending on the first signal and the second signal and/or reporting on a result of the assessment.

In at least some embodiments, by receiving the first signal and measuring the second signal at the access region, the authentication or authenticity of an accessor can be assessed without interrupting the access, e.g., in the case of a positive result of the assessment. The assessment can be completed as the access occurs in same or further embodiments, so that a theft may be exposed to an alarm signal in flagrante delicto.

The technique can be implemented as a wearable theft protection. The method may be implemented at the access region, e.g., in clothes and/or at a pocket.

Assessing the authentication may include assessing the authorization of the accessor. By way of example, the first signal may be associated with an authorized person. The second signal may be associated with the accessor. By comparing the first signal, as received through the first communication channel, and the second signal, as measured at the access region, the assessment may determine whether or not the accessor is authorized, e.g., by determining whether or not the accessor is equal to or associated with the authorized person.

The alarm signal may be triggered when a not authorized accessor (e.g., a hand of a thief) tries to access the access region (e.g., by entering a pocket as the access region). As an exemplary consequence, the tried theft does not go unnoticed. The alarm can scare the thief away or expose the theft to a user and/or everybody around.

The method may be implemented directly at the access region or in the vicinity of the access region. The method may be performed by an access control device, e.g., located at the access region. The method may be implemented for protecting or surveilling the access region (e.g., the pocket).

The access control device may also be referred to as a local theft protection device or an authentication device. The access control device may comprise one or more sensors and/or one or more actuators, e.g., built into or woven in clothes. The access control device may be the only additional hardware needed for implementing the technique. Alternatively or in addition, one or more of the steps of the method and/or complementary steps may be performed (e.g., partly or completely) at another device. The other device may be in communication with the access control device, e.g., through the first communication channel. The other device may generate a secret. The secret may be distributed to the access control device by means of the first signal through the first communication channel.

The other device may be a wearable device. For example, at least one of the step of assessing the authentication, logic for implementing the method, logic for theft protection, means for notifying the alarm and an interface for communicating with the user may be implemented at the wearable device. To this end, aspects of the technique can be implemented at the wearable device using software or apps, e.g., on available devices such as phones or smartwatches.

By implementing at least some of the steps or logic by means of a wearable device, the access control device can be lightweight, cost-efficient and/or energy-efficient.

The first signal may also be referred to as a reference signal. The second signal may also be referred to as a measurement signal. The first signal may be received before or after the second signal is measured.

The first communication channel may include an optical communication channel or a radio communication channel. The first communication channel may include at least one of an electric cable and an optical fiber. Alternatively or in addition, the first communication channel may include a freely propagating electromagnetic wave.

The first communication channel may be encrypted. The first signal may be communicated through the first communication channel using end-to-end encryption.

The second signal may propagate to the access region through a second

communication channel. The first communication channel may be different from the second communication channel. The second communication channel may include a communication link through a human body (e.g., the body of the user or the authorized person). The communication link through the body may also be referred to as a body link. The body link may connected the wearable device (e.g., a smartwatch) to the access control device. The body link may include, or originate from, a transmitter in contact with skin of the user, e.g., a backside of a wearable device (e.g., a smartwatch). The user may be authorized for accessing the access region, e.g., by virtue of the second signal.

The second signal may be measured at one or more limbs entering the access region. The one or more limbs may include a hand and/or one or more fingers.

Measuring the second signal may include coupling the one or more limbs to a receiver. The second signal may be, or may be based on, an electric, magnetic and/or electromagnetic signal.

The step of measuring the second signal may include measuring a voltage induced at the access region. The step of measuring the second signal may include measuring a voltage at the limb, e.g., relative to ground. Alternatively or in addition, the voltage may be an electromotive force induced in a circumference of the limb of the body. The second signal may propagate by means of a magnetic field through the body.

Alternatively or in addition, the first communication channel may include a communication link through a body of a user. For example, the first communication channel may include a body link (e.g., as described above).

The second signal may not propagate to the access region though any channel at all or may not propagate to the access region though a channel existing at the time of measuring the second signal. For example, the step of measuring the second signal may include scanning one or more fingerprints at the access region. Alternatively or in addition, the first signal may be indicative of at least one of a reference gesture and a reference fingerprint. The second signal may be caused by, may correspond to or may be indicative of a gesture performed by the one or more limbs.

The gesture (e.g., as indicated by the second signal) and/or the reference gesture (e.g., as indicated by the first signal) may relate to a number of fingers entering the access region and/or a number of bent fingers or straight fingers at the access region. The step of measuring the second signal may include measuring the number of fingers entering the access region and/or the number of bent fingers or straight fingers at the access region. The reference gesture indicated by the first signal may be a gesture that is to be expressed upon reaching into or accessing the access region. The user may be informed of the gesture to be expressed by means of the wearable device. The gesture indicated by the second signal may also be referred to as an entrance gesture or access gesture that is measured upon reaching into or accessing the access region.

Assessing the authentication for the access may include analyzing the second signal using the first signal. The analysis may include assessing a relationship between the first signal and the second signal. The second signal (e.g., a time series thereof) may be convoluted with the first signal (e.g., a time series thereof)- The second signal may be analyzed at the access control device and/or at the access region.

Alternatively or in combination, the wearable device may analyze the second signal.

A lack of authentication may be determined in the assessment and/or as a result of the assessment. The lack of authentication may be determined, if the second signal does not correspond to the first signal.

The method may further comprise or trigger a step of detecting an access to the access region. The access may relate to the one or more limbs accessing (e.g., contacting or entering) the access region. Detecting the access may include detecting the presence of the limb in or at the access region. The method may further comprise a step of reporting the access through the first communication channel.

The access may be detected by means of a first array of field sources arranged at the access region and/or a second array of field couplers arranged at the access region. Each of the field couplers may face one of the field sources. The field sources may include light sources or magnets (e.g., coils or permanent magnets). The field couplers may include light receivers or inductors.

The access may be detected by means of a first conductor arranged at the access region and a second conductor arranged at the access region. The second conductor may be configured to contact the first conductor in the absence of the access and/or to dissociate from the first conductor due to the access. Alternatively or in addition, the access may be detected by measuring strain and/or tension at the access region.

The access may be detected at, and/or the means for the detection may be arranged at, an entrance or border of the access region. Alternatively or in addition, the access may be detected by the presence of the second signal. The first signal may be received upon a request. The first signal may be received from the wearable device. The request may be sent from the access control device. The request may be sent in response to the detection of the access. Alternatively or in addition, the second signal may be measured in response to receiving the first signal or detecting the access.

The first communication channel may be bidirectional, e.g., between the access control device and the wearable device. The request may be sent through the first communication channel. Alternatively or in addition, the result of the assessment may be reported through the first communication channel.

The access region may be defined by at least one of an area, a cross-section, a surface area, a volume and an interior. The access may be detected when the limb approaches, crosses or contacts the area and/or enters the volume. The access region may be a pocket (e.g., of a coat, jacket or trousers). Alternatively or in addition, the access region may be a door or a door handle (e.g., of a car, a room or a house).

The second signal may be induced by the wearable device. The wearable device may be spaced apart from the access region. The access control device may be integrated in clothes of the user. The wearable device may be arranged or arrangeable at the body of the user. The wearable device may include the transmitter in contact with the skin of the user.

The wearable device may induce the second signal by indicating the number of fingers to the user, e.g., on a display. Alternatively or in addition, the wearable device may induce the second signal by applying an electric and/or magnetic field to the body (e.g., the skin or another limb) of the user.

The second signal may be induced according to a modulation scheme. The wearable device may generate and/or output a source signal (e.g., at the transmitter) according to the modulation scheme. The first signal may be indicative of the modulation scheme.

At least one of the first signal and the second signal may be received from the wearable device. The first communication channel may connect the wearable device and the access control device, e.g., for control signaling. As to another aspect, a method of assessing authentication for an access at an access region is provided. The method comprises or triggers a step of sending a first signal through a first communication channel; a step of inducing a second signal at the access region; and a step of assessing the authentication for the access at the access region depending on the first signal and the second signal and/or receiving a report on a result of the assessment.

The method may further include any steps, corresponding steps or features disclosed in the context of the one method aspect.

As to a further aspect, a computer program product is provided. The computer program product comprises program code portions for performing any one of the steps of the method aspects disclosed herein when the computer program product is executed by one or more computing devices. The computer program product may be stored on a computer-readable recording medium. The computer program product may also be provided for download via a data network, e.g., a mobile

telecommunications network and/or the Internet.

As to a further aspect, a device for assessing authentication for an access at an access region is provided. The device comprises a receiving unit configured to receive a first signal through a first communication channel; a measuring unit configured to measure a second signal at the access region; and an assessing unit configured to assess the authentication for the access at the access region

depending on the first signal and the second signal and/or to report on a result of the assessment.

Alternatively or in addition, the device is configured to, or comprises units configured to, perform or trigger any of the steps of the one method aspect.

As to a still further aspect, a device for assessing authentication for an access at an access region is provided. The device comprises a sending unit configured to send a first signal through a first communication channel; an inducing unit configured to induce a second signal at the access region; and an assessing unit configured to assess the authentication for the access at the access region depending on the first signal and the second signal and/or to receive a report on a result of the assessment.

Alternatively or in addition, the device is configured to, or comprises units configured to, perform or trigger any of the steps of the other method aspect. As to a still further aspect, an access control device for assessing authentication for an access at an access region is provided. The access control device may comprise a reception module for receiving a first signal through a first communication channel; a measurement module for measuring a second signal at the access region; and an assessment module for assessing the authentication for the access at the access region depending on the first signal and the second signal and/or for reporting on a result of the assessment.

Alternatively or in addition, the access control device is configured to, or comprises modules configured to, perform or trigger any of the steps of the one method aspect.

As to a still further aspect, a wearable device for assessing authentication for an access at an access region is provided. The wearable device comprises a send module for sending a first signal through a first communication channel; an induce module for inducing a second signal at the access region; and an assessment module for assessing the authentication for the access at the access region depending on the first signal and the second signal and/or for receiving a report on a result of the assessment.

Alternatively or in addition, the wearable device is configured to, or comprises modules configured to, perform or trigger any of the steps of the other method aspect.

Brief Description of the Drawings

Further details of embodiments of the technique are described with reference to the enclosed drawings, wherein:

Fig. 1 shows a schematic block diagram of a device for assessing

authentication for an access at an access region, which is arrangeable at the access region;

Fig. 2 shows a schematic block diagram of a device for assessing

authentication for an access at an access region, which is arrangeable as a wearable device; Fig. 3 shows a flowchart for a method of assessing authentication for an access at an access region, which is implementable by the device of Fig. 1;

Fig. 4 shows a flowchart for a method of assessing authentication for an access at an access region, which is implementable by the device of Fig. 2;

Fig. 5 shows embodiments of the devices of Figs. 1 and 2, respectively, in communication;

Fig. 6 shows a first example of a signaling diagram resulting from

performing the methods of Figs. 3 and 4;

Fig. 7 shows a second example of a signaling diagram resulting from performing the methods of Figs. 3 and 4;

Fig. 8 shows a third example of a signaling diagram resulting from

performing the methods of Figs. 3 and 4;

Fig. 9 shows a fourth example of a signaling diagram resulting from performing the methods of Figs. 3 and 4;

Fig. 10 shows an implementation of the device of Fig. 1; and

Fig. 11 shows an implementation of the device of Fig. 2.

Detailed Description

In the following description, for purposes of explanation and not limitation, specific details are set forth, such as a specific environments in order to provide a thorough understanding of the technique disclosed herein. It will be apparent to one skilled in the art that the technique may be practiced in other embodiments that depart from these specific details. While the following embodiments are primarily described in the context of wearable devices and for accessing a pocket, the technique may also be implemented for any keyless access, e.g., for a home automation implementation, for a home entrance implementation, for unlocking and/or opening a car door or for a car immobilizer implementation. Moreover, the technique may be implemented in communication with a wireless and/or wearable device. The communication may be implemented according to 3rd Generation Partnership Project (3GPP) Long Term Evolution (LTE), a Wireless Local Area Network (WLAN) according to the standard family IEEE 802.11 (e.g., IEEE 802.11a, g, n or ac), Bluetooth according to the Bluetooth Special Interest Group, Bluetooth Low Energy (BLE or Bluetooth Smart) and/or Near Field Communication (NFC), e.g., according to the standards ISO/IEC 18092 or ISO/IEC 21481.

Moreover, those skilled in the art will appreciate that the modules, functions, steps and units explained herein may be implemented using software functioning in conjunction with a programmed microprocessor, an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), a Digital Signal Processor (DSP) or a general purpose computer, e.g., including an Advanced RISC Machine (ARM). It will also be appreciated that, while the following embodiments are primarily described in context with methods and devices, the invention may also be embodied in a computer program product as well as in a system comprising a computer processor and memory coupled to the processor, wherein the memory is encoded with one or more programs that may perform the functions and steps and may implement the modules and units disclosed herein.

Fig. 1 illustrates a schematic block diagram of a device 100 for assessing at least one of authentication, authenticity, authorization, authority and identity for an access at an access region. The device 100 comprises a reception module 102 for receiving a first signal through a first communication channel. A measurement module 104 of the device 100 measures a second signal at the access region. An assessment module 106 of the device 100 assesses at least one of the authentication, the authenticity, the authorization, the authority and the identity for the access at the access region based on both the first signal and the second signal. Alternatively or in addition, the assessment module 106 sends a report as to a result of the assessment and/or sends both the first signal and the second signal.

The device 100 may be implemented as an access control device at the access region.

Fig. 2 shows a schematic block diagram of a device 200 for assessing at least one of authentication, authenticity, authorization, authority and identity for an access at an access region. The device 200 comprises a send module 202 for sending a first signal through a first communication channel. An induce module 204 of the device 200 induces a second signal at the access region. An assessment module 206 of the device 200 assesses at least one of the authentication, the authenticity, the authorization, the authority and the identity for the access at the access region based on both the first signal and the second signal. Alternatively or in addition, the assessment module 206 receives a report as to a result of the assessment and/or receives both the first signal and the second signal.

The device 200 may be implemented as a wearable device.

Figs. 3 and 4 show flowcharts for methods 300 and 400, respectively, of assessing at least one of authentication, authenticity, authorization, authority and identity for an access at an access region. The steps 302, 304 and 306 of the method 300 may correspond to the functionality of the modules 102, 104 and 106, respectively. The steps 402, 404 and 406 of the method 400 may correspond to the functionality of the modules 202, 204 and 206, respectively.

Fig. 5 shows a schematic block diagram for embodiments of the devices 100 and 200, respectively. Features corresponding to those described above are indicated by corresponding reference signs.

The devices 100 and 200 are in data communication. The devices 100 and 200 in communication may also be referred to as paired devices 100 and 200 or as a system 500.

The devices 100 and 200 are in communication by means of a first channel 502, e.g., a radio link. The first signal is conveyed through the first channel 502.

For maintaining the first channel 502, it is not necessary to continuously transceive signals on a physical layer of the first channel. For example, the devices 100 and 200 may be considered in communication as long as the first channel 502 is maintained on a data link layer.

Optionally or temporarily, a second channel 504 exists between the devices 100 and 200. The second signal is conveyed through the second channel 504. The second channel 504 may be optional, e.g., in that the second channel 504 is absent in an implementation or instance of the device 100 that measures a property of the accessor (e.g., a fingerprint). Alternatively or in addition, the second channel 504 may be temporary, e.g., in that the second channel 504 exists only during the access at the access region.

In a first implementation, the second channel 504 conveys a user behavior as the second signal that is induced by the device 200 (e.g., by means of a display of the device 200 as the induce module 204) and/or measured by the device 100 (e.g., using a camera or sensor of the device 100 as the measurement module 104).

In a second implementation, the second channel 504 is a body link. The body link conveys the second signal through a portion of a body of the user. The body link may be induced by the device 200 (e.g., using a second magnetic inductor or a second electric contact as the induce module 204) and/or received by the device 100 (e.g., using a first magnetic inductor or a first electric contact as the measurement module 104).

The first signal may indicate to the device 100 what the measured second signal would have to be for a positive assessment in the step 306 and/or 406. If the first signal has no match or correspondence in the second signal, the result of the assessment is negative.

The embodiment illustrated in Fig. 5 may be implemented for theft protection, e.g., of pockets in clothes. The pocket includes one or more pocket sensors (PS), e.g., in the measurement module 104 or controlled by the measurement module 104. The PS is configured to detect the access at the access region. For example, the PS detects if a hand of a person (that is not necessarily the user of the system 500) is entering the pocket opening.

In a first example, the PS optically detects the access. The pocket has an opening as the access region. The opening includes a first side and a second side facing the first side. The first side of the pocket includes a set of light diodes. The second side includes a set of receivers. The first and second sides function as a light barrier at the access region.

If a hand enters the pocket, the hand or some of its fingers interrupt the light barrier. This incident is reported to a pocket controller (PC), and optionally through the first channel 502 to the device 200. The optical PS may also detect how many fingers are bended when the hand enters the pocket, e.g. by counting the number of interrupted light barriers in the set of diodes (e.g., after grouping neighboring light barriers indicating the same interrupted state). The number of bended fingers, as observed by the device 100, is an example for the measured second signal (e.g., without requiring a second channel). The light barriers function as the measurement module 104. The first signal may convey to the device 100 (e.g., in advance) how many fingers are required for the positive assessment in the step 306.

In a second example, the PS electrically detects the access. Two electrodes (e.g., conducting plates) are arranged on both the first side and the second side of the pocket. If somebody is entering between the conducting parts, the connection between the conducting parts is broken.

In a third example, the PS magnetically detects the access. A magnet is arranged on the first side, and an electro-magnetic sensor is arranged on the second side of the pocket. If somebody is entering, a change in the magnetic field is detected.

In a fourth example, the PS mechanically detects the access. A change or excess in physical stretch (e.g., tension or strain) of the pocket or the boundary of the pocket opening indicates that something is entering.

The pocket controller (PC) includes the functionality of the reception module 102 and the assessment module 106. The PC is located close to the pocket sensor (PS). Optionally, the PC includes any of the functionality or logic described below.

The device 100 optionally comprises a pocket actuator (PA). The PA is configured to at least one of physically close, lock and unlock the pocket opening.

The embodiment of the device 200 in Fig. 5 comprises an authentication client or application logic client (AC). The AC may be a node of a further network, e.g., a terminal of a cellular network. The AC includes the functionality of the send module 202 and the assessment module 206.

The AC is communicating to the user, e.g., by means of a loudspeaker and/or a display. The AC is also communicating directly to the PC using the first channel 502 as a primary channel (which may be used by default). The first channel 502 may be implemented using radio interfaces, e.g., Bluetooth, NFC and/or Wi-Fi. Optionally, there are two channels 502 and 504 for the communication between the devices 100 and 200. The second channel 504 may include a link through the body of the user (referred to as the body link). The second channel 504 may be a secondary channel.

The second channel 504 may be used for transporting a specifically modulated electrical signal through the body as the second signal. The second signal is sent by a client sender (CS) as the induce module 204 or controlled by the induce module 204. The CS may be co-located with the AC. The body link signal as the second signal is received by a pocket receiver (PR) as the measurement module 104 or controlled by the measurement module 104. The PR is located at access region (e.g., the pocket). The device 100 may also be referred to as pocket group.

The CS 204 may be co-located with the AC in the device 200. For example, the device is implemented in a smartwatch. The CS 204 uses the back of the smartwatch for inducing the second signal into the body link 504.

Alternatively, the CS 204 may be implemented as a stand-alone unit, e.g., built into clothes. The CS 204 is paired with (e.g., by establishing a data link layer channel) and communicating with the AC through a radio link.

For a basic protection, an alarm is raised whenever somebody or something accesses or attempts to access the access region (e.g., the protected pocket). The PS reports the entering to the PC. The PC may then raise a local alarm. The alarm may include a loud alarm sound.

In an implementation compatible with any embodiment, the PC in the device 100 reports an alarm message to the AC in the device 200. The AC may be implemented in a smartwatch. The logic of the device 200 (e.g., implemented in the smartwatch) determines an action upon receiving the alarm message. The action includes, for example, an audible alarm or any means of indicating the (potentially malicious) access to the user, e.g., a silent haptic alert.

In a first example implementation, the access is authorized or approved after the access (e.g., the hand entry) has occurred and/or as the access occurs. The AC may also be referred to as the authorization client. The AC is configured to prompt the user to authorize the access to the access region (e.g., the pocket), e.g., as soon as the access is detected. A signaling sequence for the first example implementation is shown in Fig. 6.

When noticing a pocket entry by means of the measurement module 104, the PC contacts the AC (e.g., through the first channel 502). The PC sends a request for authorization to the AC (shown as the first arrow labelled by "OK?" in Fig. 6) to indicate whether or not the access is authorized. The request for authorization includes or implies a report of the access to the AC. The AC communicates with the user and asks for approval. The user may be notified with a sound and is, for example, prompted to enter an authorizing PIN or to swipe a finger over a fingerprint sensor included in the device 200.

The AC analyses the user entry for correctness and decides if an alarm is raised. The alarm may be raised in at least one of the following case: no PIN was entered after a timeout and an incorrect PIN was entered for a certain number of times (e.g., three times). Otherwise, the pocket entry is approved, if the correct PIN was entered.

Authentication and/or authorization after the access has occurred at the access region (e.g., after a hand has entered the pocket) is not the most useful

implementation in some situations. E.g., such an implementation may include a time delay before the alarm is triggered by the detection of the access. In some situations, it is more useful to force the user to authenticate and/or authorize the access (e.g., the hand entry) before it is happening.

In a second example implementation, the access of the user is authorized in advance (which may also be referred to as pre-authorization, e.g., of the own hand). For example, the authentication and/or the authorization are done once or once a day, and then the own hands of the user (and only the own hands) are continuously approved to enter the pocket.

Only the hands of the user are approved in the steps 306 and/or 406 in a user- friendly way by associating the second signal as a secret with the hands of the user. The second signal is measured at the device 100 (e.g., the local pocket group) by means of the measurement module 104. Fig. 7 shows the communication in the second example implementation. In the second example implementation, the user has authenticated and/or authorized by means of the AC his own hands. By way of example, the device 200, particularly the AC, may be implemented in a smartwatch.

The AC generates a random secret that is communicated to the receive module 102 in the PC of the device 100 (e.g., through the first channel 502) as the first signal. Preferably the first channel is encrypted to avoid that somebody else has knowledge of the secret include in the first signal.

The secret distribution is acknowledged by the device 100 to the device 200. The AC indicates to the user that the protection is active. This can, for example, be done by displaying a lock icon on the screen of the smartwatch or the phone. So the user knows that his or her pocket is entry-protected.

If the device 100 (e.g., the PC) notices a hand entry, e.g., by means of the measurement module 104, the hand is checked as to whether a second signal associated with the hand matches the secret. If the secret expected based on the first signal is coming with the hand according to the measurement module 104, the assessment in the steps 306 and/or 406 is positive. Otherwise, e.g., if there is no match within a preset time (e.g., 0.5 or 2 seconds) after the access has been detected, the alarm is triggered.

For example, the AC in the device 200 cooperates with the CS 204 to induce the second signal in the step 404. The CS 204 has contact to skin of the user. For example, the CS 204 is built into the back of a smartwatch. The CS 204 sends into the body a low-power electrical signal as the second signal. The second signal is encoded with the secret. As a consequence, the hand and/or the user bear the second signal.

At the device 100 (e.g., the local pocket group), the measurement module 104 (e.g., the PR) contacts skin of the accessor at the access region. Due to the skin contact (e.g., with the hand), an electrical loop is closed and the PR reads the second signal with the secret from the hand. The hand of a potential thief does not convey a second signal encoded with the secret.

An approved hand and a fraudulent hand can be distinguished by the device 100 (e.g., at the PC). The PC compares the first and second signals (e.g., if available) and decide in the step 306 if an entry alarm is raised. The assessment step 306 (which may also be referred to as a secret checking step) may be performed in a few milliseconds. Therefore, the alarm is (e.g., for human time scales) instantaneous when a hand of a theft enters the pocket.

In some cases, the continuous authorization (e.g., of a hand) can be circumvented only by a thief knowing about the protection in that the thief tries to make skin contact with the user before entering the pocket. The latter is typically avoided by thieves, because this increases the risk that the user notices the tried theft.

An even more secure protection can be achieved by a third example implementation. The third example implementation avoids a continuous authorization and forces the user to authenticate and/or authorize whenever he or she wants to enter his or her own pocket. Fig. 8 shows a communication scheme for ad-hoc authentication related to the third example implementation.

When the user wants to grab into his protected pocket, he or she starts by authenticating and/or authorizing at a user interface (for example, a touchscreen of a smartwatch) of the device 200 (e.g., at the AC). The user is authorizing his or her own hand. The authorization is valid for a limited period of time.

A secret is generated and distributed over the first channel 502, as described above. The hand is identified when entering based on the secret coming over the second channel (i.e. the body link).

Fig. 9 shows a signal sequence caused by a fourth example implementation for ad- hoc authentication based on a user secret. The assessment steps 306 and/or 406 for secret checking does not rely on a body link. The secret is encoded in the second signal measured by the device 100 due to a specific user behavior induced by the device 200.

The user may input to the device 200 a user intention to access the access region (e.g., to enter into the pocket). In response to the user input, the AC displays a random number, e.g., in the range from 1 to 4, in the step 404. The user is thus induced to first enter into the pocket with only a number of fingers equal to the displayed number in order to authenticate and/or authorize locally at the device 100. After the authentication and/or authorization, the user can enter with the full hand. The required number of fingers is communicated to the PC as the first signal through the first channel 502. A second channel 504 through the body is not needed in this scenario. This means, skin contact for the device 200 (e.g., the AC and its CS) is not necessary. However, in a variant of the fourth example implementation, the body link may serve as the first channel 502.

In the fourth example implementation, the measurement module 104 (e.g., the PR) controls or includes a sensor configured to count the number of entering fingers. For example, an array of optical sensors is arranged along a rim of the pocket.

Preferably, the validity of the secret (e.g., the number of fingers) is time-limited. As a further advantage, the sensor (e.g., for counting the number of fingers as the second signal) needs to be powered only for the limited time.

In any of above example implementations, logic to compare the first signal and the second signal (e.g., for comparing the secrets) in the steps 306 and/or 406 may be implemented in the device 100 (e.g., in the PC) or in the device 200 (e.g., in the AC), or both.

The above example implementations may be combined. Further example

implementations, which are combinable with any of the above example

implementations, include a biometric sensor at the device 100 (e.g., at the pocket) as the measurement module 104.

The biometric sensor is used for the authentication and/or the authorization.

Therefore, the entire system 500 (e.g., both the devices 100 and 200, particularly the AC) may be located directly at the access region (e.g., the pocket). The biometric sensor may be a fingerprint sensor outside of the pocket or at the opening of the pocket. A finger needs to be swiped at the fingerprint sensor before the hand enters into the pocket. Successful or unsuccessful approval is notified to the user, e.g., by means of different sounds.

In any of above embodiments and implementations, the access region (e.g., the pocket) may comprise a lock. The lock may include a mechanism for physically locking the access region (e.g., the pocket). The lock may be an electro-magnetically controlled locking mechanism. The lock may be opened in response to a positive assessment in the steps 306 and/or 406. The lock may be temporarily unlocked. The lock may be closed, or may remain closed, if the assessment in the steps 306 and/or 406 is negative.

Embodiments including a lock controlled by the device 100 at the access region can obviate an acoustic alarm signal, which is beneficial in certain environments requiring silence.

Fig. 10 shows a block diagram for an implementation of the device 100 in an access control device 1000. The device 1000 comprises a radio interface 1002 for signal reception on the first channel. The device 1000 further comprises a processor 1004 coupled to memory 1006. The memory 1006 is encoded with instructions that implement the modules 102, 104 and 106.

Fig. 11 shows a block diagram for an implementation of the device 200 in a wireless and/or wearable 1100, e.g., a mobile phone or smartwatch. The device 1100 comprises a radio interface 1102 for sending signals on the first channel. The device 1100 further comprises a processor 1104 coupled to memory 1106. The memory 1106 is encoded with instructions that implement the modules 202, 204 and 206.

As has become apparent from above description of exemplary embodiments, the technique can be implemented with low additional costs, e.g., in conjunction with widespread user devices, wearable devices and/or wireless devices including phones and smartwatches.

At least some embodiments of the technique can achieve a reliable and at the same time convenient access protection, e.g. in a personal alarm system. The security of the user can be improved in areas where pickpocketing is a general problem. A tried theft can lead to an immediate notification.

Many advantages of the present invention will be fully understood from the foregoing description, and it will be apparent that various changes may be made in the form, construction and arrangement of the units and devices without departing from the scope of the invention and/or without sacrificing all of its advantages. Since the invention can be varied in many ways, it will be recognized that the invention should be limited only by the scope of the following claims.