Cross Reference to Related Applications

[0001] This U.S. non-provisional patent application is a continuation-in-part of co-pending U.S. non-provisional patent application number 15/489,908, filed on April 18, 2017, which is incorporated-by-reference herein in its entirety.

Field of the Invention

[0002] The present invention relates generally to fraud prevention systems, and more particularly, to a biometric fraud protection system for the health care industry.

Background of the Invention

[0003] Health care fraud may occur when an individual defrauds an insurer or government health care program, such as Medicare (United States) or equivalent state programs. The FBI estimates that health care fraud costs American tax payers billions of dollars a year according to www.fbi. gov’s“White Collar Crime” section. As such, it is important for insurers and health care programs to participate in systems for preventing health care fraud.

[0004] Organizations such as Healthcare Fraud Prevention Partnership (HFPP) and National Health Care Anti-Fraud Association (NHCAA) provide information and have developed programs for preventing healthcare fraud. For example, HFPP has a mission to combat opioid misuse, and NHCAA provides educational information to consumers on preventing health care fraud.

[0005] However, existing programs and educational resources have various problems and limitations. For example, such existing resources are merely focused on preventing health care fraud through public cooperation and social awareness, such as by teaching consumers to protect

l their health insurance ID cards and report fraud. Public cooperation and social awareness have been proven to be ineffective in preventing healthcare fraud.

[0006] Accordingly, there exists a need for a system that efficiently and effectively prevents health care fraud.

Summary of the Invention

[0007] This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features of essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. Furthermore, the claimed subject matter is not limited to implementations that solve any or all disadvantages noted in any part of this disclosure.

[0008] Disclosed is a system for biometrically detecting health care fraud, the system comprising one or more storage machines holding instructions executable by one or more logic machines to actualize operations of, creating a patient biometric profile, verifying the patient biometric profile, detecting a fraud condition, and if a fraud condition is detected, notifying authorities.

[0009] In another aspect, the operations further include creating a patient account.

[0010] In another aspect, the operations further include taking an insurance card photo and uploading the insurance card photo to a database.

[0011] In another aspect, creating a patient biometric profile includes biometrically scanning a patient.

[0012] In another aspect, verifying the patient biometric profile includes biometrically scanning a patient as a patient verification scan. [0013] In another aspect, verifying the patient biometric profile includes determining if the patient biometric profile matches the patient verification scan.

[0014] In another aspect, biometrically scanning a patient includes scanning a retina of the patient via a retina scanner.

[0015] In another aspect, biometrically scanning a patient includes scanning an epidermal ridge of a patient via an epidermal ridge scanner.

[0016] In another aspect, the operations further include creating an administering party account.

[0017] In another aspect, the operations further include creating an administering party biometric profile by biometrically scanning the administering party.

[0018] In another aspect, the operations further include verifying the administering party biometric profile by biometrically scanning the administering party as an administering party verification scan.

[0019] In another aspect, verifying the administering party biometric profile includes determining if the administering party biometric profile matches the administering party verification scan

[0020] In another aspect, verifying the patient biometric profile includes biometrically scanning a patient at a biometric scanner device.

[0021] In another aspect, the biometric scanner device includes an electronic display.

[0022] In another aspect, the biometric scanner device is configured to present a graphical user interface via the electronic display.

[0023] In another aspect, the biometric scanner device is configured to receive a user input.

[0024] In another aspect, the biometric scanner device is configured to receive a user input via the display. [0025] In another aspect, the biometric scanner device is configured to receive a user input via a keyboard.

[0026] In another aspect, the system includes a database that is configured to communicatively interface between the biometric scanner device and the authority.

[0027] In another aspect, the database is configured to communicatively interface between the biometric scanner device and a care facility.

[0028] In another aspect, the database is configured to communicatively interface between the biometric scanner device and a personal electronic device.

[0029] In another aspect, detecting a fraud condition includes determining if simultaneous billing occurs at two or more medical service providers.

[0030] In another aspect, the operations further include registering a patient location at a time of treatment, and sending the patient location to the authority via the database.

[0031] In another aspect, detecting a fraud condition includes determining if two treatment times are within a time frame.

[0032] In another aspect, the operations further include registering a time and location of a urine analysis.

[0033] In another aspect, the operations further include registering a time and location of a DNA screening.

[0034] In another aspect, detecting a fraud condition includes detecting an excessive number of treatments being administered.

[0035] In another aspect, the operations further include receiving GPS coordinates and locating nearby medical facilities.

[0036] In another aspect, a medical facility is an addiction facility. [0037] In another aspect, the operations further include running a software program configured to connect a patient with an expert advisor.

[0038] In another aspect, the operations further include receiving a patient check-in input at a personal electronic device and checking the patient into a facility in response to the patient check-in input.

[0039] In another aspect, the operations further include receiving an insurer selection input and selecting an insurer in response to the insurer selection input.

[0040] In another aspect, the operations further include sharing patient treatment progress with other patient users.

[0041] These and other objects, features, and advantages of the present invention will become more readily apparent from the attached drawings and the detailed description of the preferred embodiments, which follow.

Brief Description of the Drawings

[0042] The preferred embodiments of the invention will hereinafter be described in conjunction with the appended drawings provided to illustrate and not to limit the invention, where like designations denote like elements, and in which:

[0043] FIG. 1 schematically shows a method of detecting a fraud condition, in accordance with aspects of the present disclosure;

[0044] FIG. 2 schematically shows a health care fraud prevention system, in accordance with aspects of the present disclosure;

[0045] FIG. 3 schematically shows an example computing system, in accordance with aspects of the present disclosure;

[0046] FIG. 4 schematically shows an example biometric scanner device, in accordance with aspects of the present disclosure; and [0047] FIG. 5 schematically shows locating and checking into nearby facilities, in accordance with aspects of the present disclosure.

[0048] Like reference numerals refer to like parts throughout the several views of the drawings.

Detailed Description

[0049] The following detailed description is merely exemplary in nature and is not intended to limit the described embodiments or the application and uses of the described embodiments. As used herein, the word“exemplary” or“illustrative” means“serving as an example, instance, or illustration.” Any implementation described herein as “exemplary” or “illustrative” is not necessarily to be construed as preferred or advantageous over other implementations. All of the implementations described below are exemplary implementations provided to enable persons skilled in the art to make or use the embodiments of the disclosure and are not intended to limit the scope of the disclosure, which is defined by the claims. For purposes of description herein, the terms “upper”, “lower”, “left”, “rear”, “right”, “front”, “vertical”, “horizontal”, and derivatives thereof shall relate to the invention as oriented in FIG. 1. Furthermore, there is no intention to be bound by any expressed or implied theory presented in the preceding technical field, background, brief summary or the following detailed description. It is also to be understood that the specific devices and processes illustrated in the attached drawings, and described in the following specification, are simply exemplary embodiments of the inventive concepts defined in the appended claims. Hence, specific dimensions and other physical characteristics relating to the embodiments disclosed herein are not to be considered as limiting, unless the claims expressly state otherwise.

[0050] Disclosed is a system for biometrically detecting health care fraud. The system may establish a bio-genetic profile using biometric traits in order to establish an identification profile for the purpose of tracking, billing, and payment reconciliation through the use of hardware devices. The system may include one or more storage machines holding instructions executable by one or more logic machines to actualize herein described operations. For example, method 100 of FIG. 1 includes the operations of at 102 creating a patient biometric profile, at 104 verifying the patient biometric profile, at 108 detecting a fraud condition, and at 108-Y if a fraud condition is detected, notifying authorities. Further, method 100 may include at 106 verifying an administering party biometric profile as further described below. The method continues to 108-N if a fraud condition is not detected. The system synchronizes an individual’s patient health records, billing systems, migratory and movement pattern systems, numerical assignment registrars, and drug prescription system record systems - with an individual’s bio-metric identity, whether it be eyes, finger prints, tongue, lips, nerve endings, blood, or any element of a human being’s physical anatomy. The system synchronizes individual and collective bio-metric profile presence with information systems and transmits data appropriately and effectively to actualize the tasks and operations described herein.

[0051] It is to be understood that an authority may be a government agency, an insurance company, or any organization providing healthcare services or coverage. It is to be understood that the term “user” may refer to a patient, medical personnel, or a medical treatment administering party, such as a doctor or a nurse, or anybody to be biometrically scanned for preventing health care fraud in accordance with the present disclosure.

[0052] It is to be understood that a database as referred to herein may invariably refer to database 208 of FIG. 2 or any appropriate database including informational databases such as a billing, prescription, criminal records, citizenship, banking platforms, and cryptocurrency accounts. The system may connect such informational databases to ensure that a patient has never committed fraud or criminal activity, or that the patient is a legitimate citizen. For example, the herein disclosed biometric scanner hardware or system may link to all banking platforms for electronic claims settlement of balances from a personal bank account, credit card, and/or cryptocurrency account should a user’s information need to be synced with the system.

[0053] At 102, creating a patient biometric profile may include biometrically scanning a patient. In some examples, the operations may further include creating a patient account, taking an insurance card photo and uploading the insurance card photo to a database, and/or creating an administering party account. [0054] At 104, verifying the patient biometric profile may include biometrically scanning a patient as a patient verification scan and determining if the patient biometric profile matches the patient verification scan. For example, verifying the patient biometric profile may include biometrically scanning a patient at a biometric scanner device.

[0055] Biometrically scanning a patient may include scanning a retina of the patient via a retina scanner 402 (FIG. 4), and/or scanning epidermal ridge(s) of a patient via an epidermal ridge or fingerprint scanner 406 (FIG. 4). For example, an epidermal ridge may be a thumb print, finger print, or hand-print. The biometric scanner may also be configured to scan a lip print or a tongue print of a patient, or any combination of anatomical elements of a person whether tangible or intangible such as human resonant frequency or vibratory signature, with information systems that transmit data. A biometric scan may be done at scanner device 400 shown in FIG. 4.

[0056] It is to be understood that the device 400 may be any appropriate device, such as a kiosk, hand held device, or touchpad. Although FIG. 4 shows the device 400 being represented as a kiosk, it is to be understood that the device 400 is not limited to being a kiosk, and may take any appropriate form.

[0057] The biometric scanner device 400 may include an electronic display 404, and may be configured to present a graphical user interface via the electronic display. Further, the biometric scanner device 400 may be configured to receive a user input. For example, the biometric scanner device 400 may be configured to receive a user input via the display, a keyboard, or selector device (e.g. mouse). The biometric scanner device 400 may include a fingerprint scanner 406, a retina scanner 402, and/or a lip print or tongue print scanner. In some examples, the scanner or the system could be or include a mobile phone or handheld device that scans or reads retinas or fingerprints that ties in with prescription and billing databases.

[0058] The operations may further include creating an administering party biometric profile by biometrically scanning the administering party and verifying the administering party biometric profile at 106 in FIG. 1, by biometrically scanning the administering party as an administering party verification scan. Verifying the administering party biometric profile may include determining if the administering party biometric profile matches the administering party verification scan

[0059] The system may include a database (e.g. database 208 of FIG. 2) that is configured to communicatively interface between the biometric scanner device 400 and the authority (e.g. insurance company 218 or medical billing agency 216), the biometric scanner device 400 and a care facility 210, and/or the biometric scanner device 400 and a personal electronic device 206.

[0060] The illustration of FIG. 2 shows an exemplary health care fraud prevention system 200 configured to transfer data and/or information according to legend L. Arrows in system 200, between numbered and labeled boxes, are coded according to legend L. For example, receipt of information arrows are coded according to L-l, transfer of information arrows are coded according to L-2, patient data transfer arrows are coded according to L-3, and billing data transfer arrows are coded according to L-4 in legend L.

[0061] In FIG. 2, a mobile app 204 receives information (L-l) from a patient 202 and a personal electronic device 206 (e.g. smart phone) receives information via the mobile app 204. Further, the personal electronic device 206 receives information from a database 208. The database 208 receives information from an insurance company 218 and biometric device 214. The insurance company 218 receives information from medical billing agency 216. A care facility 210 receives information from medical personnel 212 and database 208. The biometric device 214 receives information from eye scanner 220 and fingerprint scanner 224. The eye scanner 220 and the fingerprint scanner 224 receive information from patient 222 (which may be the same user as patient 202). Medical billing agency 216 receives information from database 208 and biometric device 214.

[0062] With further respect to FIG. 2, information is transferred (L-2) from electronic device 206 to database 208, care facility 210 to database 208, from care facility 210 to medical personnel 212, from database 208 to insurance company 218, from medical personnel 212 to biometric device 214, and from insurance company 218 to medical billing agency 216.

[0063] Further with respect to FIG. 2, patent data (L-3) is transferred from patient 202 to database 208 and from patient 222 to database 208 (e.g. through device 214). [0064] Further with regard to FIG. 2, billing data (L-4) is transferred between (back and forth) medical billing agency 216 and eye scanner 220, between database 208 and medical billing agency 216 (e.g. through biometric device 214, and/or directly), and between the insurance company 218 and medical billing agency 216. It is to be understood that the herein described data and information transfer may be uni- or bi- directional without departing from scope of the present disclosure, or in accordance with the arrows shown in FIG. 2.

[0065] Turning back to FIG. 1, at 108, detecting a fraud condition may include determining if simultaneous billing occurs at two or more medical service providers, determining if two treatment times are within a time frame, and/or detecting an excessive number of treatments being administered.

[0066] The operations may further include registering a patient location at a time of treatment (e.g. via a GPS receiver or GPS subsystem), and sending the patient location to the authority via the database (e.g. database 208 in FIG. 2).

[0067] The operations further include registering a time and location (e.g. via GPS) of a urine analysis, and/or a DNA screening.

[0068] As shown in method 500 of FIG. 5, at 502, the operations may further include receiving GPS coordinates and at 504 locating nearby medical facilities according to the GPS coordinates. For example, a user may select a nearby medical facility by inputting a selection via a personal electronic device (e.g. via tapping a touch screen display or clicking a mouse button). It is to be understood that the herein disclosed facilities may be a medical facility, addiction facility, and/or a care facility.

[0069] The operations may further include running a software program configured to connect a patient with an expert advisor. For example, as shown in FIG. 5, via the system and/or the software program, the operations may further include at 506, receiving a patient check-in input at a personal electronic device, and/or checking the patient into a facility in response to the patient check-in input. Further, the operations may include receiving an insurer selection input and selecting an insurer in response to the insurer selection input, and/or sharing patient treatment progress with other patient users. [0070] The invention may eliminate fraud in the health care industry by the use of biometric identification of patients for any appropriate health care diagnosis and treatment practices. According to the above described features, elements, and system(s), the mobile application may be compatible with various operating systems. The database may be a HIPPA compliant database. The system may include one or more HIPPA compliant servers for distributing and serving data as described above. A bi-directional software program may be included that is configured to interface between the mobile application and the database (e.g. holding patient records), between the database and the scanner device (e.g. kiosk or handheld device or tablet), and between the database and an insurance carrier or company.

[0071] The scanner device may interface with a centralized database and report information directly to an insurance company in real-time through a synchronized algorithm that detects and/or alerts the insurance company when fraud is detected as described above.

[0072] The mobile application is configured to allow a user to find a nearby addiction facility based on distance relative to a user’s location. The application is configured to allow a user to call a phone number for initiating one on one communication with an expert adviser. A user may check into a facility by filling out a form in the application, e.g. by entering a user’s first and last name, date of birth, phone number, and/or address & zip code. The application allows a user to select a treatment required, such as hospitalization, detox, Physicians Health Plan (PHP) and/or Intensive Outpatient Program (IOP). The application allows a user to select an insurance plan or carrier, or allow the user to select a new plan. For example, the application may provide access to insurance brokers for signing up to a new plan. The mobile application may be configured to allow users to connect with other users as a social network system for sharing goals and tracking achievements, and for sharing their success and progress with their friends. Through the mobile application, patients may be able to make appointments with advisors. Further, through the mobile application a user account may be created (e.g. with a username and 4 digit pin code). The application may be configured to take a picture of an insurance card (e.g. front and back) and upload the picture to the herein databases, and a copy of the card (e.g. image) may be sent to a user’s email address on file. The scanner device may be linked to the user account created through the mobile app. [0073] Once a user (patient) arrives at a treatment facility, the patient may be required to create a biometric profile using a fingerprint, thumb print, palm print, and/or a retinal scan on a scanner device that is linked to a centralized database that corresponds with registered and stored user information. A doctor or nurse facilitating treatment to that user (patient) may also create a biometric profile or have a profile set up prior to the patient arrival. This may be part of a patient intake process for any patient seeking any treatment from any healthcare treatment facility whether it can be a hospital (inpatient/outpatient), addiction recovery (inpatient/outpatient), psychiatric, behavioral, and/or urgent care facility located and/or providing services in the United States of America. Such a treatment facility may be defined as any facility that gives medical services that are billed to an insurance company or to the Federal Government of the United States of America. The patient will be required to scan their palm print upon entrance to the facility unless there is a physical impairment that will prevent them from doing so. The patient may be required to scan their retina in an event that they cannot provide a finger, thumb or palm print. The doctor or responsible party for administering treatment may also be required to scan their fingerprint, thumbprint, or retina on days that the doctor and/or patient are at the facility.

[0074] Below are further details on the above described scanner device. The scanner device may include an attractive, durable metal enclosure with a powder coat finish, touchscreen monitor, Internet-ready system processor, external audio headset connector (for Section 508 compliance), plus all necessary and appropriate cables and accessories. Printers, rugged keyboards, card readers, fingerprint readers, bar code scanners, proximity detectors, privacy screens, autodial telephones, graphics and signage for branded identity may be included. The scanner device may be specifically designed and built to have the following attributes, features and/or functionalities: being durable and highly reliable, being space efficient and complementary to building decor, being cost effective without compromising quality, being easily and inexpensively installed and serviced, being ADA, Section 508 and HIPAA compliant, having customizable signage, and/or being electrically and mechanically safe.

[0075] The herein disclosed scanner device may be one of a plurality of scanner devices that are safely and securely managed with a specially designed Scanner Device Management Software. The scanner device software restricts access to unauthorized sites, logs system ‘heartbeat’, tracks usage data, allows for remote updates on any day at any time, among other features. A display presentable by the scanner device GUI allows for professional branding, rich graphics that will entice users to engage, and large button selections that make it fast and easy for users to do so. The scanner device software may be designed for use on any workstation, scanner device or tablet, with both Windows and Android versions available -- and may be approved to operate on government networks.

[0076] Interactive apps and/or scanner device content can be supplied any appropriate entity. Any appropriate web-enabled solution may be included, and can either be locally stored on the scanner device and updated remotely a cloud computing system, or hosted on any appropriate server.

[0077] The scanner device(s) may implement the following: .Net, PHP, Java, Javascript, JQuery, XML/XLST, Html/CSS, VB, C#, Flash, Oracle and MS SQL databases, and other leading technologies.

[0078] The scanner device software may include the following features and/or elements, a customizable, easy-to-use, full screen browser interface, browser lockdown and URL filtering, tamper proof security prohibiting access to OS, network, unauthorized content, session management to reset defaults and secure all user session data, multi-touch enabled navigation and interactivity, displaying full range of web-based content, an onscreen virtual keyboard, built- in attract loop features, support for Wi-Fi/Bluetooth printing, flexible run loop allowing alternate exe, start-up and session specific programs, device support for a full range of scanner device peripherals - touchscreens, printers, speakers, mag stripe card readers, smart card readers, DoD- approved CAC readers, biometric (fingerprint) readers, bar code scanners, image scanners, video cameras, autodial telephones, proximity sensors and mats, dual monitors, support for multiple languages, supporting automatic dialing using VoIP, Skype or POTS (analog) phone devices, compatibility with industry standard screen reading software, remote monitoring capability with regular check-in, daily detailed status/activity logs, remote content management and updating capability, and/or remote usage data collection and reporting capability. [0079] With regards to system status and data processing & reporting, all internet-connected scanner devices may be configured to“check in” every 10 minutes to a central web server via http to provide status data and ensure maximum uptime. This Internet“heartbeat” is logged so that system connectivity data can be rolled up. When systems have not checked in over the assigned threshold, alerts can be sent to proper personnel for corrective action. Program uptime is also logged locally by the scanner device and sent up nightly. The scanner devices automatically record detailed usage statistics about each navigation and print request. Usage data files are accumulated on the local scanner device and sent to a server via http where they are processed into MS SQL databases. Retrieved usage data is posted and available for viewing via the an online website. A wide variety of predefined tabular and graphical reports allow management to evaluate the success of scanner device locations, specific content and the overall project. Reports allow comparison of individual scanner devices and scanner device groups to help identify successful locations and system metric benchmarks. Reports are available for selected date ranges, and for individual scanner devices or scanner device groups. Numerous standard reports are available in both columnar and graphical formats. An online editor may be included, that allows scanner device administrators to remotely upload, delete, and maintain settings for the screen savers that are used by the Attract Loop process on each Internet- connected scanner device. This online editor allows scanner device administrators to remotely maintain the list of authorized URLs which user may access on each internet-connected scanner device. All user navigations are disallowed by default, so if a URL is not on the list, the user will not be able to access it and a“Content Blocked” message will appear on the monitor. This online utility, provided via a cloud computing system, allows customers to maintain the files that are used by the Attract Loop process on the scanner devices.

[0080] Key features of an attract loop graphic manager may include uploading new picture/graphic files. Other file formats (Flash, HTML, movies) can be used in the Attract Loop, but not uploaded using this online tool. Other key features of the attract loop graphic manager may include, deleting existing files, selecting the scanner device(s) on which the files will run, and modify the order in which the files display on the scanner devices. [0081] A public access computer presents some unique security challenges in providing ordinary users full access to a small number of programs while blocking unauthorized and/or malicious actions. A comprehensive set of design criteria assures both the physical security of a scanner device and its components, and the logical security of the data accessible on or via the scanner device computer (whether locally stored or accessible via a network or Internet connection)

[0082] Physical features of the scanner device may include, starting with the enclosure itself, sturdy 16 gauge steel construction, secure locking access panels and no exposed fasteners or operable connectors. A computer is locked inside the scanner device and inaccessible to users, so flash drives, memory cards or optical disks cannot be used to introduce malware or load unwanted programs.

[0083] On units with touchscreens only (no external rugged keyboard), the only exposed input device is the touchscreen monitor, which acts as a left-click only pointing device (the user's finger). All right-click functionality is disabled. In this configuration a standard keyboard, supplied for administrative use only, is locked inside the scanner device.

[0084] On units equipped with a user-accessible rugged keyboard, many of the keys found on standard keyboards are eliminated. There may be no Windows Start key, for instance, and no function keys (FI -FI 2). The Ctrl, Alt, and Esc keys are disabled via a hardware switch inside the locked scanner device, available only for use by authorized administrators. The optional external rugged trackball is configured with the right-click button disabled whenever the system is running in scanner device user mode.

[0085] Logical security features of the scanner device may be as follows, the public scanner device display application is set to load automatically following system boot up, once the scanner device computer has been properly logged in as appropriate. The software suite is designed to be run as a member of the Windows Users group without any elevated rights. Without administrative rights users cannot install programs, accidentally (or deliberately) modify system settings, and malware can’t alter system security settings or disable antivirus software. [0086] The standard Windows shell is replaced by a custom-shell, eliminating the Windows Desktop with its system tray and Start button and bypassing programs in the startup folder. This prevents unauthorized access to other Windows applications such as the Control Panel, the Run window, Windows Explorer or Internet Explorer. System settings cannot be altered, local files cannot be corrupted, moved or deleted, and no browsing to local, network or Internet sites can occur. The Windows Desktop also handles all keyboard shortcuts utilizing the Windows Logo key, so shell replacement also enhances system security when used with a full function keyboard.

[0087] A custom-browser, the primary scanner device content display interface, is a wrapper around an Internet Explorer browser object and, as such, is configurable using the standard Internet Options dialog. This ensures that the latest browser features are incorporated automatically as Microsoft introduces new IE versions during the scanner device lifecycle. Browser emulation can be downgraded to previous versions of IE if required to support legacy websites that prove incompatible with new Internet Explorer functionality.

[0088] The scanner device display application contains numerous built-in security features. For example, the scanner device display application exposes no obvious means to exit the program cycle. It runs in full screen mode without a typical title bar and the associated options to minimize, resize, or close the display window. Two hotkeys (Esc or Ctrl+Shift+M) and an optional double click event on the custom-browser logo image (when shown) are the only means of breaking out of the scanner device UI cycle, and only via a password dialog. Multiple failures to successfully log in invoke a 5 minute lockout where no more attempts are allowed to discourage individuals attempting to gain unauthorized access to a custom designed software manager and the Windows OS.

[0089] A comprehensive keyboard blocker provides system security by preventing the use of keyboard shortcuts familiar to many Windows OS users. Every non-alphanumeric key found on a standard keyboard, including function keys, the Windows Logo keys, and special purpose keys can be blocked individually. Virtually every combination of keys that represents a known Microsoft shortcut can be allowed or blocked as well. Unique software design allows blocking overall use of keys like“Ctrl” while allowing the commonly used Ctrl-Z, Ctrl-X, Ctrl-C and Ctrl-V combinations to work as expected. [0090] For systems with an Internet connection, browsing to any web page not located on the local hard drive or a network drive is actively filtered through a local database of white list/black list sites. By default, every web page is disallowed unless it is explicitly authorized by database entries. Approved“.com” sites and others are specified by a unique portion of their root web address. This process allows access to, for instance, all of the pages associated with a web site of local community information, while restricting navigation to advertisers, search engines or download sites that might be links on those pages. For US government customers, wildcard access to all“.mil” and“.gov” sites is standard. Security software may be configured to monitor and selectively interact with visible windows. By default the software kills instances of Windows Explorer and Internet Explorer and any program that hosts an instance of the web browser control. Dialogs are examined and, where appropriate, responded to by clicking the button that best protects the scanner device. Browser plug-ins like Adobe Acrobat Reader have toolbar elements hidden to eliminate users’ ability to browse the file system, save or open new files.

Should Windows Task Manger be launched, the security software hides the user interface to prevent tampering. File downloads are filtered to allow only specific types of display content (e.g. pdf or doc) while cancelling all others. New window events are redirected to a new tab in the custom browser, where the whitelist/blacklist rules can be applied. All other popup windows are killed immediately. A comprehensive digital cleanup cycle is performed at the end of each scanner device user session. By default all smart card certificates, cookies, temp folder contents, and temporary Internet files are deleted. For scanner devices with an optional printer, jobs in the print queue are flushed to prevent delayed printing of potentially sensitive or private information when, for instance, paper is added to an empty tray of a laser printer. In addition, any programs which may have been allowed to run to support the display of browser content (such as Microsoft Office viewers or Acrobat Reader) are terminated. A cleanup cycle is initiated by, a security program startup in case the previous session ended abnormally, such as a power outage on a computer without an uninterruptible power supply, user pressing exit button where the user has decided to terminate a browser session via exit, and a session inactivity timeout sensor which is a software feature that will end a user session if no activity (e.g., touching the touchscreen, using the keyboard/trackball, or web page navigation) has occurred during the configured inactivity timeout value. The default inactivity timeout value is 5 minutes. This inactivity timeout value can be set for any desired number of seconds or disabled with an entry of 0. An optional warning message with a countdown can be displayed to the user that the session is about to be closed due to inactivity. If the user touches the monitor or keyboard before the countdown completes, the session will remain active. This feature operates independently of any proximity sensor device. A cleanup cycle may also be initiated upon detecting a loss of program heartbeat where the custom browser sends a heartbeat message every minute during a user session. A missing heartbeat is interpreted as an anomalous fatal program error or lockup condition and the session is terminated automatically.

[0091] Proximity Sensor Device (Optional Peripheral): the session is automatically closed whenever the proximity signal is lost (i.e. the user departs). To avoid inadvertently closing a session if a user just briefly moves away, the software has a feature to not close the session unless the user is absent for at least X second(s), where X is a configurable value for certain types of sensors.

[0092] Regarding ada and section 508 compliance, this section addresses how the scanner device functions and features relate to the Americans with Disabilities Act (ADA) and Section 508 of the U.S. Rehabilitation Act, more specifically with respect to subsection 1194.25“Self- Contained, Closed Products”. The scanner device supports these requirements to the maximum extent possible. It must be noted, however, that web and locally stored content supplied by others and presented via the scanner device/display must be formatted in compliance with Section 508 standards to take proper advantage of the accessibility features. Certain requirements, particularly those related to totally unsighted (blind) users, can only be met using specific scanner device models.

[0093] Regarding physical accessibility there are several requirements with regard to the physical dimensions of the hardware, including the physical accessibility of the operable controls (forward reach and side reach). For wall-mounted units located in potential corridors, there are also maximum horizontal protrusion and the minimum/maximum height above the ground.

[0094] Current ADA and Section 508 guidance requires that the height of the“operable control” (with respect to scanner devices with keyboards, the height of the keyboard; with respect to touchscreen scanner devices without keyboards, the highest point on the touchscreen where user selections are made) shall be 48” maximum and 15” minimum above the floor and 10” or less from the accessible vertical plane. All scanner devices and interactive displays fully comply with this physical accessibility requirement. For scanner devices equipped with a rugged keyboard and/or trackball, the input device is always located below 48”. For standard scanner devices without a keyboard or trackball, the midway section of the touchscreen monitor is always at or below 48”. For non-standard scanner devices without a rugged keyboard or trackball— for example large format monitors used for directory/wayfinding applications— using just the lower portion of the screen for user controls might cause an inconvenience to non- seated users. In these instances, the a virtual touchpad control solves the problem by allowing seated users to access the entire screen using an onscreen“virtual touchpad” at the bottom of the screen (see below).

[0095] With regards to a virtual touch pad the scanner device software includes a special control that allows seated users to access the entire screen using an onscreen“virtual touchpad” at the bottom of the screen. Like a physical touchpad found on laptops, the virtual touchpad is a pointing device that can translate the motion and position of a user's fingers as a substitute for a mouse. A small area at the bottom of the touchscreen is repurposed to form the surface area of the touchpad.

[0096] Regarding readability, as a function of the scanner device software and screen layout, all GUI content is designed to be easily readable. This readability is supported by the use of appropriate font colors and sizes, proper spacing of text and user selection elements, and good general design and use of color.

[0097] Regarding scanner device power options, the following specifications, elements, and/or features may be implemented in the scanner device configuration, 110 VAC, 60 Hz, 10 amp power outlet within 5' of scanner device location (220 VAC, 50 Hz configuration w/ international AC plug options also available), and for an indoor environment; 45 °F to 95 °F operating range; 20% to 80% relative humidity. [0098] It is to be understood that the disclosed system may be included in package delivery methods and systems. For example, a package delivered via automobile personnel and/or aerial drones may be verified by an appropriate biometric scan prior to the package being released, disbursed, or left with a recipient. Such a biometric scan can have either a singular or multiple factor form of verification which may include a fingerprint, retinal, or any appropriate biometric identity marker.

[0099] In some embodiments the methods, tasks, processes, and/or operations described above may be effected, executed, actualized, and/or carried out by a computing system including a tangible computer-readable storage medium, also described herein as a storage machine, that holds machine-readable instructions executable by a logic machine (i.e. a processor or programmable control device) to effect, execute, actualize, carry out, provide, implement, perform, and/or enact the above described methods, processes, operations, and/or tasks. For example, a suitable computing system may be computing system 300 shown in FIG. 3. When such methods, operations, and/or processes are implemented, the state of the storage machine 304 may be changed to hold different data. For example, the storage machine 304 may include memory devices such as various hard disk drives, CD, or DVD devices. The logic machine 302 may execute machine-readable instructions via one or more physical information and/or logic processing devices. For example, the logic machine 302 may be configured to execute instructions to perform tasks for a computer program. The logic machine 302 may include one or more processors to execute the machine-readable instructions. The computing system 300 may include a display subsystem 306 to display a graphical user interface (GUI) or any visual element of the methods or processes described above. For example, the display subsystem 306, storage machine 304, and logic machine 302 may be integrated such that the above method may be executed while visual elements of the disclosed system and/or method are displayed on a display screen for user consumption. The computing system 300 may include an input subsystem 308 that receives user input. The input subsystem 308 may be configured to connect to and receive input from devices such as a mouse, keyboard or gaming controller. For example, a user input may indicate a request that a certain task is to be executed by the computing system 300, such as requesting the computing system 300 to display any of the above described information, or requesting that the user input updates or modifies existing stored information for processing. A communication subsystem 310 may allow the methods described above to be executed or provided over a computer network. For example, the communication subsystem 310 may be configured to enable the computing system 300 to communicate with a plurality of personal computing devices. The communication subsystem 310 may include wired and/or wireless communication devices to facilitate networked communication. As non-limiting examples, the communication subsystem 310 may include a global positioning system (GPS) module that includes one or more GPS receivers for determining a location of one or more electronic devices (e.g. a smart phone). The described methods or processes may be executed, provided, or implemented for a user or one or more computing devices via a computer-program product such as via an application programming interface (API).

[00100] Since many modifications, variations, and changes in detail can be made to the described preferred embodiments of the invention, it is intended that all matters in the foregoing description and shown in the accompanying drawings be interpreted as illustrative and not in a limiting sense. Thus, the scope of the invention should be determined by the appended claims and their legal equivalents.