METHOD FOR EVOLUTIONARY BIOMETRIC RECOGNITION HAVING SPEED AND SECURITY FEATURES SUITABLE FOR POS/ATM APPLICATIONS

TECHNOLOGICAL BACKGROUND OF THE INVENTION

Application field.

The present invention relates to the field of the methods, based on acquisition and electronic processing of biometric data, for the recognition of users of services the fruition of which requires a registration and an authorization. Particularly, the invention relates to a method of registration and recognition of users of POS (Point Of Sale) and ATM/cash dispenser services, as well as a method for delivering such services.

The invention also relates to a recognition system which carries out the above method, and POS and ATM systems comprising such a recognition system.

Description of the prior art.

In the context of the offering of services the fruition of which requires a recognition and an authorization, the need and the convenience to use recognition and/or identity verification and/or authorization methods based on acquisition and electronic processing of biometric data are increasingly perceived.

In particular, such a need is felt in the field of services related to commercial payments, for example, services of the POS (Point Of Sale) type, or services usually provided by banks for the automatic withdrawal of money from bank accounts, for example, services of the cash dispenser/ATM (Automated Teller Machine) type.

In the known POS and/or ATM systems, a holder of a card (credit card or cash card) accesses a service through two steps, the first of which involves the use of the card itself, the second of which is a confirmation of the identity of the card holder, by typing a numeric/alphanumeric identification code, for example, a PIN or password. The identity confirmation (subject to a prior process of identity verification or "authentication") provides that the recognition system first recognizes the user, through conventional card-based methods, then retrieves the pre-registered identification code (PIN or password) of the recognized user, then compares the registered identification code and the one typed in by the user.

In this framework, it is possible to envisage replacing the identification code with a biometric datum of the user.

In this regard, several solutions for a verification of the identity of a user based on the acquisition and processing of biometric data are known, derivable particularly from the field of the identity verification for security purposes (for example, to permit or not entrance to restricted access areas, or to confidential data in an information system).

The known solutions referred to are varied, both with respect to the biometric datum that is used (for example, fingerprint, or eye iris, or electrocardiographic or breath frequencies/patterns, or voice, or typing frequency/pressure on a keyboard), and with respect to the algorithms used for performing comparison and recognition (usually, analytical "pattern matching" algorithms).

A first problem which arises, if one wished to apply such known solutions to the identity verification in the context of POS/ATM, is to have sufficiently quick, convenient, and simple acquisition procedures so as they are "attractive" for the user. This requirement , by itself, already excludes most of the aforementioned known solutions.

A second problem, even more hindering with respect to the needs felt in the context of POS/ATM services, relates to the fact that the above-mentioned solutions relate to the function of identity verification or authentication, in the meaning explained above, but do not satisfy the need for a "recognition" of the user. In fact, for a "recognition service", the user has to be identified without he/she has to previously introduce his/her presentation, for example by inserting a credit or cash card. The need to have a recognition service is felt as crucial, for POS/ATM services, having the basic objective to even avoid the need to use a card.

The solutions of identity verification that are known to the state of the art and mentioned above, are absolutely unable to meet such a need.

In fact, it should be noticed that an identity verification service involves a mere "one-to-one" comparison between the acquired biometric data of the user and previously registered biometric data of the same user.

On the contrary, a recognition service involves a "one-to-many" comparison between acquired biometric data of the user and a plurality of previously registered biometric data, belonging to all the registered users registered for a given service. Such a plurality may be very numerous: in the context of POS/ATM services, the number of registered users (for example, client of a bank) is typically of hundreds of thousands or millions individuals.

Such quantitative data indicate how significant is the difference between the requirements to be met by a biometric method for an identity verification compared to the requirements to be met by a biometric method for a recognition, and allow to understand the reason why the solutions developed for the former field are completely unfeasible in the latter one.

The main problem that arises relates to the times for the recognition, which requires a large number of comparisons, rather than only one, before obtaining a result, which makes unfeasible the idea of simply iterating many times in sequence the application of the biometric methods of identity verification (such as those mentioned above) as a recognition method.

In view of this problem, no feasible solutions are found, not even resorting to solutions that are known in other fields, for example, those based on the acquisition of fingerprints of a person to be recognized and on the scanning a database of fingerprints to find a match. Such solutions, which are used, for example, for legal investigations, entail in the known implementations, in the absence of drastic improvements, recognition times (i.e., duration of the recognition process) which are longer, by several orders of magnitude, with respect to the recognition times required in the POS/ATM field, which are acceptable if they last at most a few seconds.

Furthermore, the solutions mentioned above do not always ensure a degree of recognition reliability that is sufficient for POS/ATM applications.

In fact, it shall be noticed that the POS/ATM services, being related to payments or money transfers, require a very high recognition reliability degree, comparable to that provided by the current card-based solutions with a confirmation by means of a PIN/password. This is a stringent requirement for the providers of such services, for example, banks.

The objective of eliminating PIN/password and also the card, while maintaining a degree of recognition reliability sufficient for such applications, and relying on biometric data, is a still unsolved technical challenge.

With regard to the requirement of reliability, it is important to notice that the recognition at a POS/ATM terminal, as stated above, is currently carried out by means of a password/PIN, which are identification codes that may be defined as "exact", since they can be regenerated in an identical manner, deterministically, upon each recognition event.

On the contrary, biometric data are identification codes that may be defined as "non-exact" (or "not exact"), wherein an absolute, deterministic identity between the registered datum and the datum acquired during recognition phase cannot be achieved. One might use the analogy of a photograph: the photographs of a person are always different from each other, despite referring to the same person.

The fact of obtaining from non-exact identification codes reliability recognition results comparable to those that may be obtained from exact identification codes is a technical object that cannot be achieved by the prior art. More specifically, on one hand it is necessary that such non-exact codes represent in a sufficiently accurate and unique manner the single person (to achieve highly reliable verifications); on the other hand, it is necessary that the coding is in the most schematic and simple form, so as to speed the comparison with the already registered biometric codes (for example, in a database).

The requirements of reliability and speed, imposed by a recognition method in the POS/ATM field, are not even solved by solutions recently proposed to make the acquisition of the biometric data easy and quick, such as the solutions based on the acquisition of images of the user's hand palm.

For example, the patent application US 2012/0057763 illustrates a system of such a type, employing deterministic algorithms (SITF, convolution processes) to extract a plurality of biometric characteristics from the acquired image. The application is the one of an identity verification, in which the single "one-to-one" comparison required is carried out through a plurality of single comparisons.

The patent application US 2010/0045788 illustrates a further system of such a type, using analytical algorithms (for example, Kong algorithm, based on Gabor filters) in order to express an approximate assessment, of "pattern similarity", for example, by means of a function "distance". Such a system also performs comparisons on a plurality of biometric characteristics.

Generally, the systems of the above-mentioned type employ analytical algorithms (for example representing by means of equations the hand surface and detecting characteristic points on the hand surface) which approximate as a number, such as a "distance", a "degree of similarity" in an identity comparison check. Therefore, in order to obtain an acceptable reliability degree for an identity verification, they are "forced" to perform several comparisons, on a plurality of biometric characteristics, for each single "matching" comparison.

This involves an increase in the amount of data to be stored, for each acquired image, and an increase in the number of elementary comparisons that are necessary for each single identity verification.

For these reasons, even if it is possible to try to apply such systems in the context of a "one-to-many" recognition service (in the meaning illustrated above), such solutions cannot be applied (actually, their application is not even conceivable) in the context of services requiring the recognition of a user among thousands, or hundreds of thousands, or even millions users, such as those contemplated herein. Therefore, a relevant need emerges, not met up to now, to achieve a sensible improvement in the algorithmic strategies that are applied to such contexts.

In brief, it can be stated that a biometric recognition method such as to meet the needs of an application in the field of POS/ATM must have several characteristics: simplicity and rapidity of acquisition of the biometric datum; processing speeds such as to allow a very fast recognition; high precision and recognition reliability.

No one of the solutions of the prior art, mentioned above, is capable of meeting at the same time all the aforementioned needs, and not even of providing a performance trade-off which is close to what is required.

Therefore, the object of the present invention is to devise and provide a method for a registration and quick recognition of a user, which is improved so as to meet the above-mentioned needs, and capable of obviating the drawbacks described herein above with reference to the prior art. It is also an object of the present invention to devise and provide a method of delivering a service, employing the above-mentioned recognition method, which proves to be particularly efficient. The achievement of the object indicated above further allows achieving the further objects of devising and providing a system for a quick recognition of a user, and POS and ATM systems, which systems are, in turn, improved so as to meet the above-mentioned needs, overcoming the above-mentioned drawbacks related to the prior art.

SUMMARY OF THE INVENTION.

Such an object is achieved by a method of registration and quick recognition of a user according to claim 1.

Further embodiments of such a method are defined in the claims 2 to 27.

A method of delivering a service, employing the above-mentioned method of registration and recognition according to the invention, is defined in claim 28.

A particular embodiment of the method of delivering a service, according to the invention, is defined in claim 29.

A system for the quick recognition of a user of a service, carrying out the method of registration and recognition according to the invention, is defined in claim 30.

Further embodiments of the system are defined in the claims 31-37.

A POS service delivery system, comprising the system for recognition according to the invention, is defined in claim 38.

An ATM service delivery system, comprising the system for recognition according to the invention, is defined in claim 39.

The method of registration and recognition according to the invention is preferably directed to an application field relating to the POS/ATM services (already defined above), in relation to which it particularly deploys its advantages. By user recognition (and therefore by "recognition service" and "recognition method") is meant the ability of identifying the user without he/she has to previously introduce his/her presentation.

However, such method can be also applied to the context of other services providing for a recognition of one user among many registered users.

Furthermore, the method can be also employed for identity verification and/or authentication functions, providing for "one-to-one" comparisons of biometric data. In fact, when reference is made to an "identification code" and to a "recognition service", this also encompasses the sub-case of a confirmation of the user's identity, and, likewise, of a confirmation service of the user's identity, that can be also exploited, for example, for authorization purposes.

According to an embodiment of the method, it comprises not only the recognition of a user, but also the identification of the user, i.e., an association of the recognized user with a record of user identification data necessary to deliver the service (comprising, for example, the bank account number). Such embodiment gives a basis for the method of delivering a service, also encompassed in the invention.

BRIEF DESCRIPTION OF THE DRAWINGS.

Further characteristics and advantages of the method of registration and recognition, of the method of delivering a service, of the system for the recognition of a user of a service, and of systems for providing ATM/POS services, according to the invention, will be apparent from the description set forth below of preferred implementation examples, given by way of illustrative, non-limiting example, with reference to the annexed drawings, in which:

- Fig. 1 illustrates a simplified functional diagram of a system for the recognition of a user according to the present invention;

- Fig. 2 illustrates a simplified functional diagram of systems for providing POS services and for providing ATM services, encompassed in the invention, which use the system of Fig. 1.

DETAILED DESCRIPTION.

A method for registration and quick recognition of a user of a service, by means of identification codes derivable from biometric data, will now be described in more detail.

First of all, such method provides for the step of registering a user, through a respective registration event.

Each registration event comprises the steps of acquiring from the user to be registered at least one biometric datum; then encoding, by means of a coding procedure, the at least one acquired biometric datum into a respective registration identification code of the user to be registered; then, associating such registration identification code to the user to be registered; finally, registering the user as a registered user, and registering the associated registration identification code as the registration identification code of the registered user.

Then the method comprises the step of recognizing a registered user, among a plurality of registered users, through a respective recognition event. Each recognition event comprises the step of acquiring from the user to be recognized the same at least one biometric datum of the user, acquired in the registration step; then, the step of encoding, by the coding procedure (the same coding procedure employed in the registration event), the at least one biometric datum acquired into a respective recognition identification code of the user to be recognized.

Each recognition event further provides for preparing, based on the registration identification codes, registered at a plurality of registration events, a comparison set comprising a plurality of comparison identification codes; then, comparing the recognition identification code with each of the plurality of comparison identification codes; then, estimating, for each of such comparisons, a respective matching level; finally, recognizing or non-recognizing (i.e., refusing recognition) the user to be recognized, based on the estimated matching levels.

Each of the above-mentioned comparisons between the recognition identification code and one of the comparison identification codes comprises a processing carried out by applying at least one trained algorithm (i.e., learning algorithm).

The recognition event further comprises the step of further training said at least one trained algorithm.

The term "service" refers in general to a service the use of which requires registration. As already observed, the preferred field of application of the aforementioned method is the recognition of one user among many, aimed to deliver a POS/ATM service.

Typically - for a given service - the user registration events are many, one for each user, and they occur upon the user registration. Therefore, they give rise to a plurality of registered identification codes, one for each registered user. Such registered identification codes are stored, and form the base on which the search aimed to the recognition is performed, during a recognition event.

When using the invention as a recognition and security solution in POS/ATM terminals, the base of users using such service (for example, customers of a bank) is numerically remarkable, up to a scale order of millions of persons.

Therefore, the plurality of registered users, among which a user is to be recognized, corresponds to the plurality of users registering to access a service of the POS/ATM type, and may potentially include even millions of persons. Also the number of registered identification codes may be of the same order of magnitude, and, therefore, such is the size of the set of registered identification codes to scan to get the recognition; consequently, the number of comparisons, needed for each recognition event between the recognition identification code (i.e., the one acquired for the recognition) and registered registration identification codes, may be very large.

The term "recognition event" is intended to indicate the event which takes place when the user, who has already registered for the use of the service, wishes to perform a POS/ATM operation, for which he/she has to be recognized/identified in advance.

In view of what has been stated above, the method must have properties of particular rapidity and precision, to be able to meet the requirements imposed by the applications mentioned above.

Such properties are made possible by the characteristics of the method, illustrated above, in particular by the coding procedure of the biometric datum into a particular identification code and by the use of one or more trained (i.e., learning) algorithms upon each comparison, as it will be described in more detail herein below.

It is also important to notice that the method allows an "evolutionary" performance improvement, in terms of recognition reliability, by virtue of the above-mentioned "further training" carried out on the one or more trained algorithms in use (in particular, upon some of or all the recognition events, in an absolutely flexible manner). Such "further training" may be considered as a continuous training, i.e., an adaptive training, in which each recognition event is the occasion to improve the reliability of the same algorithm, without any drawback to the user, or any additional requirement of processing resources. Therefore, the recognition event turns out to be, at the same time, a moment of use of the algorithm, and a moment of evolution and improvement thereof.

A particular consideration may be derived from the fact that the registered identification codes do not coincide with the acquired biometric data, but they biunivocally depend thereon through the coding procedure. It is important to notice that the method of the invention is completely compatible with the fact that each data handling procedure, in the context of a registration and recognition, follows per se known criteria, and it strictly complies with the requirements imposed by laws in force and by the opinions of the in-charge authorities on the matter of security and safeguarding of privacy.

In accordance with a particular embodiment of the method, it comprises, after having recognized a registered user, a further step of further verifying the recognition, based on further comparisons, by means the trained algorithm, with different identification codes of the same registered user, stored upon previous recognition events and available upon the recognition.

In this case, corresponding to an important optional function, the further comparison with other identification codes of the same user (relating to previous recognition events) may confirm the conclusion of the recognition deriving from the comparison with the user registration identification code (relating to the current registration event), thus increasing the recognition reliability. Alternatively, if one or more of the further comparisons provides a negative outcome, this is an information that may trigger further verifications, or even reject the recognition when a minimization of the risk of a false recognition is desired. In any case, performing the further comparisons, mentioned above, optionally provides useful information for even more adaptable and flexible recognition strategies.

According to another implementation example of the method, the recognition event further comprises the steps of providing the recognition identification code, stored upon the recognition event, to a further trained algorithm for coding definition, together with the corresponding registration identification code of the recognized user; then, obtaining a new registration identification code for the user, by the trained algorithm for coding definition, based on the registration identification code registered for the user and the above-mentioned recognition identification code stored upon the recognition event; finally, registering the new registration identification code as the user registration identification code, to improve the correspondence between such registration identification code and the biometric datum.

The characteristic illustrated above, corresponding to a further important optional function, allows a further improvement of the recognition abilities, ensuring an evolution of the identification code of user, upon time, exploiting the information enrichment that can be acquired as the number of recognition events increases. This is obtained by considering each recognition event as an occasion for improving the registered biometric identification code, thus determining a progressive evolution of the recognition datum, upon each recognition event.

Such solution offers a twofold advantage: it allows a progressive improvement in terms of recognition reliability, and it further allows an adaptation to possible organic variations upon time (due to the growth or ageing processes, or possibly to trauma).

The above-mentioned characteristic involves again the use of a trained algorithm, more specifically of the above-mentioned further trained algorithm for coding definition. It should be noticed that the trained algorithm for the comparison between codes, and the further trained algorithm for coding definition may be of the same type, and belong to the classes that will be illustrated in detail herein below.

According to different embodiments encompassed in the invention, the biometric datum acquired and processed by the method may be any biometric datum, for example, a fingerprint or a biometric datum related to a configuration of blood vessels of a part of the user's body, for example, the hand.

Details are provided herein, about the case where the at least one acquired biometric datum is an image of the hand of the user to be registered or recognized. More specifically, such image may be an image of the hand palm.

In such particular implementation example, each of the steps of acquiring an image of the hand of the user to be registered or recognized comprises acquiring the image of the hand by means of an infra-red sensor, configured to detect the presence of oxygen in zones corresponding to the passage of blood vessels in the hand, so as to obtain a corresponding representation of a geometry of the blood vessels of the hand.

Such detection allows to detect, from the resulting degree of opacity, the presence of oxygen in the blood. This implies that the acquired digital image shows an image of the veins of the hand palm (in a darker color with respect to the background), in turn representing a geometry of the venous configuration.

It shall be noticed that the presence of oxygen in the blood is a certain indicator of life of the user, which is advantageous for a recognition method aimed to deliver a service, in order to avoid abuses. It shall be further noticed that the geometry of the hand blood vessels (hence, of the venous pattern of the palm) is an individual characterizing aspect, usually constant over time, and it is therefore suitable to be a characterizing biometric datum, such as to allow a recognition and identification.

The acquisition of the hand image is preferred, for reasons of practicality, simplicity, and for the significantly distinctive character of the venous pattern of the hand. Therefore, such type of biometric datum may be selected since it allows an easy and quick image acquisition, applicable without causing problems or delays to a user of a POS or a cash dispenser, and because, on the other hand, it permits a substantially certain individual recognition.

Furthermore, in order to obtain an image that is significant to the aims of the invention, such as to show the vein configuration in sufficient detail to highlight individual peculiarities, even a a coarse grain resolution is sufficient (typically, a few kbytes, for instance, 4 kB), which is advantageous to minimize the storing requirements and it is consistent with applications providing for a large number of users.

The digital image of the hand can be obtained, for example, as an output of an acquisition device, in the form of a multi-dimensional vector, i.e., a matrix, of bytes, each of which being indexed to indicate a spatial pixel, and containing a value relative to the shade of gray of the pixel (for example, 0-255).

In accordance with an embodiment, the identification code is a "non-exact" (or "not exact") identification code, and each of the steps of encoding the acquired biometric datum, at a registration or recognition event, comprises a processing of the acquired biometric datum (whichever it is) so as to obtain, as a respective identification code, a respective representation according to a given mathematical grammatical scheme.

The notion of non-exact code (such as a biometric datum) compared to an exact code (such as a password) has been already illustrated above. Particularly, a non-exact code is an identification code allowing a recognition procedure to work even in the absence of a perfect identity among the biometric data of the same user which are acquired in the registration and recognition steps.

The recognition of a non-exact code is in principle comparable to the recognition of a person, of the analogical type, which may be obtained starting from any of several photographs, different from one another, of the same person.

The method of the invention is capable of carrying out a recognition based on a non-exact code, such as the one deriving from a biometric datum. The reasons why the acquired biometric data may be different, from one acquisition event to another one, are many, including different positioning of the hand, different lighting conditions, a different approximation obtained from the simplified acquisition output, and so on.

Going through the details of the steps of acquisition and encoding of the image of the hand, one may observe the following aspects. At each image acquisition, both related to the registration, and related to each recognition event, the acquired image is "filtered", i.e., processed, so as to capture a minimum scheme (pattern) of traits that are essential for the recognition: this aspect is part of the coding procedure.

One of the aims of such operation is to spare storage resources and to reduce the verification duration time, which is a further important characteristic to enable the large scale application of the method on a, i.e., for a service with a large number of users.

Another object is to improve the reliability in terms of minimization of the false rejection ratio (FRR) and the false acceptance ratio (FAR).

According to an implementation example (relating to the case where the hand image is acquired, and the biometric datum is the venous configuration of the hand), a first aspect of the filtering operation comprises a processing of the image, according to conventional image processing methods, per se known, for example, to increase the contrast between shades of gray, and facilitate the recognition of the venous pattern.

A second aspect of the filtering operation, peculiar to the invention and founded also on the basis of detailed medical considerations, consists of excluding from the image peripheral or low blood pressure zones, which contribute little or nothing to the recognition, focusing rather on zones with a high presence of oxygen, recognizable by the different shade of grey, which correspond to the main blood vessels of the hand, and in particular to the intersections or crossings between such blood vessels.

A third aspect of the filtering is to rectify the main blood vessels identified, thus determining a stylized image of few straight segments and a few crossings, obtaining a kind of ideogram, which describes the individual aspect of the venous pattern.

Such stylized image can be stored as a registration or recognition identification code, and it advantageously requires a limited storage space and allows a simplified comparison.

In other terms, the "cloud" of data, stored as indicative of the acquired image, represents the stylization of such image, as illustrated above.

Of course, the same type of processing is performed both on the acquired image at the registration step and on the acquired image at the authentication step, to ensure a meaningful comparison.

It should be observed that all the processing operations of the image, mentioned above, consist of processing operations performed on the matrix representing the acquired image: actually, a transformation of the matrix is performed, to obtain a vector of numbers representing the registration or recognition identification code. Among the algorithms that can be used for the above-mentioned image processing, the Scale-Invariant Feature Transform (SIFT) algorithm, per se known, may be mentioned.

According to a further implementation example, the encoding procedure provides for processing the acquired biometric datum so as to obtain therefrom a respective representation according to a given mathematical grammatical scheme. This means that the numbers stored to represent the acquired image are not only organized in mathematical structures, but they are also organized in logical structures, which we define as "grammatical" by sake of analogy with grammatical syntax.

An example of a mathematical grammatical scheme (or pattern), deriving from the processing of the acquired images of the hand, is as follows:

: patterns [

{

.type "line segment"

: position

}

{

:type "Y pattern"

: position

}

]

In this case, the grammar expresses a well-formed construct in terms of standard basic patterns, i.e., it defines a configuration of basic patterns, for example a configuration of straight lines, corresponding to the abovementioned stylized image.

Herein below, details on the trained algorithms (that can be equivalent^ defined as "learning algorithms"), used by the method of the invention (with reference both to the code comparison algorithm, and to the further algorithm for coding definition) will be provided.

In accordance with an embodiment of the invention, the at least one trained algorithm, used for each comparison, comprises a trained meta-algorithm M-A, configured to estimate the matching level of each comparison and to determine or not the recognition of the user to be recognized, based on results obtained from two or more different matching level calculation algorithms (in the example of two calculation algorithms, they will be referred to as A1 and A2).

Therefore, in an embodiment, the overall algorithm employed in the processing of the method according to the invention comprises a trained meta-algorithm and two or more matching level calculation algorithms.

According to a particular implementation example, such overall algorithm algorithm (considered as a whole)is a parallel and distributed algorithm: "parallel" in that the execution of the overall algorithm provides a logically simultaneous execution of several sequential algorithmic parts; "distributed" in that the processing/calculation system, by which the overall algorithm is executed, is distributed over different calculation units concurrently operating.

In accordance with a particular embodiment, the trained meta-algorithm -A is a parametric meta-algorithm, suitable to be represented by means of a parametric formula based on the results of a set of matching level calculation algorithms (A1 , A2), wherein each of the parameters of the parametric formula is defined based on a level of reliability of the respective calculation algorithm.

According to a further implementation example, the trained meta-algorithm M-A is an analytical meta-algorithm, suitable to be represented as a finite linear combination, with real coefficients, of a set of matching level calculation algorithms, wherein each of the coefficients is defined based on a level of reliability of the respective calculation algorithm.

In this description, the term "meta-algorithm" is taken to mean an algorithm operating on the basis of other algorithms or, in other terms, an algorithm which performs "pooling" from a set of algorithms, components of the "pool".

Not necessarily the meta-algorithm is qualitatively different from the other algorithms in the "pool"; furthermore, the meta-algorithm may have a higher, or lesser, or the same complexity as the algorithms composing the "pool".

The meta-algorithm is distinguished from the other algorithms by its function: in fact, it has as its object to code the decision rule, which is taken after listening to the opinion of all the algorithms comprised in the "pool". Therefore, the meta-algorithm collects and represents the essence of the decisional rule.

The term "parametric algorithm" is adopted in the present description to mean an algorithm the behaviour of which is completely parameterized by a (finite) set of variables, defined "parameters"; typically, the variables at stake are numbers.

The term "analytic (or analytical) algorithm" is adopted in the present description to mean an algorithm for performing a calculation which implements a finitely estimable formula; in particular, the case may be pointed out, in which the formula is simple, as a linear (finite) combination. In the present description, the term "learning meta-algorithm (or algorithm)" is used to mean that the method of functioning of the meta-algorithm (or algorithm) is updated on the basis of the produced results and of the nature of incoming inputs, at least in an initial learning (or training) phase.

If the algorithm is parametric, the training is is made by a calibration of parameters defining the algorithm behavior.

As regards the matching level calculation algorithms (A1 , A2), they may be trained or untrained calculation algorithms, in accordance with different embodiments encompassed in the invention.

In accordance with a further embodiment, the calculation algorithms A1 , A2 comprise parametric calculation algorithms.

According to a particular implementation example, the calculation algorithms A1 , A2 comprise analytical calculation algorithms.

In accordance with an embodiment of the invention, the processing operation carried out during the comparison step of identification codes, employing a trained meta-algorithm M-A, comprises the steps of calculating a first matching level of two identification codes to be compared, by means of a first matching level calculation algorithm (A1); then, calculating at least one second matching level of such two identification codes to be compared, by means of a second matching level calculation algorithm (A2); finally, combining, by the trained meta-algorithm M-A, the calculated first matching level and the calculated second matching level, each weighted by a respective weight parameter, to estimate the matching level of each comparison. Each of the weight parameters is defined based on a level of reliability of the respective matching level calculation algorithm.

Focus is given now to each single comparison action, between a recognition identification code, acquired upon a specific recognition event, and one of the registered registration identification codes.

Such comparison action firstly provides for an evaluation of the "similarity" (or "matching"), to quantify a "matching probability", i.e., the above-mentioned "matching level"; then, a comparison between the obtained matching level and a preset matching (i.e., recognition) threshold.

In general terms, the similarity/matching evaluation can be performed by means of one or more trained algorithms, each of which being characterized by adjustable parameters, which are set through a learning phase, and which can be progressively refined. The application of such algorithms implies a continuous learning and improvement of the reliability of the results.

In more detail, it has to be taken into account that a very important aspect of the invention is the achievement of a high reliability (hence, probability of success), of the recognition, which involves obtaining the highest reliability as possible of each single comparison process (or "single pattern-matching") between a recognition identification code and a registration identification code.

This requires minimizing the false rejection and false acceptance events.

It should be noticed that, for use in payment systems, the occurrence of "False Acceptance" events is particularly disadvantageous, which events must be minimized (minimization of the FAR parameter).

Such requirement is not met by the use of single analytical algorithms.

On the other hand, the need to carry out the single comparison process in a very quick manner, consistently with the applications at issue, is strongly felt. Such requirement poses limitations to the complexity of the single matching level calculation algorithm: in fact, basically, the higher the reliability of a single algorithm is, the higher the complexity and slowness in obtaining a result are.

Therefore, the method of the invention is based on a synergy of a plurality of (at least two) algorithms A1 , A2, which synergy is made possible by a meta-algorithm M-A, which is trained or pre-trained, in a supervised manner. The result of the calculation algorithms A1 , A2 is filtered by the meta-algorithm M-A, which employs meta-heuristic concepts to interpret the results of the single calculation algorithms.

For example, as already noticed, the calculation algorithms A1 , A2 may be analytical algorithms, thus quick and relatively simple, since they are based on a deterministic comparison between a result of an analytical calculation and a threshold. Just for this reason, however, each calculation algorithm, considered per se, is often not sufficiently reliable.

The use of the trained meta-algorithm M-A on intermediate results, generated by other calculation algorithms A1 , A2, allows improving the reliability of the overall result, while remaining much faster compared to a possible application of trained techniques directly on single images and/or codes to be compared.

In other terms, the method of the present invention involves the synergy of a "local" level (the matching level calculation algorithms or "local algorithms" A1 , A2) and a "global" level (the trained "global" algorithm or meta-algorithm M-A, which interprets the results of the "local" algorithms).

In an implementation example, the results of each local algorithm A1 , A2 (for example, the first and second matching level estimations), once they have been obtained, can be combined by a predetermined function, characteristic of the global meta-algorithm M-A, to produce the overall matching estimation, and then to determine the recognition or not.

Such predetermined function may be for example a combination depending on weighted parameters. In accordance with a typical implementation example, such function is a sum of weighted results, according to the formula [1] set forth below:

in which R is the overall probabilistic matching estimation (R is compared to a threshold T to determine the recognition); A is the probabilistic evaluation resulting from the i-th local algorithm; Aj is the weight parameter associated to the i-th local algorithm (representative of the reliability of the results given by such algorithm).

The method, according to an embodiment of the invention, further provides, before the use in registration or recognition events, a phase of supervised training of the meta-algorithm M-A, which comprises the steps of: training the meta-algorithm M-A in a supervised manner, based on a series of training comparisons between acquired identification codes and already registered identification codes belonging to users with a known identity; then, determining the reliability level of the matching level calculation algorithms (A1 , A2), based on the results of the training comparisons; finally, defining the parameters (i.e., the weight parameters, i.e., the coefficients of the meta-algorithm M-A) based on the determined reliability levels, to obtain a desired overall probability of success of the recognition established by the meta-algorithm M-A.

Therefore, the step of supervised training of the meta-algorithm is in this case an initial training phase of the system of weight parameters or linear combination coefficients, which training is aimed to adjust the outcomes of the meta-algorithm, in order to obtain the best possible level of accuracy and minimization of the FAR (False Acceptance Ratio) parameter of the same meta-algorithm, at the initial time.

Such training phase may consist in a calibration procedure of the parameters.

Referring back to the above formula [1], it may be noticed that the parameters λι are determined in the initial training phase.

In the case in which the calculation algorithms A1 , A2 are parametric algorithms too, the initial phase comprises firstly a calibration of the parameters of the single algorithm (A1/A2), to obtain the best starting reliability; such initial calibration, which may comprise also a fine tuning, depends on the particular single algorithm (per se known) and therefore it is per se known.

Then, the initial phase provides for the use of the single calculation algorithm, once it is "tuned", for the comparison between acquired coding and registered coding of each of a plurality of test users, the identity of which is known beforehand, so as to characterize the calculation algorithm, i.e., determine the False Error Ratio (in particular, False Acceptance Ratio FAR) quality coefficients thereof.

Finally, the initial phase provides for defining the weight parameters depending on the quality coefficients of each algorithm; the preferred adopted criterion is that the weight parameter is higher the higher is the quality coefficient of the calculation algorithm, or the lower is the respective FAR parameter. It should be noted that the determination of the weights is not deterministic, but is performed on the basis of supervised training techniques, taking into account the overall result produced by the meta-algorithm.

It should be noticed that the proposed method benefits from ample margins of flexibility and degrees of freedom, which may be adapted to diverse specific projects.

The number of the calculation algorithms that are employed may vary, in different embodiments of the invention.

Also the type of usable algorithms may vary, and per se known algorithms may be selected in the most suitable manner and fitted in the method of the invention.

Typically, both the trained meta-algorithm -A and the matching level calculation algorithms A1 , A2 belong to a set comprising the following algorithms or families of algorithms: "Support Vector Machines", "Restricted Boltzmann Machines", "pattern mining" algorithms, Bayesian algorithms, Markov models, neural networks, "boosting" techniques, evolutive algorithms, algorithms using Locally Weighted Linear Regression, "collaborative filtering" algorithms, algorithms using space dimension reduction techniques.

Preferably, the trained meta-algorithm is of the "Support Vector Machine" or "Restricted Boltzmann Machine" type.

Preferably, the two or more matching level calculation algorithms are different from one another, each being one of the algorithms of a set comprising: "pattern mining" algorithms, Bayesian algorithms, Markov models, neural networks, "boosting" techniques, evolutive algorithms, algorithms using Locally Weighted Linear Regression, "collaborative filtering" algorithms, algorithms using space dimension reduction techniques (for example, "Principal/Independent Components Analysis", "Singular Value Decomposition").

In the particular case where the calculation algorithms A1, A2 are analytic, they may be for example (and without limitation): algorithms based on geometric parameters and "scoring" functions; algorithms based on representation by means of equations of the surface of the hand and analytical detection of characteristic points on the surface of the hand; algorithms of the Scale Invariant Feature Transformation SITF type (as in the already mentioned patent application US 2012/0057763); algorithms based on Gabor's filters (as the Kong algorithm of the patent application US 2010/0045788).

The case shall be now considered, where the method of the invention also comprises the step of further training the meta-algorithm M-A, while the meta-algorithm itself is employed during one or more recognition events, as already illustrated above.

Such further training is performed based on comparison results obtained during the one or more recognition events, and it involves an adjustment of the already mentioned parameters or weight parameters or coefficients associated to the matching level calculation algorithms.

The comparison results may comprise a matching level determined by the meta-algorithm and one or more matching calculations deriving from the matching level calculation algorithms.

In an implementation example, such further training of the meta-algorithm M-A is performed in a non-supervised manner.

In another particular implementation example, the further training of the meta- algorithm M-A is performed in a non-supervised manner applying feedback,, i.e., taking into account the results obtained by the different calculation algorithms A1 , A2, and increasing the weight of the most reliable algorithm for the formation of the meta- algorithm's opinion.

Therefore, the further training step is a step of continuous revision of the way in which the algorithms are combined (revision of the set of the weight parameters or set of the coefficients), which regulates the responses of the meta-algorithm, while the meta-algorithm M-A is used during the recognition service, in order to optimize the accuracy and minimize the "False Acceptance" error of the same meta-algorithm.

It shall be noticed that the use of a continuous "in field" training, during real recognition events, concurs to further and continuously improve the recognition reliability. This is coherent with the general logic of exploiting information as it is acquired to refine the method more and more, in line with the typical concepts of the trained algorithms, hence based on a learning. The aforementioned training and related non-supervised learning of the meta- algorithm, during the use thereof, will now be considered in more detail.

A first non-supervised learning mode consists in monitoring the cases where a recognition threshold, pre-set for the decision (for example, above 95% or above 99%) is not reached. In such a case, aiming to recognize the user in any case, historic images that seem to be the most similar are considered, among the available ones (acquired not in the registration step, but during previous recognition events of users candidate for the recognition), to possibly overcome the recognition threshold.

This constitutes a kind of "assistance" to the formation of the opinion by the meta-algorithm.

In such cases, if a recognition is finally reached, the results provided by each calculation algorithm A1 , A2 can be advantageously considered, and hence further information is available, to assess the reliability of each algorithm. Such further information may be partly different, and thus correct and refine the information available at the moment of the first supervised training.

This may lead to vary the weight parameters, of course in such a way to favour the algorithms which turn out to be, in relative terms, more reliable than expected.

The updating of the weight parameters may be carried out with a variable frequency, for example, at preset time intervals having a different duration.

The updating intervals are calculated by means of an exponential dampening formula that allows determining, during the calibration of the model, the alpha time lag parameter

A further possible mode of assessing the reliability of the single algorithms (in view of a continuous, evolutionary refining of the weight parameters) is to carry out a comparison between the recognition, or non-recognition, probability of each "local" algorithm A1 , A2, in those cases where the meta-algorithm M-A has reached a recognition.

Typically, in a preferred implementation example, an assessment criterion of the single local algorithms provides for the minimization of the False Acceptances (FAR).

It has been already observed that each registration event, according to the present method, comprises a phase of preparation of a comparison set comprising a plurality of comparison identification codes. Such phase comprises the steps of defining the comparison set starting from the overall set of all the registration identification codes of the plurality of already registered users, and using, on such overall set, classification and grouping techniques on the registration identification codes.

In accordance with a particular embodiment, the method just above described further comprises the steps of classifying each registered registration identification code, based on one or more classification variables; and grouping the registered registration identification codes into sets of comparison identification codes, based on the performed classification.

In the case that the registered identification codes are stored in a database, the database is scanned with a scanning order based on the grouping, and the comparison is made according to such scanning order.

For example, the comparisons are performed only or primarily on the set of identification codes arranged according to the above-mentioned criteria.

For the grouping, "clustering" techniques may be used, both supervised and non-supervised, taking into account different possible forms of groupings, or "clusters" (such as "overlapping" clusters, "fuzzy", random clusters, and so on) and different classification possibilities (for example, supervised clustering in separated clusters), in order to speed up the overall recognition procedure as much as possible.

The classification variables may belong to a set comprising: geometrical variables deriving from transformations of non-exact identification codes into identification codes according to a mathematical grammatical scheme; co- dependences between identification codes and physical positions of terminals arranged for the recognition (for example, correlations between the location of a recognition event and the location of a registration event).

It has already been noticed that the recognition functions provided by the present method go well beyond the functions of a mere identity verification, and pose much more challenging requirements. In fact, they provide not a comparison between a single acquired identification code and a single registered identification code, but a comparison between the acquired identification code and each of a plurality of registered identification codes (for example, stored in a database).

Therefore, an important aspect, to make the method performance suitable to the context of use, is to quicken not only the single comparison, as illustrated above, but also the plurality of comparisons to be performed, the number of which may be in the order of magnitude of the size of the database of registered customers, i.e., up to hundreds of thousand or even millions of users.

According to an embodiment of the invention, that can be implemented also independently from the embodiments described above, the method provides for optimized data-base navigation modes (primarily in terms of search speed), which are based on "smart" parsing of the data-base, instead of being based on a merely sequential scanning of the entire database. This implies that priority criteria are defined, indicating which parts of the database have to be scanned first, since the corresponding registered identification code possibly leading to recognition is expected to be found most probably therein.

This aspect, in turn, involves a "clusterization" of the database, i.e., a suitable grouping of the standard identification codes registered in the database. By virtue of such clusterization, therefore, the database surfing may be optimized and made quicker, which is performed by an "intelligent" scanning of the database with a scanning order based on the "clusterization", starting from the sets of registered identification codes the variables of which have the most relevance with those of the current recognition event.

It shall be noticed that such database surfing may be carried out (once the database has been organized as indicated above) by per se known database search engines.

As already noticed several times, the registration and recognition method of the present invention is typically associated to an operative service, and acts in a different manner depending on requirements set by the operative service itself.

According to an embodiment of the method, it further comprises the steps of pre-defining one or more operative parameters associated to respective operations available for the operative service; then, requesting one of such operations, by the user of the service, before the recognition is completed; then, using the operative parameters associated to the operation requested by the user, both in the recognition phase, and for delivering the operative service to the user.

In fact, for each service, a set of operative parameters is defined, for example for managing the time schedules of the requested operative service (for example, to carry out a deferred execution), or as quality thresholds to manage the trade-off between velocity and accuracy in the recognition service, each threshold being related to a type of operation that the user may request.

In accordance with an embodiment of the method, the step of recognizing or refusing recognition of the user comprises verifying whether and when the matching level obtained between a recognition identification code and one of the identification codes of the comparison set is above a matching threshold.

According to a particular implementation example, a plurality of recognition thresholds is defined, each being related to a respective operation available for the operative service. In such a case, the method further comprises the steps of requesting one of the possible operations, by the user of the service, before the recognition is completed; then, automatically selecting the matching threshold related to the operation requested by the user; finally, carrying out the step of recognizing the user by using such selected threshold as the matching threshold.

The determination of the matching threshold, i.e., the recognition probability level beyond which the recognition is determined, is an important degree of freedom in view of minimizing the "False Acceptance", even at the expense of slightly worsening the "False Rejection". In fact, it should be noticed that the setting of the recognition threshold is an important step: first of all, the threshold has to be sufficiently high to allow a minimization of the "False Acceptance" occurrence (to really minimal values, considered the type of application), but , on the other hand, it must allow a sufficiently quick processing.

Of course, the higher the threshold is, the higher is the recognition requisite, and the lower is the FAR (False Acceptance Ratio"), but to the expenses of the FRR (False Rejection Ratio") parameter. To the purpose of looking for an optimal trade-off, the definition of an unchangeable threshold is a disadvantageous obstacle and rigidity factor.

Therefore, according to an embodiment of the invention, that can be implemented also independently from the other embodiments described above, the method provides for a controllable setting of the recognition threshold, as a function of peculiar parameters of the specific operation associated to a given recognition event. In particular, the threshold setting may be controlled automatically depending on "business" parameters (e.g., requested money amount). In fact, while for certain not very critical operations (for example, transactions involving a low money amount) a slightly higher FAR risk may be accepted, to obtain the benefit of a lower FRR (which concurs to avoid annoying the user, as would happen in the case of an excessively high FRR).

On the contrary, for more critical operations, such as for example, transactions involving a high money amount, the risk, hence the FAR, has to be minimized, also paying the price of a higher FRR.

In brief, the matching (i.e., recognition) threshold, can be so set as to be as high as critical the consequences of a possible "False Acceptance" are.

Since the recognition threshold defines the maximum error that is considered as acceptable (in terms of FAR, for example), it can be set to any level, depending on the needs as above described.

Finally, it is observed that, in an embodiment of the invention, the controllable setting characteristics of the recognition threshold, illustrated above, are provided for also in those cases where trained predictive algorithms are not employed.

In accordance with a further embodiment of the method, as stated above, the step of preparing a set of comparison identification codes further comprises the step of carrying out processing operations on a set of identification codes stored for the same registered user, available upon the recognition.

Typically, such set of identification codes stored for the same user comprises recognition identification codes stored at different recognition events.

According to respective implementation examples, the set of the identification codes stored for the same user is limited to the identification code acquired upon the registration; or, it is limited to the identification codes acquired more recently; or, it is limited to the most recently acquired identification code.

In accordance with an embodiment of the method, in the case that an image of the hand is acquired as a biometric datum, the step of coding the registration or recognition image comprises geometric transformation and/or filtering operations of the acquired image, carried out based on an analysis of the image contents.

Such embodiment is developed starting from the observation that the recognition reliability may depend in a critical manner on the correspondence between the positioning of the hand upon the registration event and the positioning of the hand upon the recognition event. In other terms, the spatial coordinates of the "registration reference system" must be ideally equal to the spatial coordinates of the "acquisition reference system". An even slight positioning offset may be one of the main reasons for a recognition error.

In view of this, the phase of encoding the image may further comprise the steps of defining a reference spatial coordinate system; then, detecting an acquisition spatial coordinate system, depending on the positioning of the hand at a specific registration and/or recognition event; then, identifying a coordinate transformation necessary to pass from the reference spatial coordinates system to the acquisition spatial coordinates system; lastly, performing rotation-translation matrix processing operations on the acquired image, to obtain an equivalent acquired image, referred to the reference spatial coordinate system.

In such a manner, for each acquisition event, the differences between the optimum/ideal positioning of the hand and the actual positioning (optionally, also inclined) are recognized.

According to a particular implementation example, the reference system is the coordinate system relative to which the registration occurred, and thus the image processing consists in representing the image acquired during the recognition events relative to the same reference system of the registration event.

In addition, in another implementation example, the method operates auxiliary image processing operations, to obviate non-uniformities of other types between the moments of registration and recognition, for example in terms of a different brightness.

The method according to the invention, described above, can be employed not only for the recognition, but also, possibly, to perform propaedeutic or preparatory functions relative to a service delivery.

To this aim, in a particular embodiment, the method comprises, after the step of recognizing or non-recognizing the user, the further step of providing to a service delivery apparatus an indication of recognition or non-recognition of the user; furthermore, only if the user has been recognized as one of the registered users, the method comprises providing to the service delivery apparatus an indication of the identity of the recognized user.

A method of delivering a service is now described, encompassed in the invention. Such method of delivering provides that the service is delivered only after an indication of user recognition.

Furthermore, the delivery mode of the service depends on an indication of the identity of the recognized user, wherein the user recognition is carried out through a method of registration and recognition according to what has been illustrated above.

According to preferred embodiments of the invention, the above-mentioned method of delivering a service relates to the delivery of a POS service or an ATM service.

In such context, the method according to the invention can be used within the general framework of banking procedures, as a solution replacing the recognition by means of a PIN. In fact, such method permits the use of POS or ATM services even without the use of credit cards and/or without entering code numbers such as PINs or passwords.

This also involves that the procedures downstream of the recognition, for example relating to operations involving a money transfer, remain those standard procedures already used in the banking context. This aspect is a clear advantage of the proposed method, and makes it practically applicable.

For the use of certain services, the registration phase may be associated to an initial certification of the identity of the individual who is registering, of the type of those commonly in use at a bank branch office. Consequently, in this case, the registration phase typically occurs under the direct control of the back staff, for example, at the bank office.

Alternatively, different registration modes are possible, for example, based on a recognition of credit card, which modes are possible also not in an office, but at specialized points (for example, of airports).

With reference to Fig. 1 , a system 1 for the quick recognition of a user of a service, by means of identification codes derivable from biometric data, is now described. Such system 1 comprises at least one recognition terminal 10, storing means 30, and a recognition apparatus (server) 20.

Each of the recognition terminals 10 comprises biometric data acquisition means 11 , configured to acquire at least one user biometric datum.

Each of the recognition terminals 10 further comprises first terminal processing means 12, operatively connected to the biometric data acquisition means 11 , to receive the at least one acquired biometric datum, and configured to encode the at least one acquired biometric datum into a recognition identification code of the user, at a recognition event of the user.

The storing means 30 are configured to store a plurality of registered registration identification codes

The recognition apparatus 20 is operatively connected to the recognition terminal 10, to receive the recognition identification code generated by the terminal, and it is further operatively connected to the storing means 30 to access the registered registration identification codes.

The recognition apparatus 20 comprises recognition processing means 21 , configured to perform at least the following operations: preparing, based on the registered registration identification codes, a comparison set, comprising a plurality of comparison identification codes; then, comparing the recognition identification code with each code of the plurality of comparison identification codes; then, estimating, for each comparison, a respective matching level, by means of a processing carried out by applying at least one trained algorithm; finally, recognizing or refusing recognition of the user to be recognized based on the estimated matching levels.

The recognition apparatus 20 is further configured to further train the at least one trained algorithm upon the recognition event.

In an implementation example, the biometric data acquisition means 1 1 are configured to acquire at least one biometric datum related to a configuration of blood vessels of the user.

According to an implementation example, the recognition processing means 21 are configured to perform the overall algorithm related to the processing based on by logically simultaneous execution of several sequential algorithmic parts.

According to another implementation example, complementary or alternative to the previous one, the recognition processing means 21 are made by different calculation units, configured to operate concurrently in a context of distributed calculation (in which the overall algorithm is a distributed algorithm).

In accordance with a particular embodiment, the system 1 further comprises at least one registration terminal 15.

The registration terminal 15, in turn, comprises further biometric data acquisition means 16, configured to acquire at least one biometric datum related to a configuration of blood vessels of the user; and further comprises second terminal processing means 17, operatively connected to the further biometric data acquisition means 16, to receive the at least one acquired biometric datum. Such second processing means 17 are configured to encode the at least one acquired biometric datum into a registration identification code of the user, at a registration event of the user.

In this embodiment, the storing means 30 are further operatively connected to the registration terminal 15, to receive the registration identification code generated thereby, upon the registration event.

According to a implementation example, the registration terminal 15 and the recognition terminal 10 substantially have the same structure and the same functions.

According to a further implementation example, the registration terminal 15, configured to perform registration events, and the recognition terminal 10, configured to perform recognition events, are comprised in a single acquisition and encoding device, comprising acquisition and encoding processing means configured to operate as first terminal processing means 12 and as second terminal processing means 17.

In accordance with an embodiment of the recognition system, the recognition apparatus 20 is a server 20, located for example at an information center of the entity (e.g., bank) delivering the service, and remotely connected to the recognition terminal 10 or to the registration terminal 15 or to the acquisition and encoding device by means a communication network 50. With reference to the aforementioned operative connections between the components of the system, it should be noticed that the operative connection between the recognition terminal 10 and the recognition server 20 can be implemented by means of any per se known telecommunications network 50 (preferably, a telecommunication network of the service provider entity, for example, a VPN of a bank).

Similarly, the operative connection between the registration terminal 15 and the recognition server 20 can be implemented by the communication network 50 or another similar telecommunications network.

The operative connection 51 between the recognition server 20 and the storing means 30 can be implemented by a telecommunications network. Preferably, the storing means 30 are co-located with the recognition server 20 in the information center of the bank, and the telecommunications network which connects them is a local network (LAN) 51 present in such a center.

In order to support the above connections, the system components (recognition terminal 10, registration terminal 15, recognition server 20, and storing means 30, if not comprised in the server 20) are provided with respective communication interfaces, per se known, to the telecommunication network(s).

According to a further particular embodiment, not illustrated in Fig. 1 , the recognition system further comprises a signaling device, operatively connected to the recognition apparatus to receive an indication of recognition or non-recognition, and configured to signal such indication of recognition or non-recognition.

In a particular implementation example, the recognition signaling device is comprised in the above-mentioned acquisition and encoding device.

In accordance with an embodiment of the system, the biometric data acquisition means 11 comprise means for acquiring an image of the user's hand in the infra-red and near infra-red spectrum band, comprising at least one infra-red sensor device (in particular, operating in the infra-red and near infra-red spectrum band) configured to detect the presence of oxygen in zones corresponding to the passage of blood vessels in the hand, so as to obtain a corresponding representation of a geometry of the blood vessels of the hand. The infra-red sensor is capable of generating a digital representation of the acquired image, and the relative geometry, and of providing in output such a digital representation to the first processing means 12, to be processed as already described above. In an implementation example, the output provided by the infra-red sensor is a digital image, in the form of a bidimensional or multidimensional vector of bytes, each of which being indexed to indicate a spatial pixel, and containing a value of shade of gray of the pixel (a value ranging for example in an interval 0-255).

The above-mentioned means for acquiring the image of the hand are per se known (for example, with reference to the prior art, mentioned above in the corresponding section).

The above-mentioned first and second terminal processing means 12, 17, and the recognition processing means 21 , are implemented by processors or information machines or computers, perse known.

The storing means 30 are implemented for example by means of computers or workstations provided with memories, per se known. In different embodiments of the system, they may comprise one or more storing supports for the registered identification codes. In the case of multiple storing supports, they may be centralized or distributed.

According to different implementation examples, the storing means are incorporated in the server 20, or co-located in the same information center in which the server 20 is located, or not co-located and accessible remotely.

In accordance with an embodiment, the storing means 30 comprise a database for registration of the registered identification codes.

The recognition system 1 according to the present invention, in all the embodiments described above, is configured to perform a method of registration and recognition according to any of the embodiments of the method illustrated above.

Particularly, the above-mentioned first and second terminal processing means 12, 17, and the recognition processing means 21 are configured to perform a method of registration and recognition according to any of the embodiments of the method illustrated above.

A POS (Point Of Sale) system, encompassed in the invention, for providing POS (Point Of Sale) services conditional to the recognition of a registered user, is now described

The POS system 100 comprises a POS device 80, per se known, comprising POS processing means 81 configured to deliver a POS service, and further a system 1 for the quick recognition of a user according to the embodiments already described above.

In the recognition system comprised in the POS system, the recognition processing means 21 are further configured to send to the recognition terminal 10 an indication of recognition or non-recognition of the user. The recognition terminal 10 is co-located with and operatively connected to the POS device 80 to transmit to the processing means POS 81 of the POS device 80 such an indication of recognition or non-recognition.

Furthermore, the POS processing means 81 are configured to deliver the service only if they have received the above-mentioned indication of recognition.

An ATM (Automatic Teller Machine) system, encompassed in the invention, to provide ATM (Automatic Teller Machine) services conditional to the recognition of a registered user, is now described. The term ATM is meant to indicate also the synonym term "cash dispenser".

The ATM system 200 comprises an ATM device 90, per se known, comprising

ATM processing means 91 configured to deliver an ATM service, and furthermore a system 1 for the quick recognition of a user according to the embodiments already described above.

In the recognition system 1 comprised in the ATM system, the recognition processing means 21 are further configured to send to the recognition terminal 10 an indication of recognition or non-recognition of the user.

The recognition terminal 10 is co-located with and operatively connected to the ATM device 90 to transmit to the POS processing means 91 of the ATM device 90 such an indication of recognition or non-recognition.

Furthermore, the ATM processing means 91 are configured to deliver the service only if they have received the above-mentioned indication of recognition.

In Fig. 2, an example is illustrated, comprising both a POS system 100 (comprising a POS device 80 located for example at a shop, client of a bank) and an ATM/cash dispenser system 200 (comprising an ATM device 90 located for example at an agency or a branch of the bank), which are connected to a same recognition system (the one of the above-mentioned bank).

It shall be apparent that the invention also comprises the cases where the two systems (the POS system 100 and the ATM system 200) are mutually independent, and are connected to two different recognition systems (each according to the invention).

As it may be noticed, the object of the present invention is achieved by the method and by the systems and methods described above.

In fact, based on what has been set forth above, it is apparent that the method according to the invention is capable, based on an easy and quick procedure of biometric data acquisition, of performing a quick and reliable recognition of a user of a service among many registered users, by virtue of its own characteristics.

In particular, the encoding procedure of the biometric datum allows to decouple the biometric datum, per se, from the identification code derived therefrom (while maintaining of course a bi-unique relation). This allows, on one hand, the acquisition of a significant biometric datum by means of a "user-friendly" procedure and, on the other hand, to generate an identification code that is optimized from the point of view of the storage (it requires a few memory resources) and processing. In particular, the identification code is optimized with respect to the possibility of carrying out meaningful and quick comparisons between acquired codes and registered codes, in the context of a registration event.

Furthermore, the use of at least one trained algorithm (in the modes described in detail above) allows to considerably speed up the above-mentioned comparisons, while keeping a very high recognition reliability, as required by the services at issue. In fact, the use of trained algorithms (instead of merely analytical, untrained algorithms, as in some solutions of the prior art) enables a scalability in the application of the method, up to a very large base of registered users, and ensures with the due extreme care the correctness of the method operation. In fact, given its implementation in payment and/or money transfer systems, the method cannot sacrifice the reliability (risk of "false acceptance") to improve the efficiency and velocity. Therefore, the adoption of trained algorithms allows the method to "learn better", ensuring a quick and efficient recognition service, keeping the false acceptance level at a minimum.

Therefore, the performance of the method, in terms of velocity and reliability, that can be obtained by virtue of the above-mentioned characteristics, makes it applicable to a recognition of a user among hundreds of thousands, or even millions, with a recognition reliability level acceptable also for POS and/or ATM/cash dispenser services.

Another aspect concurring significantly to improve the performance of the method relates to the dynamic and continuous training of the algorithms/meta- algorithms used (also during the use thereof), by exploiting, to such an aim, the information made available at each recognition event.

Again, the possibility to dynamically refine the registered identification code of a given user, by exploiting different and successive recognition events also to improve the registered datum, improves the recognition reliability that can be obtained by the method.

Similarly, the possibility to dynamically adjust the recognition thresholds as a function of the type of operation required by the user, in the context of a given service, improve the flexibility of the method, so as to optimize it for different types of operations and services.

In addition, the characteristics related to the classification and grouping of the registered codes, and the search modes within the set of the registered codes, further significantly improve the performance of the method in terms of speed of recognition.

Similar considerations apply with reference to the method for delivering services, the recognition system, the POS system, and the ATM system, encompassed in the invention.

To the embodiments of the method of registration and recognition, of the method for delivering services, of the system for the recognition of a user of a service, and of ATM/POS service delivery apparatuses, according to the invention, described above, those of ordinary skill in the art, in order to meet contingent needs, will be able to make modifications, adaptations, and replacements of elements with functionally equivalent other ones, also together with the prior art, also creating hybrid implementations, without departing from the scope of the following claims. Each of the characteristics described as belonging to a possible embodiment may be implemented independently from the other embodiments described.

It shall be further noticed that the term "comprising" does not exclude other elements or steps, the term "a/an" or "one" does not exclude a plurality. Furthermore, the Figures are not necessarily in scale; on the contrary, importance is generally given to the illustration of the principles of the present invention.