The advertising of goods and services over media such as television and the Internet is now commonplace. With television advertising, the public can often purchase the goods or services so-advertised over the telephone using a credit card facility. With the Internet, the general public can order numerous consumer goods and/or services online. Once again, payment for these goods and/or services is often by a credit card facility. Yet again, payment of goods at their point of sale by credit or debit cards (EFTPOS) is now common in the marketplace.

Although credit and debit cards are usually issued by private enterprise, Government Departments also issue cards or documents which purport to be unique to an individual. Typical issues include a driving licence and healthcare or pension card.

A significant disadvantage of such cards and documents 15 that the issue and policing thereof is inadequate to prevent an unscrupulous person from fraudulently obtaining a multiple of such cards or documents and accessing funds and/or receiving Government licences or social security payments in the names of a number of individuals.

In an attempt to overcome these problems, Governments, in the past, have postulated the issue of a master card for each individual which contains information unique to that individual, for example biometric information, and that card would have to be produced before any financial transaction is undertaken or before any Government license or social security card or the like is issued to that individual.

However, such proposals have met with strong resistance from the general public as it is considered inappropriate for a Government to hold such personal and unique

information on its citizens and others on a database. Accordingly, these proposals have been soundly rejected to date by the general public.

It is thus a general object of the present invention to provide a method for the positive identification of an individual which substantially eliminates the above- described disadvantages without requiring information to be retained by the issuing authority, particularly Government, from which any specific individual can be identified.

According to the present invention, there is provided a method for the positive identification of an individual, said individual having a first identification means adapted for carriage with said individual, said method including : obtaining biometric data unique to said individual ; deriving from said biometric data a first algorithm unique to said individual ; storing said first algorithm on a database ; deriving from said biometric data a second algorithm unique to said individual, said second algorithm differing from said first algorithm ; storing said second algorithm on said first identification means ; providing means to obtain verification biometric data from a person requiring said positive identification ; deriving from said verification biometric data a verification algorithm ; and comparing said verification algorithm with said first algorithm ; wherein identification of said person is deemed positive if :

said verification algorithm is identical with said first algorithm; and said person can offer said first identification means at time of said positive identification being undertaken.

It is to be noted that the biometric data of an individual is not stored either on the identification means or the database, only the appropriate algorithms derived from that biometric data. As such algorithms cannot be reversed engineered to the originaidata, personal biometricdata ofthe individual cannotbe obtained therefrom, Preferably, said identification means is a card of the type capable of holding information in a machine-readable form.

Said biometric data can be any such data unique to said individual and includes one or more fingerprints, iris scan, facial features, hand geometry and voice pattern or any combination thereof.

Preferably. said biometric data is a fingerprint analysis.

Optionally, said biometric data can include an embedded image of said individual, typically, a head and shoulders photographic image of said individual.

Optionally, further security is provided by encrypting one or more of said first algorithm, said second algorithm and said verification algorithm.

In an embodiment of the present invention, said individual attends a point of issue for said identification means, for example to a bank for a machine-readable"smart" card, where normal identification procedures forbanking orcredit card facilities must be met before said identification means is issued, As is usual when applying for a credit or debit card at such an institution, the individual must first provide positive identification which meets the requirements of the institution before proceeding.

Once assigned a smart caF blorneulc data, In particutar, fingerprint cat, uf tPe

individual is taken at the institution using any suitable fingerprint reader known in the art. Although not essential, data can be taken from two or more fingerprints to further decrease the likelihood of a subsequent false identification of said individual.

From the scanned image of the fingerprint (s), an algorithm unique to that scanned image is generated and encrypted using any appropriate encryption algorithm known in the art. A first fragment of that encrypted algorithm is stored on a master database. A second fragment of that encrypted algorithm, differing from the first fragment, is stored on the smart card For the purposes of this embodiment of the present invention, the establishment of this smart card and its associated storage of the first fragment on the master database is considered to be the first such enrolment by the individual on that master database.

The individual is then free to use the smart card in accordance with its conditions of issue.

Should that individual, or another person falsely representing to be that individual, attempt to obtain another identical such smart card, the fingerprint (s) of that person/individual is taken, an encrypted algorithm as described above is established and a fragment of the form corresponding to the first fragments stored on the master database is determined and compared with all actual first fragments stored in the master database. If there is a match, then the issue of the smart card can be denied.

On the other hand, if the individual who has genuinely obtained the smart card now wishes to obtain, for example, a driving licence, the fingerprint (s) of that individual is taken, an encrypted algorithm as described above is established and a fragment of the form corresponding to the first fragments stored on the master database is determined and compared with all actual first fragments stored in the master database. If there is a match, the driving ticence would only be issued if the individual can produce the smart card (representing the original enrolment of that individual as discussed above) which contains the second fragment stored on the emart card whichl can be comparod with th4 corresponding nnd fragment of thiq

fingerprint sample provided by the individual at the time of requesting the driving licence.

By using the present invention, a secure method of identifying an individual can be obtained. However, no personal or private details of any one individual is held on any database and, even if a person should fraudulently obtain access to the details held on the master database, it has no value to that person.

Itwill be appreciated that the above described embodiment is only an exemplification of the present invention and that modifications and alterations can be made thereto without departing from the inventive concept as defined in the following claims.