DENYER PETER BRIAN (GB)
QUANTUM FUND LTD (GB)
| US4451929A | 1984-05-29 | |||
| US4724542A | 1988-02-09 | |||
| GB2087548A | 1982-05-26 | |||
| US4696046A | 1987-09-22 | |||
| EP0075728A2 | 1983-04-06 | |||
| DE2840716A1 | 1980-03-27 | |||
| EP0043988A1 | 1982-01-20 |
| 1. | A method of updating reference biometric data characteristic of an individual for use in a verification or authentication process in which process the relationship between the currently measured biometric data and the reference biometic data is determined, the method comprising monitoring the acceptibility of the relationship determined during a number of verification or authentication processes; and if a number N of the relationships over a number M of verification or authentication processes is unacceptable, updating the reference biometric data with more recently obtained biometric data. |
| 2. | A method according to claim 1, wherein the more recently obtained biometric data which is used to update the reference biometric data is selected from biometric data which satisfies predetermined conditions defining a better degree of acceptability than is essential to pass the verification or authentication process. |
| 3. | A method according to claim 2 , wherein the most recently obtained measured biometric data which satisfies the predetermined conditions will be used to update the reference biometric data. |
| 4. | A method according to any of the preceeding claims, wherein N is at least 3 and M is 8. |
| 5. | A method according to any of the preceeding claims, further comprising monitoring the performance of the user and providing an indication that reenrolment is advisable if the performance of the updating method satisfies predetermined conditions. |
| 6. | A method according to claim 5, wherein the predetermined conditions comprise the detection of at least P consecutive unacceptable relationships, or the performance of at least Q updating steps within R performances of the verification or authentication process. |
| 7. | A method according to claim 6, wherein P is 4, Q is 3 and R is 32. |
| 8. | A method according to any of the preceeding claims, wherein the biometric data define a fingerprint. |
One of the problems with the conventional system is the manner in which initial enrolment is performed. Generally, a number of sets of biometric data have to be supplied which are then processed to form a final reference data set.
Furthermore it has been the practice in a number of identification systems to continually update the reference biometric data whenever a successful identification occurs. Thus, as soon as an individual passes the required verification or authentication requirements, the reference
SUBSTITUTESHEET
biometric data is replaced by the currently measured biometric data.
In accordance with the present invention, a method of updating reference biometric data characteristic of an individual for use in a verification or authentication process in which process the relationship between the currently measured biometric data and the reference biometric data is determined comprises monitoring the acceptibility of the relationship determined during a number of verification or authentication processes; and if a number N of the relationships over a number M of verification or authentication processes is unacceptable, updating the reference biometric data with more recently obtained biometric data. We have devised a method which allows a very simple enrolment process, generally the supply of a single set of biometric data, but which updates that reference data depending upon the performance of the individual during subsequent verification or authentication processes. It should be noted, in contrast, that previous updating techniques have not monitored the performance of the user but have simply replaced the reference data on every occasion of a successful identification. Our method also reduces the need for formal reenrolment in the case of poor performance.
A problem with biometric characteristics is that these can vary due to damage, variations in temperature and variations in the manner in which the parameter is presented by the individual. Consequently, verification or authentication processes generally define a tolerance band within which a current biometric measure must fall. This tolerance band is defined by the initial reference data. A balance has to be drawn, however, between making
SUBSTITUTESHEET
the band too narrow so as to produce a number of false acceptances and making the band broad enough to reduce the number of false rejections. This balance can vary depending upon the sensitivity of the activity to which the individual is to be permitted access.
A problem with these conventional updating methods is that where currently measured or bid biometric data fall close to the limit of a tolerance band then this will be used to update the reference biometric data thus running the risk that the quality of this reference data will be degraded by being over written by marginal bid data.
Prefer *ably therefore in order to overcome this problem, the more recently obtained biometric data which is used to update the reference biometric data is selected from biometric data which satisfies predetermined conditions defining a better degree of acceptability than
* is essential to pass the verification or authentication process.
For example, where the relationship used in the verification or authentication process is a tolerance band within which the currently meausured biometric data must fall, the predetermined conditions may define a narrower tolerance band.
In other examples, in which a comparison score is generated defining the relationship between the currently measured and reference biometric data, only currently measured biometric data which has a score exceeding a threshold is used to update the reference biometric data.
In further examples, the condition of the currently measured biometric data is monitored, the predetermined conditions defining a condition of the currently measured biometric data exceeding a threshold. For example, in the case of fingerprint verification, an image of the fingerprint is formed by contact between the finger and a
SUBSTITUTESHEET
platen. The platen is typically made of a polymer material to improve the optical contact of the skin. The brightness of the image is caused by a good (high area) optical contact. In this system - contact causes brightness. Poor contact may occur due to
1) Insufficient application pressure.
2) Dry skin.
The optical sensor in the unit (CCD imager) recognises the brightness as a voltage output. This output is digitised and filtered to produce a digital image.
If the brightness is low - the image becomes degraded and starts to be affected by noise - eg. background illumination effects which are always present in the system. On a wider view - ie. applying re-enrolment to other non-optical biometric systems - brightness is synonymous with any sensor output - eg. sound, temperature.
Typically, the most recently obtained measured biometric data which satisfies the predetermined conditions will be used to update the reference biometric data.
In the preferred example, N is at least 3 and M is 8. In some cases, the user's performance can be so poor that automatic updating of the reference data is insufficient to significantly improve his performance. Preferably therefore the method further comprises monitoring the performance of the user and providing an indication that reenrolment is advisable if the performance of the updating method satisfies predetermined conditions. These predetermined conditions may comprise the detection of at least P consecutive unacceptable relationships, or the performance of at least Q updating steps within R performances of the verification or authentication process.
In the preferred examples, P is 4, Q is 3 and R is 32.
An example of a fingerprint verification process incorporating a method according to the invention will now
SUBSTITUTESHEET
be described with reference to the accompaning drawing which is a flow diagram of the method.
In this description it will be assumed that a conventional fingerprint detection apparatus is used for example of the type described in PCT/GB90- /01270 the disclosure of which is incorporated herein by reference. It should be noted, however, that the present invention is applicable to all forms of biometric verification including signature, voice and the like. Before the verification or authentication process can be used, a formal enrolment process is undergone. In this enrolment process, the user is requested to give a single fingerprint in the same fashion as for a normal or bid use. This is particularly attractive to the user since it minimises the time involved in enrolling but it has to be recognised that the enrolled image is significantly imperfect for approximately 20% of the user population. The present invention overcomes this problem by monitoring the performance of each user. During a normal use, the user presents his finger to enable bid biometric data to be determined (step 1) . This determination is performed in a conventional manner to generate a value or set of values which are then compared (step 2) with a corresponding reference set which initially has been obtained during the enrolment process. This comparison may involve determing the difference between two single values or, in the case of sets of values, dermining the Euclidean distance between the sets. In another approach, the reference data can be used to set a tolerance band around the or each reference value and it is determined whether the corresponding bid values each fall within their respective tolerance bands.
Whether or not the comparison is successful, an unsuccessful bid count N is reviewed. This value N represents the number of unsuccessful bids in the last eight attempts. Thus, the last eight attempts including the most recent are reviewed and the count N adjusted to
SUBSTITUTESHEET
indicate the number of unsuccessful attempts in those last eight (step 3) .
If the latest bid is unsuccessful, for example because one or more of the bid values falls outside corresponding tolerance bands or the difference between the bid and reference data exceeds a predetermined threshold then the verification or authentication process may end although in some cases processing may return to step 1 to allow a further attempt to be processed. A limit may be set on the number of repeats permitted in a certain time interval.
If the bid is successful then verification will be indicated (step 4) allowing the user to perform the secure process to which he has gained access. In addition, in the case of a successful bid, the count N is reviewed to see whether it is equal to or exceeds 3. If it is less than 3 then the process ends but if it is equal to or greater than 3 then the tolerance reference data is replaced with the most recently obtained bid data (step 5) .
In certain circumstances, a user's performance may be so poor that this process will not be sufficient by itself to improve the performance. This may be detected if for example there are four or more consecutive unsuccessful bids or the reference data is replaced three or more times within a history of 32 attempts. In these cases, the user can be recommended to reenrol under supervision using a different finger. The recommendation contains the form of an audible or visual warning, repeated at every bid.
SUBSTITUTESHEET