[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

US20130318361A1 - Encrypting and storing biometric information on a storage device - Google Patents

Encrypting and storing biometric information on a storage device Download PDF

Info

Publication number
US20130318361A1
US20130318361A1 US13/899,289 US201313899289A US2013318361A1 US 20130318361 A1 US20130318361 A1 US 20130318361A1 US 201313899289 A US201313899289 A US 201313899289A US 2013318361 A1 US2013318361 A1 US 2013318361A1
Authority
US
United States
Prior art keywords
biometric
biometric template
smart card
private key
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13/899,289
Inventor
Douglas M. Erickson
Cameron Craig Morris
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Partnet Inc
Original Assignee
Partnet Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Partnet Inc filed Critical Partnet Inc
Priority to US13/899,289 priority Critical patent/US20130318361A1/en
Priority to PCT/US2013/042256 priority patent/WO2013177297A2/en
Assigned to PARTNET, INC. reassignment PARTNET, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ERICKSON, DOUGLAS M., MORRIS, CAMERON CRAIG
Publication of US20130318361A1 publication Critical patent/US20130318361A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3257Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/42Anonymization, e.g. involving pseudonyms

Definitions

  • the present disclosure relates generally to communication systems. More specifically, the present disclosure relates to encrypting and storing biometric information on a storage device.
  • Communication systems are widely deployed to provide various types of communication between devices. These systems increase productivity, communication and the availability of information.
  • a person may be able to access sensitive data, but may have to sacrifice anonymity to do so.
  • a person may be able to stay anonymous, but may not be able to access sensitive information as a result. Therefore, systems and methods that enable access to data while maintaining privacy may be beneficial.
  • FIG. 1 is a block diagram illustrating one configuration of a system for encrypting and storing biometric information on a storage device
  • FIG. 2 is a flow diagram illustrating one configuration of a method for encrypting and storing biometric information on a storage device
  • FIG. 3 is a flow diagram illustrating a more detailed configuration of a method for encrypting and storing biometric information on a storage device
  • FIG. 4 is a block diagram illustrating a more specific configuration of a system for encrypting and storing biometric information on a storage device using multiple public keys and private keys;
  • FIG. 5 is a block diagram illustrating another configuration of a system for encrypting and decrypting biometric information
  • FIG. 6 is a flow diagram illustrating one configuration of a method for decrypting biometric information
  • FIG. 7 is a flow diagram illustrating another configuration of a method for decrypting biometric information.
  • FIG. 8 is a block diagram illustrating various components that may be utilized in an electronic device.
  • a method for encrypting biometric information by an electronic device includes obtaining biometric data.
  • the method also includes generating a biometric template based on the biometric data.
  • the method also includes encrypting the biometric template.
  • the method also includes sending the encrypted biometric template to a storage device.
  • the method may include generating a public key for encrypting the biometric template.
  • the method may also include sending the public key to the storage device.
  • the method may also include generating a private key for decrypting the encrypted biometric template.
  • the method may also include storing the private key on a smart card.
  • the private key may be for decrypting the biometric template.
  • the smart card may be associated with a heath care provider.
  • the method may also include obtaining medical records corresponding to the encrypted biometric template.
  • the biometric template may be stored in a computing cloud.
  • the method may include storing a first private key on a first smart card corresponding to a first encrypted biometric template.
  • the method may also include storing a second private key on a second smart card corresponding to a second encrypted biometric template.
  • the first encrypted biometric template may be configured to be decrypted using only the first private key on the first smart card.
  • the second encrypted biometric template may be configured to be decrypted using one of the first private key on the first smart card and the second private key on the second smart card.
  • the method may include scanning a smart card including a private key corresponding to the biometric template.
  • the method may also include sending the private key to the storage device for decrypting the encrypted biometric template in response to scanning the smart card.
  • the electronic device for storing an encrypted biometric template on a storage device.
  • the electronic device includes a processor and memory in electronic communication with the processor.
  • the electronic device also includes instructions stored in memory.
  • the instructions are executable to obtain a biometric identification.
  • the instructions are also executable to generate a biometric template from the biometric identification.
  • the instructions are also executable to encrypt the biometric template.
  • the instructions are also executable to send the encrypted biometric template to be stored in a storage device.
  • a method for storing biometric information by a storage device includes receiving an encrypted biometric template.
  • the method also includes receiving a public key.
  • the method also includes receiving a private key for decrypting the encrypted biometric template.
  • the method also includes determining whether the encrypted biometric template corresponds to the public key.
  • the systems and methods described herein include an electronic device for encrypting biometric information and storing the information on a storage device.
  • biometric information there are many concerns regarding the accuracy of the information and the privacy of individuals associated with the biometric information.
  • health care providers e.g., hospitals, clinics, insurance companies, etc.
  • other organizations depend on accurate information about patients, including histories and identities of patients in providing the best health care possible.
  • a benefit of encrypting biometric information and storing it on a storage device e.g., a central database
  • a storage device e.g., a central database
  • a patient may include a patient requesting health treatment or any person associated with biometric information and records on a storage device.
  • records on a storage device may refer to any kind of information (e.g., privacy sensitive information) whose access may be restricted by a patient with an interest in access to or the distribution of that information.
  • an electronic device may distribute various keys for encrypting and decrypting the biometric information in such a way as to further protect the privacy of patient information while preventing patients or other individuals from manipulating a system in which health care providers are not given complete access to medical histories, records and other information (e.g., privacy sensitive information).
  • FIG. 1 is a block diagram illustrating one configuration of a system 100 for encrypting and storing biometric information on a storage device 104 .
  • the system 100 may include an electronic device 102 and a one or more storage devices 104 that communicate using a network 106 .
  • Examples of an electronic device 102 may include servers, personal computers (PCs), laptop computers, tablet devices, smartphones or other kinds of electronic or computing devices.
  • the electronic device 102 may be controlled by a user and/or a health care provider.
  • Examples of the one or more storage devices 104 may include one or more servers, personal computers (PCs), laptop computers, tablet devices, smartphones or other kinds of electronic or computing devices.
  • One or more of the storage devices 104 may be implemented as a medical record patient security system (MRPS).
  • MRPS medical record patient security system
  • biometric information may include biometric data, biometric templates created from the biometric data, encryption and decryption keys or other information used in connection with biometric information being encrypted and stored on a storage device 104 .
  • the electronic device 102 may include a biometric module 108 .
  • the biometric module 108 may be a hardware and/or software module used to obtain biometric data and perform one or more operations on the biometric data.
  • the biometric module 108 may include hardware and/or software for scanning or capturing biometric data from a patient. Biometric data may be obtained through a variety of techniques, including a palm vein scan, palm print, fingerprint, retinal scan, face recognition scan, blood sample or other method for capturing data that may be used to identify a patient.
  • the biometric module 108 may obtain multiple types of biometric data from a single patient.
  • the biometric module 108 may be implemented as part of the electronic device 102 and/or on a remote device in communication with the electronic device 102 .
  • the biometric module 108 may receive biometric data from a device (e.g., palm vein scanner) that is coupled to the electronic device 102 .
  • a device e.g., palm vein scanner
  • the biometric module 108 may also include hardware and/or software for generating a biometric template based on the biometric data.
  • the biometric template may include any details of the biometric data for determining a match between the biometric template and the biometric data.
  • the biometric template may be a digital representation of the biometric data itself.
  • the biometric template may be generated as a reduced or compressed version of the biometric data.
  • the biometric template may be a parameterized representation of the biometric data (e.g., characteristics of the biometric data such as sizes, distances, features and/or numbers of features, etc.).
  • the biometric template may include any data that can be utilized for matching a subsequent fingerprint with the biometric template.
  • the biometric template may include any data for determining a match between the biometric data of a patient and the biometric template created by the biometric module 108 .
  • the biometric template may be a reduced version of the biometric data, including a portion of the biometric data that may be used in determining a match between the biometric template and subsequently obtained biometric data.
  • the biometric template may include additional information about a patient, such as insurance information or other personal identification information, in addition to the biometric data.
  • a biometric template may be generated for a patient the first time a patient provides biometric data or upon a specific request for enrolling with a health care provider. The biometric template may then be used later when comparing the biometric template to subsequently obtained biometric data and verifying the identity of a patient.
  • the electronic device 102 may also include an encryption module 110 .
  • the encryption module 110 may be a hardware and/or software module used to encrypt one or more biometric templates. Similar to the biometric module 108 , the encryption module 110 may be included within the electronic device 102 or alternatively implemented as part of a separate device (e.g., a certificate issuing authority).
  • the encryption module 110 may encrypt the biometric template using a variety of methods. In one example, the encryption module 110 may generate a public key for encrypting the biometric template. Further, the encryption module 110 may generate a private key for decrypting the biometric template.
  • the encryption module 110 may encrypt the biometric template such that the encrypted biometric template may only be encrypted with access to the private key. Thus, the encryption module 110 may obtain the biometric template from the biometric module 108 and encrypt the biometric template using a public key as well as generating a private key for later decrypting the encrypted biometric template.
  • the electronic device 102 may also include a smart card module 112 .
  • the smart card module 112 may be a hardware and/or software module for programming a smart card. Similar to the biometric module 108 and the encryption module 110 , the smart card module 112 may be included within the electronic device 102 or alternatively implemented as part of a separate device.
  • the smart card module 112 may obtain one or more private keys generated using the encryption module 110 and program a smart card using one or more of the private keys.
  • the smart card module 112 may store a private key on a smart card that corresponds to specific biometric data and/or a public encryption key.
  • the smart card module 112 may also be used to store one or more public keys on the smart card.
  • the smart card module 112 may later be used to obtain the private key stored on the smart card for later decrypting an encrypted biometric template.
  • the smart card may be issued when a patient first provides biometric data, and when the biometric template is first encrypted. The smart card may then be used when a patient subsequently provides biometric data and the private key on the smart card is used to verify a match between subsequently obtained biometric data and the encrypted biometric template.
  • the smart card module 112 may not store any biometric information on the smart card.
  • the electronic device 102 may also include a communication interface 114 .
  • the communication interface 114 may be a hardware and/or software module used to communicate with one or more electronic and computing devices.
  • the communications interface 114 may be used to send and receive communications to a storage device 104 , smart card or other device.
  • the communications interface 114 may be used to communicate with a variety of electronic and/or computing devices over a network 106 .
  • the electronic device 102 may communicate with a storage device 104 over a network 106 .
  • the network 106 may be a computer network such as a Local Area Network (LAN), Wide Area Network (WAN), Public Switched Telephone Network (PSTN), cellular phone network, Internet, Intranet or other medium that may be used for transferring data between an electronic device 102 and one or more storage devices 104 .
  • the network 106 may be used to facilitate communication between multiple electronic and computing devices as well as additional storage devices.
  • the storage devices 104 may be used to store biometric information and/or other data. Each storage device 104 may include hardware and/or software for storing biometric information received from the electronic device 102 or other computing devices. One or more storage devices 104 may include a central database accessible to multiple electronic devices. The storage devices 104 may also be remote storage devices and/or include a virtual database (e.g., cloud computing) for storing biometric templates, public keys and/or other data received from the electronic device 102 . Further, the storage devices 104 may be implemented on multiple devices and/or include multiple databases for storing data.
  • a virtual database e.g., cloud computing
  • a storage device 104 may include a biometric template database 116 .
  • the biometric template database 116 may store encrypted biometric templates received from the electronic device 102 .
  • the biometric template database 116 may also store one or more public keys corresponding to the biometric templates.
  • each biometric template may be stored centrally on a storage device 104 on a record-by-record basis with an accompanying public key used to encrypt the biometric template.
  • the biometric template database 116 may store the encrypted biometric template and associated public key without also storing the private key associated with the biometric template.
  • the biometric template database 116 may include one or more encrypted biometric templates and public keys without the necessary tools for decrypting the encrypted biometric templates received from the electronic device 102 .
  • a storage device 104 may also include a records database 118 .
  • the records database 118 may store medical records of patients. In one configuration, the records may be encrypted using a separate encryption key or alternatively using the public key provided by the electronic device 102 .
  • the records may also be linked to a corresponding biometric template or other biometric information.
  • the storage device 104 may determine whether a link exists between the biometric templates and records stored on one or more of the storage devices 104 . In some configurations, one or more links between the encrypted biometric template and records may be included within the encrypted biometric template or among the biometric information provided by the electronic device 102 . Records and other information stored on the records database 118 may include any kind of information (e.g., privacy sensitive information) that may be limited from access to the public and other organizations.
  • financial information or other privacy sensitive information about an individual may be stored using the systems and methods described herein.
  • This information stored on the records database 118 may be stored such that businesses, insurance companies or other organizations may be restricted in accessing privacy sensitive information without the express permission of an individual associated with the information.
  • the biometric template database 116 and the records database 118 may be located on separate storage devices 104 .
  • the records database 118 may be stored on a storage device 104 associated with a healthcare provider, while the biometric template database 116 may be stored on a separate storage device 104 associated with a third party.
  • a storage device 104 may also include a communication interface 120 .
  • the communication interface 120 may be a hardware and/or software module used to communicate with one or more electronic and computing devices.
  • the communication interface 120 may be used to send and receive communications to one or more electronic devices over the network 106 .
  • the storage device 104 may use the communication interface 120 to send/receive encrypted biometric templates, medical records and other data over the network 106 .
  • the electronic device 102 may be used to encrypt biometric information, which may be sent over the network 106 to be stored on a storage device 104 .
  • the electronic device 102 may obtain biometric data using a variety of techniques. For example, obtaining the biometric data may include scanning a fingerprint, scanning a thumbprint, scanning a handprint or palm, performing a vein scan of the palm, performing an eye, iris or retina scan, taking a blood sample or other technique of obtaining data that may be used for identifying a patient providing the biometric data.
  • the electronic device 102 may obtain multiple types of biometric data from each patient in the case that one type of biometric data is insufficient or in cases where a specific device for obtaining a certain type of biometric data is unavailable. Further, obtaining multiple types of biometric data may provide enhanced reliability of biometric information.
  • the electronic device 102 may generate a biometric template based on the biometric data.
  • the electronic device 102 may generate a biometric template for each type of biometric data obtained by the electronic device 102 .
  • Generating the biometric template may include creating a reduced or compressed version of the biometric data.
  • the biometric template may include some or all of the information from the biometric data in a reduced or compressed form.
  • the biometric template may include data that may be used by the electronic device 102 or other computing device to determine that the biometric template is based on the biometric data or is linked to a specific patient. For example, where the biometric data is a fingerprint, the biometric template may include a reduced portion or encrypted data that corresponds to the fingerprint obtained by the electronic device 102 .
  • the biometric template may include enough data for determining with a high probability that the biometric template matches the fingerprint obtained by the electronic device 102 .
  • the electronic device would be able to identify the subsequent fingerprint as a likely or probable match to the biometric template generated based on the previously obtained biometric data.
  • the electronic device 102 would be able to prevent access to any confidential information about the patient.
  • the electronic device 102 may also encrypt the biometric template.
  • the electronic device 102 may generate a public key and a private key for encrypting and decrypting the biometric template.
  • the biometric template may be encrypted using the public key.
  • the electronic device 102 may encrypt the biometric template or may alternatively provide the biometric template and the public key to another electronic device or computing device (e.g., a storage device 104 ) to be encrypted using the public key.
  • the electronic device 102 may send the encrypted biometric template and the public key to a storage device 104 . Because the private key is needed for decrypting the encrypted biometric template, the electronic device 102 may send the encrypted biometric template to the storage device 104 with the public key, but without the private key.
  • the storage device 104 may store the encrypted biometric template and other information received from the electronic device 102 .
  • the electronic device 102 may maintain the private key or store the private key on another device.
  • the electronic device 102 may program a smart card having an integrated circuit or other medium for storing data (e.g., thumb drive, optical disc, etc.).
  • the electronic device 102 may store the private key and the public key on the smart card.
  • the smart card may be affiliated with and/or issued by a health care provider, such as a hospital, clinic, insurance company or other organization that may benefit from obtaining secure information about a patient.
  • the smart card may be given exclusively to the patient, thus making it difficult or impossible to decrypt the encrypted biometric template without the use of the private key on the smart card.
  • the electronic device 102 may then discard the private key such that the only existing private key is on the smart card.
  • the electronic device 102 may maintain a copy of the private key or send the private key to a remote device for verification purposes in case the smart card is lost.
  • a storage device 104 may receive the biometric template and public key and store the biometric template and public key in a biometric template database 116 .
  • the biometric template may be encrypted on a record-by-record basis, and may correspond to medical records on the same or separate storage devices 104 .
  • the biometric template database 116 may be implemented on a device (e.g., the storage device 104 ) or a computing cloud.
  • each smart card may correspond to a public key stored in the cloud.
  • Each patient and dependent may be linked together such that when a new biometric template is created, the new biometric template may be encrypted with all public keys associated with a patient.
  • no explicit association or link between the biometric template and the medical records may be stored (in the biometric template database 116 , for example).
  • a storage device 104 may receive the encrypted biometric template and link the encrypted biometric template with medical records corresponding to the biometric template stored on one or more storage devices 104 .
  • the encrypted biometric template based on the biometric data of a patient may be linked to medical records on one or more storage devices 104 .
  • the medical records may be anonymized and/or encrypted.
  • the storage device 104 may not contain personal identification information (e.g., Social Security Number (SSN), driver's license number, address, date of birth, etc.) that would directly identify one or more patients corresponding to the medical data until the encrypted biometric template is decrypted using the private key (e.g., from the smart card).
  • the medical records may be encrypted using the same or a different public key as the biometric template.
  • the biometric template and the medical data may be unreadable without using the private key to decrypt both the biometric template and the medical data.
  • One or more storage devices 104 may also store the biometric template and the medical records on the same or different storage devices 104 .
  • Encrypting the biometric template using a public key and then distributing the public key and the private key to different devices may ensure the privacy of the patient associated with the biometric data.
  • the biometric template and the public key may be sent to a storage device 104 while the private key may be maintained on a smart card (and/or the electronic device 102 )
  • other devices with access to the storage device 104 would be unable to link the medical data to the patient or would be unable to access the medical data associated with a specific patient.
  • the privacy of the patient is enhanced as it becomes more difficult for other devices to access a patient's medical records and/or identify a patient corresponding to the medical records.
  • any additional information added to a patient profile or records after treatment may be re-encrypted using the same or a different public key, and stored again in the storage device 104 until the private key is later provided.
  • the owner of the smart card may be granted exclusive control over who may utilize a patient's health care (e.g., insurance, health plan, etc.) or access a patient's medical records.
  • a patient's health care e.g., insurance, health plan, etc.
  • the electronic device 102 may require both biometric data as well as the private key, it may be possible to further secure medical data from anyone who may be in wrongful possession of the smart card or from someone trying to manipulate the health care system. For example, if someone in wrongful possession of the smart card attempts to obtain medical records of a patient, their subsequently provided biometric data would not match the biometric template, even if the biometric template is decrypted using the private key on the smart card. Thus, a health care provider, even upon receiving a private key, could prevent unauthorized access from someone in wrongful possession of a smart card.
  • obtaining the biometric data coupled with the private key on the smart card may grant access to the medical records corresponding to the patient.
  • access to the medical data may be based on patient consent (e.g., patient consent settings for medical record access). For instance, a patient may restrict access to all or part of the medical data even when a matching biometric and private key are provided.
  • the private key may also be accompanied by a personal identification number (PIN) as another level of security.
  • PIN personal identification number
  • a storage device 104 containing biometric templates may also be used to verify the existence of a patient or patient records in one or more storage devices 104 .
  • multiple types of biometric data may be captured for improving the ability to recover medical data from a storage device 104 .
  • the electronic device 102 may also update biometric data that may change over time. For example, where a palm vein scan, face recognition or other changing feature is used to obtain biometric data, this or other biometric data may change gradually over time. Therefore, the electronic device 102 may periodically update a biometric template associated with the changing biometric data to more accurately represent a recent palm vein scan or image of a patient. In verifying a changed scan, another type of biometric data that changes less rapidly, such as a blood sample, fingerprint or other type of biometric data may be used to verify the identity of the patient seeking to update their biometric data. In some configurations, the smart card may be used to verify the identity of a patient when updating a biometric template associated with the patient.
  • FIG. 2 is a flow diagram illustrating one configuration of a method 200 for encrypting and storing biometric information on a storage device 104 .
  • the method may be performed by an electronic device 102 (e.g., computing device, server, smart phone, etc.).
  • an electronic device 102 e.g., computing device, server, smart phone, etc.
  • Biometric data may be obtained 202 .
  • the biometric data may be obtained 202 using a variety of devices and techniques.
  • biometric data may be obtained 202 using a fingerprint scanner, a thumbprint scanner, a handprint or palm scanner, a vein scanner (e.g., a palm vein scanner), an eye scanner or other device capable of capturing data that may be used to identify a person.
  • the biometric data may include any information or data that may be used in identifying a patient.
  • Example of biometric data may include fingerprints, palm prints, vein scans or other types of data for identifying a patient. In some configurations, multiple types of biometric data may be obtained for each patient.
  • an electronic device 102 may include different types of biometric data that may be used in encrypting and storing biometric information on one or more storage devices 104 .
  • a biometric template based on the biometric data may be generated 204 .
  • Generating 204 the biometric template may include generating a reduced or condensed version of the biometric data.
  • the biometric template may include enough information for later determining that the biometric template matches a subsequent scan of biometric data from the same patient.
  • the biometric template may include any data necessary for matching a subsequent scan of the same fingerprint.
  • the biometric template may be used to determine with a high probability that the biometric template corresponds to the subsequently scanned fingerprint.
  • the biometric template may be compared to a fingerprint of someone other than the patient and determine with a high probability that the biometric template and the different finger do not match.
  • the biometric template may be encrypted 206 .
  • the encrypted biometric template may be encrypted 206 using a public key such that a private key is needed for decrypting the encrypted biometric template.
  • the decrypted biometric template may be necessary for determining that incoming biometric data corresponds to the non-encrypted biometric template.
  • a private key may be maintained or stored for decrypting the encrypted biometric template in order to compare the biometric template with subsequently obtained biometric data.
  • the encrypted biometric data may be linked to records on one or more storage devices 104 and one or more specific patients associated with the biometric data.
  • the encrypted biometric template may be sent 208 to a storage device 104 .
  • the encrypted biometric template may be accompanied by a public key when sent to the storage device 104 .
  • the private key for decryption may be withheld from the storage device 104 when sending the encrypted biometric template to the storage device 104 .
  • the electronic device 102 may send the encrypted biometric template to a storage device 104 over a network 106 (e.g., a wireless network).
  • the storage device 104 may be a remote storage device or include a central database for storing one or more biometric templates.
  • One or more storage devices 104 may also be used for storing medical records corresponding to the biometric templates.
  • FIG. 3 is a flow diagram illustrating a more detailed configuration of a method 300 for encrypting and storing biometric information on a storage device 104 .
  • the method 300 may be performed by one or more electronic devices.
  • one or more of the functions of the method 300 may be performed by a single electronic device 102 or separately by different electronic devices.
  • Biometric data may be obtained 302 . This may be accomplished as described above in connection with one or more of FIGS. 1 and 2 .
  • a biometric template may be generated 304 based on the biometric data. This may be accomplished as described above in connection with one or more of FIGS. 1 and 2 .
  • a public key may be generated 306 .
  • the public key may be used by an electronic device 102 for encrypting one or more biometric templates.
  • a copy of the public key may be maintained with the biometric template on the electronic device 102 and/or on another device (e.g., a storage device 104 ).
  • a private key may also be generated 308 .
  • the private key may be used by an electronic device 102 , computing device, storage device 104 or other device for decrypting the encrypted biometric template.
  • the private key may be maintained on a remote device from the biometric template for preventing easy access to the biometric template or medical records associated with the biometric data.
  • the private key may not be distributed or shared in the same way as the public key for preserving privacy of records or biometric data associated with the biometric template.
  • the biometric template may be encrypted 310 using the public key. While the public key may be used for encrypting the biometric template, the public key is not necessarily used for decrypting the biometric template. Thus, the public key may be distributed or shared without compromising privacy of records or biometric data associated with the biometric template.
  • the encrypted biometric template may be sent 312 to a storage device 104 .
  • the public key may also be sent 312 to the storage device 104 . Because the encrypted biometric template is sent with the public key rather than the private key, the encrypted biometric template may not be easily decrypted without authorization of a patient or other device in possession of the private key.
  • the encrypted biometric template may be stored on a central database, cloud computing space or storage device 104 accessible from one or more electronic devices over a network 106 without compromising the privacy of the records and other information associated with the biometric template.
  • the private key may be stored 314 on a smart card.
  • the public key may also be stored on the smart card. This may be performed on an electronic device 102 or other device capable of programming a smart card.
  • the private key may be stored on a smart card separate from the public key and encrypted biometric data stored on a storage device 104 .
  • the electronic device 102 may discard the private key such that the only copy of the private key is on the smart card.
  • the smart card may be provided to a patient such that the patient has sole control over decryption of the encrypted biometric template. Therefore, the encrypted biometric template may not be decrypted without the patient providing the private key from the smart card.
  • the encrypted biometric template may be decrypted 316 using the private key.
  • a patient or health care provider may attempt to access the medical records, either through direct access to a storage device 104 or requesting access from the storage device 104 (e.g., by sending a request to the storage device 104 for biometric information).
  • a patient or health care provider may provide the private key and public key corresponding to the encrypted biometric data by scanning or reading the smart card.
  • the public key may be used to determine which encrypted biometric template to decrypt.
  • the encrypted biometric data may then be decrypted 316 and/or medical records may be associated with the biometric data.
  • the private key and/or public key may be used to link the biometric template to a specific patient and/or decrypting records associated with the patient.
  • Medical records corresponding to the biometric data may be obtained 318 .
  • the identity associated with records may be determined, thus providing a health care provider, patient or other device access to medical records associated with the patient.
  • the medical records may be encrypted using the public key and decrypted using the private key.
  • the medical records may have been linked to the encrypted biometric templates without further information regarding the identity of the patient or biometric data linked to the medical records.
  • the link between the medical records and the decrypted biometric template may be used to provide records associated with the patient.
  • biometric information may be protected because any link between the records and identity of a patient may be hidden due to the encrypting of the biometric template.
  • the records may also be encrypted using the public key, thus further disabling access to the records without possession of the private key (e.g., the smart card).
  • FIG. 4 is a block diagram illustrating a more specific configuration of a system 400 for encrypting and storing biometric information on a storage device 404 using multiple public keys 428 and private keys 424 .
  • the system 400 may include an electronic device 402 and one or more storage devices 404 that communicate using a network 406 .
  • the system 400 may be one example of the system 100 described above in connection with FIG. 1 .
  • the system 400 may also include multiple smart cards 422 for storing one or more private keys 424 and public keys 428 for locating and decrypting biometric templates stored on a storage device 404 or other device.
  • the electronic device 402 may include a biometric module 408 , encryption module 410 , smart card module 412 and communication interface 414 .
  • the biometric module 408 may be similar to the biometric module 108 described above in connection with FIG. 1 .
  • the encryption module 410 may also be similar to the encryption module 110 described above in connection with FIG. 1 . Further, the encryption module 410 may be used for encrypting one or more biometric templates and generating public keys 428 , 440 , 442 , 444 and private keys 424 associated with each of the biometric templates. In one example, the encryption module 410 may generate public key A 428 a, public key B 428 b and public key C 428 c.
  • the encryption module may also generate corresponding public key A 440 , public key B 442 and public key C 444 c that are stored on a storage device 404 under various profiles associated with the encrypted biometric data.
  • public key A 428 a, public key B 428 b and public key C 428 c correspond to public key A 440 , public key B 442 and public key C 444 c on the storage device 404 , respectively.
  • the encryption module 410 may also generate private key A 424 a, private key B 424 b and private key C 424 c, where each is associated with respective public keys 428 a - c and biometric templates.
  • the smart card module 412 may be used for programming one or more smart cards 422 .
  • the smart card module 412 may program (e.g., write to) a user smart card 422 a with private key A 424 a and public key A 428 a, a spouse smart card 422 b with private key B 424 b and public key B 428 b and a dependent smart card 422 c with private key C 424 c and public key C 428 c.
  • Each private key 424 and public key 428 on the smart cards 422 may correspond to one or more public keys 440 , 442 , 444 on the storage device 404 .
  • the communication interface 414 may be used by the electronic device 402 for communicating with one or more devices (e.g., a storage device 404 ) over a network 406 .
  • the communication interface 414 may be similar to the communication interface 114 describe above in connection with FIG. 1 .
  • One or more storage devices 404 may include a biometric template database 416 , a records database 418 and a communication interface 420 .
  • the records database 418 may be similar to the records database 118 described above in connection with FIG. 1 .
  • the communication interface 420 may also be similar to the communication interface 120 described above in connection with FIG. 1 .
  • the biometric template database 416 may be one configuration of the biometric template database 116 described above in connection with FIG. 1 .
  • the biometric template database 416 may be used to store one or more profiles 426 associated with one or more users (e.g., patients).
  • the biometric template database 416 may store a user profile 426 a associated with a primary user of an account, a spouse profile 426 b associated with a spouse of the user and a dependent profile 426 c associated with a dependent of the user.
  • the biometric template database 416 may also store subsequent dependent profiles when new dependents are born or at a request of the user.
  • Other configurations may include additional profiles 426 .
  • the user and/or spouse may both be designated as primary users of the account.
  • the user profile 426 a may include one or more biometric templates generated based on biometric data obtained from the user.
  • the user profile may be encrypted with public key A 440 .
  • Public key A 440 on the storage device 404 may be a similar public key as public key A 428 a on the user smart card 422 a.
  • public key A 440 on the storage device 404 and public key A 428 a on the smart card are identical.
  • the spouse profile 426 b may include one or more biometric templates based on biometric data obtained from a spouse of the user.
  • the spouse profile 426 b may be encrypted with public key B 442 .
  • Public key B 442 on the storage device 404 may be a similar public key as public key B 428 b on the spouse smart card 422 b.
  • public key B 442 on the storage device 404 and public key B 428 b on the smart card are identical.
  • the dependent profile 426 c may include one or more biometric templates based on biometric data obtained from a dependent of the user.
  • the dependent profile 426 c may be encrypted with public key C 444 c.
  • the dependent profile 426 c may be encrypted with additional public keys 444 , including public key A 444 a associated with the user and public key B 444 b associated with the spouse of the user.
  • Public key A 444 a, public key B 444 b and public key C 444 c on the storage device 404 may be similar to public key A 428 a, public key B 428 b and public key C 428 c on the smart cards 422 , respectively.
  • public keys 440 , 442 , 444 on the storage device and corresponding public keys 428 a - c on smart cards may be identical.
  • Encrypting a biometric template associated with a specific profile with multiple public keys may allow a user, spouse or dependent to access a dependent profile 426 c with their respective smart cards 422 .
  • relationships between profiles need not be familial (e.g., employer-employee, insurer-insured), nor are the profiles 426 limited to a certain number of public keys 440 , 442 , 444 that may be used when encrypting profiles 426 and corresponding biometric templates.
  • a user and/or spouse may elect to permit decryption of a biometric template and/or medical records using a private key 424 on either a user smart card 422 a or the spouse smart card 422 b, such that each smart card may be used as a backup in case one or the other smart card 422 is lost.
  • multiple private keys 424 may be utilized to decrypt a biometric template and/or records associated with a particular user or patient.
  • the user smart card 422 a and the spouse smart card 422 b may be used to decrypt a biometric template and/or medical records associated with the respective profiles 426 of the user and spouse.
  • a first encrypted biometric template and/or a first set of records may be decrypted using only a first private key (e.g., private key 424 a ) on a first smart card (e.g., user smart card 422 a ).
  • a second encrypted biometric template and/or a second set of records may be decrypted using one of multiple keys (e.g., a first private key or a second private key, etc.).
  • the dependent's profile 426 c could be decrypted using any of private key A 424 a, private key B 424 b and private key C 424 c.
  • the electronic device 402 may program separate smart cards 422 a - c for each of the user, spouse and dependent. Further, the user smart card 422 a and the spouse smart card 422 b may be used to decrypt a biometric template and/or medical records associated with the respective profiles 426 of the user and spouse. The dependent smart card 422 c may also be used to decrypt a biometric template and/or medical records and access information associated with the dependent profile 426 c.
  • the user smart card 422 a and the spouse smart card 422 b may be used to decrypt a biometric template and access medical records associated with the dependent profile 426 c because the dependent profile 426 c is encrypted in such a way as to be decrypted using either private key A 424 a, private key B 424 b or private key C 424 c.
  • Having separate smart cards allows for an increased level of flexibility. For example, where a mother and daughter are enrolled in a health plan and the mother is a primary user on the account, the daughter can come to a health care provider with her mother and receive health related services. In the case that the daughter does not bring her smart card, the daughter may have her biometric information verified through obtaining the daughter's biometric data and scanning the mother's smart card. Further, if the daughter desired to come into a clinic alone, she can do so without her mother present by bringing her respective smart card. Further, in cases where the daughter prefers to maintain confidentiality of her medical information, specific records may be encrypted or tagged as confidential (as based on consent settings, for example) and accessed exclusively by the daughter's smart card. Thus, privacy of one or more patients, even within respective families, may be protected while enabling access by health care providers to necessary information.
  • Restricting access between primary users and dependents may be enforced in order to respect privacy concerns of individuals (e.g., dependents) or, alternatively, for complying with specific laws regarding the privacy of medical records. Further, even without further encryption or tagging records as confidential (based on consent settings, for example), privacy of records are adequately protected where a biometric match between biometric data and a biometric template is required. Thus, even when a dependent or other profile permits decryption of a biometric template using a plurality of private keys 424 , a storage device 404 may still require a match between biometric data and a biometric template before providing access to records on the storage device 404 . Thus, in the illustrated example of FIG.
  • the user and/or spouse may still be required to provide biometric data of a dependent before gaining access to medical records of the dependent.
  • a primary account holder's encrypted biometric template may be additionally stored along with a dependent's encrypted biometric template, for example.
  • the primary account holder may access a dependent's records using the primary account holder's biometric data and private key 424 .
  • FIG. 5 is a block diagram illustrating another configuration of a system 500 for encrypting and decrypting biometric information.
  • the system 500 may include an electronic device 502 in communication with one or more storage devices 504 and a biometric computing device 530 over a network 506 .
  • the system 500 may be one configuration of the system 100 described above in connection with FIG. 1 .
  • the configuration described in connection with FIG. 5 may be beneficial in a scenario where a user (e.g., patient) is enrolled for healthcare at the electronic device 502 at a first location and later seeks healthcare at a second location (e.g., a clinic, hospital, etc.) where the biometric computing device 530 is located.
  • the biometric computing device 530 may authenticate the user (e.g., patient) for service and/or may access records (e.g., medical records) corresponding to the user.
  • the electronic device 502 may include a biometric module 508 , encryption module 510 and a communication interface 514 .
  • the biometric module 508 , encryption module 510 and communication interface 514 may be similar to the biometric module 108 , encryption module 110 and communication interface 114 described above in connection with FIG. 1 .
  • One or more storage devices 504 may include a biometric template database 516 , a records database 518 and/or a communication interface 520 .
  • the biometric template database 516 , records database 518 and communication interface 520 may be similar to the biometric template database 116 , records database 118 and communication interface 120 described above in connection with FIG. 1 .
  • the biometric computing device 530 may be a separate device from the electronic device 502 and the storage device(s) 504 .
  • the electronic device 502 may be operated by an organization for enrolling users with one or more smart cards associated with biometric data.
  • One or more storage devices 504 may be operated by a health care provider, insurance company and/or other organization in possession of records.
  • the biometric computing device 530 may be operated by a clinic or other health care provider capable of providing health care and processing biometric data.
  • the biometric computing device 530 may be at the same location as or at a remote location from a storage device 504 where any records are maintained.
  • the biometric computing device 530 may include a biometric capturing device 532 .
  • the biometric capturing device 532 may obtain biometric data from a patient.
  • the biometric data may be obtained through a variety of techniques, including a palm vein scan, palm print, fingerprint, retinal scan, face recognition scan, blood sample or other method for capturing data about a patient.
  • the obtained biometric data may be used to identify whether a smart card and/or patient matches a biometric template stored on a storage device 504 .
  • the biometric computing device 530 may also include a smart card module 534 .
  • the smart card module 534 may perform similar functions as the smart card module 112 described above in connection with FIG. 1 .
  • the biometric computing device 530 may obtain a private key from one or more smart cards using the smart card module 534 .
  • the smart card module 534 may obtain a private key by scanning a smart card provided by a patient requesting health care. The private key from the smart card may be used for verifying that the biometric data matches a biometric template stored on a storage device 504 .
  • the biometric computing device 530 may also include a decryption module 536 .
  • the decryption module 536 may be used for decrypting one or more biometric templates from a storage device 504 . In decrypting one or more encrypted biometric templates, the decryption module 536 may use the private key provided by the smart card. If the private key corresponds to the encrypted biometric template as well as the subsequently obtained biometric data, then the biometric computing device 530 may determine that the encrypted biometric template and the biometric data subsequently obtained using the biometric capturing device 532 are a match.
  • the biometric computing device 530 may be used as a way of verifying and/or notifying one or more electronic devices 502 or a storage device 504 about whether biometric data and/or private keys correspond to one or more encrypted biometric templates stored on a storage device 504 .
  • the biometric computing device 530 may obtain one or more types of biometric data from a patient.
  • the biometric computing device 530 may obtain a private key from a smart card provided by a patient.
  • the biometric computing device 530 may further obtain an encrypted biometric template from a storage device 504 that matches the private key and/or the biometric data. Using the private key, the biometric computing device 530 may decrypt the biometric template.
  • the biometric computing device 530 may determine whether the biometric data matches the decrypted biometric template. Each of these functions may be performed by the biometric computing device 530 . Alternatively, one of more of these functions may be performed by another device (e.g., the electronic device 502 , the storage devices 504 ) in communication with the biometric computing device 530 . For example, the biometric computing device 530 may provide the private key and biometric data to another device, which may decrypt the biometric template and determine whether the biometric data matches the decrypted biometric template.
  • the biometric computing device 530 may send an indication of the matching information to a storage device 504 . This may indicate to the storage device 504 to release medical records of the patient to a requesting device. Alternatively, the biometric computing device 530 may obtain the records from a storage device 504 over the network 506 .
  • the biometric computing device 530 may be a remote device for authenticating a match between biometric data, a private key and the biometric templates and/or may be controlled by a requesting clinic seeking to gain access to patient records for providing health care.
  • FIG. 6 is a flow diagram illustrating one configuration of a method 600 for decrypting biometric information.
  • the method 600 may be performed by a storage device 104 or other computing device (e.g., biometric computing device 530 , server, smart phone, etc.).
  • An encrypted biometric template may be received 602 .
  • the encrypted biometric template may be based on biometric data obtained by an electronic device 102 .
  • the encrypted biometric template may be encrypted using a public key.
  • the public key initially used to encrypt the biometric template may also be received and stored.
  • a storage device 504 or other device obtaining the encrypted biometric template may be unable to decrypt the biometric template without obtaining a private key for decrypting the encrypted biometric template.
  • a public key may also be received 604 .
  • This public key (e.g., a public key subsequently received from the public key that was initially used to encrypt the biometric template) may be received 604 from the electronic device 102 or another computing device (e.g., biometric computing device 530 ).
  • the public key may also be received via a smart card, where the public key is obtained from the smart card using a scanner or other device coupled to the electronic device 102 or biometric computing device 530 .
  • a patient may provide a public key by scanning a smart card using a biometric computing device 530 at a clinic.
  • the biometric computing device 530 may be used to send the public key obtained from the smart card to a storage device 104 .
  • the storage device 104 may receive the public key obtained from the smart card.
  • the public key from the smart card may be a similar public key to a public key initially received by the storage device 104 when the encrypted biometric template was first received.
  • more than one public key may be received for each encrypted biometric template.
  • the biometric template may have been encrypted by an electronic device 102 using more than one of the public keys.
  • a private key for decrypting the encrypted biometric template may be received 606 .
  • Receiving 606 the private key may be in response to determining that the received public key matches the encrypted biometric data. Additionally or alternatively, receiving 606 the private key may also be in response to a comparison between the received public key and a public key initially received with the encrypted biometric template.
  • a storage device 104 may receive a private key for decrypting the encrypted biometric template without knowing whether the public key corresponds to the biometric template.
  • the storage device 104 may also determine 608 whether the encrypted biometric template corresponds to the public key. Determining 608 whether there is a match between the encrypted biometric template and the public key may be based on whether the public key matches an encryption key or similar public key used for encrypting the biometric template. Determining 608 whether there is a match may also include comparing the public key on a smart card with a public key initially received with the biometric template.
  • determining 608 whether there is a match between the encrypted biometric template and the public key may include sending the encrypted biometric template, public key and the private key to a remote device (e.g., electronic device 102 , biometric computing device 530 ) for decrypting the encrypted biometric template and determining whether the resulting biometric template may be decrypted and/or matches biometric data obtained from a patient.
  • a remote device e.g., electronic device 102 , biometric computing device 530
  • receiving 606 the private key may be optional in some configurations.
  • the storage device 104 may simply send the encrypted biometric template to another device.
  • the other device e.g., an electronic device 102 or a biometric computing device 530
  • FIG. 7 is a flow diagram illustrating another configuration of a method 700 for decrypting biometric information.
  • the method 700 may be performed by a biometric computing device 530 or other electronic or computing device (e.g., storage device 104 , server, smart phone, etc.).
  • a biometric computing device 530 or other electronic or computing device (e.g., storage device 104 , server, smart phone, etc.).
  • Biometric data may be obtained 702 .
  • the biometric data may be obtained for comparing to one or more biometric templates previously stored on a storage device 104 .
  • Obtaining the biometric data may be performed by a biometric computing device 530 or other device coupled to the biometric computing device 530 .
  • the biometric data may be obtained 702 using a variety of devices and techniques.
  • biometric data may be obtained 702 using a fingerprint scanner, a thumbprint scanner, a handprint or palm scanner, a vein scanner (e.g., a palm vein scanner), an eye scanner or other device capable of capturing data that may be used to identify a person.
  • the biometric data may include any information or data that may be compared to a biometric template stored on a storage device 104 . In some configurations, multiple types of biometric data may be obtained.
  • a public key may also be obtained 704 .
  • the public key may be obtained 704 from a smart card.
  • the public key may be stored on the smart card previously issued to a patient.
  • the public key may be obtained from the smart card using a scanner or other device. In some configurations, more than one public key may be obtained from a smart card.
  • the public key on the smart card may be a similar key to the public key used for encrypting a biometric template by an electronic device 102 .
  • a private key for decrypting an encrypted biometric template may be obtained 706 .
  • the private key may be obtained 706 from a smart card.
  • the private key may be used by the biometric computing device 530 , storage device 104 , electronic device 102 or other computing device for decrypting an encrypted biometric template. For example, if the public key from the smart card corresponds to a public key used for encrypting the biometric template or other data, the private key from the smart card may be used for decrypting the biometric template or other data encrypted using the corresponding public key.
  • the biometric computing device 530 may be used to determine 708 whether the encrypted biometric template corresponds to the public key.
  • the biometric computing device 530 may also be used to determine whether a public key from the smart card matches a public key provided earlier to the storage device 104 . Determining 708 whether the encrypted biometric template corresponds to the public key may be based on a comparison between a public key obtained from the smart card and received information (e.g., public keys, encrypted biometric templates) from the storage device 104 . Alternatively, determining whether a public key from a smart card corresponds to an encrypted biometric template may be performed by a storage device 104 .
  • the biometric computing device 530 may decrypt 712 the encrypted biometric template using the private key. Once the decrypted biometric template is obtained, the biometric computing device 530 (or the storage device 104 ) may determine 714 whether the biometric data corresponds to the decrypted biometric template. Thus, the biometric computing device 530 may be used to determine whether a public key from a smart card corresponds to an encrypted biometric template. The biometric computing device 530 may also be used to decrypt an encrypted biometric template using a private key from the smart card. The biometric computing device 530 may also be used for determining whether the decrypted biometric template matches the biometric data before obtaining permission to access or receive records or other privacy sensitive data (e.g., medical records) stored on one or more storage devices 104 .
  • privacy sensitive data e.g., medical records
  • the biometric computing device 530 or storage device 104 may provide 710 an indication that the biometric template does not correspond to the public key. This indication may be sent to one or more storage devices 104 or may be provided to a patient seeking access to records on the storage devices 104 .
  • the biometric computing device 530 or storage device 104 may simply decrypt the biometric template using whichever private key is provided, and determine whether the biometric template matches the public key and/or biometric data by comparing the biometric template (correctly or incorrectly decrypted) to the biometric data obtained by the biometric computing device 530 .
  • the biometric computing device 530 may obtain access to records or other information stored on the storage device 104 if it is determined that the public key matches the encrypted biometric template and the biometric data matches the decrypted biometric template.
  • Obtaining access to records on one or more storage devices 104 may include receiving records or being granted permission to access the records on a records database 518 .
  • FIG. 8 is a block diagram illustrating various components that may be utilized in an electronic device 102 .
  • One or more storage devices 104 and/or a biometric computing device 530 may also use similar components.
  • FIG. 8 is a block diagram illustrating various components that may be utilized in an electronic device 102 .
  • One or more storage devices 104 and/or a biometric computing device 530 may also use similar components.
  • FIG. 8 is a block diagram illustrating various components that may be utilized in an electronic device 102 .
  • One or more storage devices 104 and/or a biometric computing device 530 may also use similar components.
  • FIG. 82 is a block diagram illustrating various components that may be utilized in an electronic device 102 .
  • One or more storage devices 104 and/or a biometric computing device 530 may also use similar components.
  • FIG. 82 is a block diagram illustrating various components that may be utilized in an electronic device 102 .
  • One or more storage devices 104 and/or a biometric computing device 530
  • the electronic device 802 is shown with a processor 801 and memory 803 .
  • the processor 801 may control the operation of the electronic device 802 and may be embodied as a microprocessor, a microcontroller, a digital signal processor (DSP) or other device known in the art.
  • DSP digital signal processor
  • the processor 801 typically performs logical and arithmetic operations based on program instructions 804 a stored within the memory 803 .
  • the instructions 804 a in the memory 803 may be executable to implement the methods described herein.
  • the electronic device 802 may also include one or more communication interfaces 807 and/or network interfaces 813 for communicating with other electronic devices.
  • the communication interface(s) 807 and the network interface(s) 813 may be based on wired communication technology and/or wireless communication technology.
  • the electronic device 802 may also include one or more input devices 809 and one or more output devices 811 .
  • the input devices 809 and output devices 811 may facilitate user input/user output.
  • Other components 815 may also be provided as part of the electronic device 802 .
  • Data 806 a and instructions 804 a may be stored in the memory 803 .
  • the processor 801 may load and execute instructions 804 b from the instructions 804 a in memory 803 to implement various functions. Executing the instructions 804 a may involve the use of the data 806 b that is loaded from the memory 803 .
  • the instructions 804 a are executable to implement one or more of the processes or configurations shown herein, and the data 806 a may include one or more of the various pieces of data described herein.
  • the memory 803 may be any electronic component capable of storing electronic information.
  • the memory 803 may be embodied as random access memory (RAM), read-only memory (ROM), magnetic disk storage media, optical storage media, flash memory devices in RAM, on-board memory included with the processor, EPROM memory, EEPROM memory, an ASIC (Application Specific Integrated Circuit), registers, and so forth, including combinations thereof.
  • determining encompasses a wide variety of actions and, therefore, “determining” can include calculating, computing, processing, deriving, investigating, looking up (e.g., looking up in a table, a database or another data structure), ascertaining and the like. In addition, “determining” can include receiving (e.g., receiving information), accessing (e.g., accessing data in a memory) and the like. Further, “determining” can include resolving, selecting, choosing, establishing and the like.
  • processor should be interpreted broadly to encompass a general-purpose processor, a central processing unit (CPU), a microprocessor, a digital signal processor (DSP), a controller, a microcontroller, a state machine, and so forth. Under some circumstances, a “processor” may refer to an application specific integrated circuit (ASIC), a programmable logic device (PLD), a field programmable gate array (FPGA), etc.
  • ASIC application specific integrated circuit
  • PLD programmable logic device
  • FPGA field programmable gate array
  • processor may refer to a combination of processing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • memory should be interpreted broadly to encompass any electronic component capable of storing electronic information.
  • the term memory may refer to various types of processor-readable media such as random access memory (RAM), read-only memory (ROM), non-volatile random access memory (NVRAM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically erasable PROM (EEPROM), flash memory, magnetic or optical data storage, registers, etc.
  • RAM random access memory
  • ROM read-only memory
  • NVRAM non-volatile random access memory
  • PROM programmable read-only memory
  • EPROM erasable programmable read-only memory
  • EEPROM electrically erasable PROM
  • flash memory magnetic or optical data storage, registers, etc.
  • instructions and “code” should be interpreted broadly to include any type of computer-readable statement(s).
  • the terms “instructions” and “code” may refer to one or more programs, routines, sub-routines, functions, procedures, etc.
  • “Instructions” and “code” may comprise a single computer-readable statement or many computer-readable statements.
  • a computer-readable medium refers to any available medium that can be accessed by a computer.
  • a computer-readable medium may comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
  • Disk and disc includes compact disc (CD), laser disc, optical disc, digital versatile disc (DVD), floppy disk and Blu-ray® disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers.
  • Software or instructions may also be transmitted over a transmission medium.
  • a transmission medium For example, if the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL) or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL or wireless technologies such as infrared, radio, and microwave are included in the definition of transmission medium.
  • DSL digital subscriber line
  • the methods disclosed herein comprise one or more steps or actions for achieving the described method.
  • the method steps and/or actions may be interchanged with one another without departing from the scope of the claims.
  • the order and/or use of specific steps and/or actions may be modified without departing from the scope of the claims.
  • modules and/or other appropriate means for performing the methods and techniques described herein can be downloaded and/or otherwise obtained by a device.
  • a device may be coupled to a server to facilitate the transfer of means for performing the methods described herein.
  • various methods described herein can be provided via a storage means (e.g., random access memory (RAM), read-only memory (ROM), a physical storage medium such as a compact disc (CD) or floppy disk, etc.), such that a device may obtain the various methods upon coupling or providing the storage means to the device.
  • RAM random access memory
  • ROM read-only memory
  • CD compact disc
  • floppy disk floppy disk

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Biomedical Technology (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Collating Specific Patterns (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
  • Storage Device Security (AREA)

Abstract

A method for encrypting biometric information by an electronic device is described. The method includes obtaining biometric data. The method also includes generating a biometric template based on the biometric data. The method also includes encrypting the biometric template. The method also includes sending the encrypted biometric template to a storage device.

Description

    RELATED APPLICATIONS
  • This application is related to and claims priority from U.S. Provisional Patent Application Ser. No. 61/650,640, filed May 23, 2012, for “STORING AN ENCRYPTED BIOMETRIC TEMPLATE ON A CENTRAL DATABASE,” which is incorporated herein by reference. This application is also related to and claims priority from U.S. Provisional Application Ser. No. 61/650,252, filed May 22, 2012, for “VERIFYING UNIQUENESS IN ANONYMOUS AUTHENTICATION,” which is incorporated herein by reference.
  • TECHNICAL FIELD
  • The present disclosure relates generally to communication systems. More specifically, the present disclosure relates to encrypting and storing biometric information on a storage device.
  • BACKGROUND
  • Communication systems are widely deployed to provide various types of communication between devices. These systems increase productivity, communication and the availability of information.
  • As communication systems expand, many people are able to gain access to valuable information. However, the structures of communication systems, such as the Internet and other networks, also create potential problems.
  • In many cases, people often decide between accuracy of information and privacy. For example, a person may be able to access sensitive data, but may have to sacrifice anonymity to do so. On the other hand, a person may be able to stay anonymous, but may not be able to access sensitive information as a result. Therefore, systems and methods that enable access to data while maintaining privacy may be beneficial.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a block diagram illustrating one configuration of a system for encrypting and storing biometric information on a storage device;
  • FIG. 2 is a flow diagram illustrating one configuration of a method for encrypting and storing biometric information on a storage device;
  • FIG. 3 is a flow diagram illustrating a more detailed configuration of a method for encrypting and storing biometric information on a storage device;
  • FIG. 4 is a block diagram illustrating a more specific configuration of a system for encrypting and storing biometric information on a storage device using multiple public keys and private keys;
  • FIG. 5 is a block diagram illustrating another configuration of a system for encrypting and decrypting biometric information;
  • FIG. 6 is a flow diagram illustrating one configuration of a method for decrypting biometric information;
  • FIG. 7 is a flow diagram illustrating another configuration of a method for decrypting biometric information; and
  • FIG. 8 is a block diagram illustrating various components that may be utilized in an electronic device.
  • DETAILED DESCRIPTION
  • A method for encrypting biometric information by an electronic device is described. The method includes obtaining biometric data. The method also includes generating a biometric template based on the biometric data. The method also includes encrypting the biometric template. The method also includes sending the encrypted biometric template to a storage device.
  • The method may include generating a public key for encrypting the biometric template. The method may also include sending the public key to the storage device. The method may also include generating a private key for decrypting the encrypted biometric template. The method may also include storing the private key on a smart card. The private key may be for decrypting the biometric template. The smart card may be associated with a heath care provider. The method may also include obtaining medical records corresponding to the encrypted biometric template. The biometric template may be stored in a computing cloud.
  • The method may include storing a first private key on a first smart card corresponding to a first encrypted biometric template. The method may also include storing a second private key on a second smart card corresponding to a second encrypted biometric template. The first encrypted biometric template may be configured to be decrypted using only the first private key on the first smart card. The second encrypted biometric template may be configured to be decrypted using one of the first private key on the first smart card and the second private key on the second smart card.
  • The method may include scanning a smart card including a private key corresponding to the biometric template. The method may also include sending the private key to the storage device for decrypting the encrypted biometric template in response to scanning the smart card.
  • An electronic device for storing an encrypted biometric template on a storage device is also described. The electronic device includes a processor and memory in electronic communication with the processor. The electronic device also includes instructions stored in memory. The instructions are executable to obtain a biometric identification. The instructions are also executable to generate a biometric template from the biometric identification. The instructions are also executable to encrypt the biometric template. The instructions are also executable to send the encrypted biometric template to be stored in a storage device.
  • A method for storing biometric information by a storage device is also described. The method includes receiving an encrypted biometric template. The method also includes receiving a public key. The method also includes receiving a private key for decrypting the encrypted biometric template. The method also includes determining whether the encrypted biometric template corresponds to the public key.
  • The systems and methods described herein include an electronic device for encrypting biometric information and storing the information on a storage device. In obtaining and storing biometric information, there are many concerns regarding the accuracy of the information and the privacy of individuals associated with the biometric information. For example, health care providers (e.g., hospitals, clinics, insurance companies, etc.) and other organizations depend on accurate information about patients, including histories and identities of patients in providing the best health care possible. However, there is also an interest in preserving the privacy of patients that may limit the availability of accurate patient information. A benefit of encrypting biometric information and storing it on a storage device (e.g., a central database) is protecting the privacy of those associated with the biometric data while still permitting health care providers to obtain accurate information about patients. Further, although some of the systems and methods are described in relation to health care patients and associated medical records, the systems and methods may be applied to various individuals and various types of information associated with those individuals. Therefore, as used herein, a patient may include a patient requesting health treatment or any person associated with biometric information and records on a storage device. Further, records on a storage device may refer to any kind of information (e.g., privacy sensitive information) whose access may be restricted by a patient with an interest in access to or the distribution of that information.
  • By encrypting biometric information and storing it on a storage device, privacy of individuals may be protected while still permitting health care providers to obtain necessary information for treating patients. Further, an electronic device may distribute various keys for encrypting and decrypting the biometric information in such a way as to further protect the privacy of patient information while preventing patients or other individuals from manipulating a system in which health care providers are not given complete access to medical histories, records and other information (e.g., privacy sensitive information).
  • Various configurations are now described with reference to the figures, where like reference numbers may indicate functionally similar elements. The systems and methods as generally described and illustrated in the figures herein could be arranged and designed in a wide variety of different configurations. Thus, the following more detailed description of several configurations, as represented in the figures, is not intended to limit scope, as claimed, but is merely representative of the systems and methods. As used herein, the term “plurality” may indicate two or more. For example, a plurality of components refers to two or more components.
  • FIG. 1 is a block diagram illustrating one configuration of a system 100 for encrypting and storing biometric information on a storage device 104. The system 100 may include an electronic device 102 and a one or more storage devices 104 that communicate using a network 106. Examples of an electronic device 102 may include servers, personal computers (PCs), laptop computers, tablet devices, smartphones or other kinds of electronic or computing devices. The electronic device 102 may be controlled by a user and/or a health care provider. Examples of the one or more storage devices 104 may include one or more servers, personal computers (PCs), laptop computers, tablet devices, smartphones or other kinds of electronic or computing devices. One or more of the storage devices 104 may be implemented as a medical record patient security system (MRPS). The electronic device 102 and storage devices 104 may include one or more software utilities for performing the functions of the systems and methods described herein. Further, biometric information may include biometric data, biometric templates created from the biometric data, encryption and decryption keys or other information used in connection with biometric information being encrypted and stored on a storage device 104.
  • The electronic device 102 may include a biometric module 108. The biometric module 108 may be a hardware and/or software module used to obtain biometric data and perform one or more operations on the biometric data. For example, the biometric module 108 may include hardware and/or software for scanning or capturing biometric data from a patient. Biometric data may be obtained through a variety of techniques, including a palm vein scan, palm print, fingerprint, retinal scan, face recognition scan, blood sample or other method for capturing data that may be used to identify a patient. In some configurations, the biometric module 108 may obtain multiple types of biometric data from a single patient. The biometric module 108 may be implemented as part of the electronic device 102 and/or on a remote device in communication with the electronic device 102. In one example, the biometric module 108 may receive biometric data from a device (e.g., palm vein scanner) that is coupled to the electronic device 102.
  • The biometric module 108 may also include hardware and/or software for generating a biometric template based on the biometric data. The biometric template may include any details of the biometric data for determining a match between the biometric template and the biometric data. The biometric template may be a digital representation of the biometric data itself. In some configurations, the biometric template may be generated as a reduced or compressed version of the biometric data. For example, the biometric template may be a parameterized representation of the biometric data (e.g., characteristics of the biometric data such as sizes, distances, features and/or numbers of features, etc.). For instance, in the case of biometric data being obtained through a fingerprint, the biometric template may include any data that can be utilized for matching a subsequent fingerprint with the biometric template. Thus, the biometric template may include any data for determining a match between the biometric data of a patient and the biometric template created by the biometric module 108. In some configurations, the biometric template may be a reduced version of the biometric data, including a portion of the biometric data that may be used in determining a match between the biometric template and subsequently obtained biometric data. In some configurations, the biometric template may include additional information about a patient, such as insurance information or other personal identification information, in addition to the biometric data. A biometric template may be generated for a patient the first time a patient provides biometric data or upon a specific request for enrolling with a health care provider. The biometric template may then be used later when comparing the biometric template to subsequently obtained biometric data and verifying the identity of a patient.
  • The electronic device 102 may also include an encryption module 110. The encryption module 110 may be a hardware and/or software module used to encrypt one or more biometric templates. Similar to the biometric module 108, the encryption module 110 may be included within the electronic device 102 or alternatively implemented as part of a separate device (e.g., a certificate issuing authority). The encryption module 110 may encrypt the biometric template using a variety of methods. In one example, the encryption module 110 may generate a public key for encrypting the biometric template. Further, the encryption module 110 may generate a private key for decrypting the biometric template. The encryption module 110 may encrypt the biometric template such that the encrypted biometric template may only be encrypted with access to the private key. Thus, the encryption module 110 may obtain the biometric template from the biometric module 108 and encrypt the biometric template using a public key as well as generating a private key for later decrypting the encrypted biometric template.
  • The electronic device 102 may also include a smart card module 112. The smart card module 112 may be a hardware and/or software module for programming a smart card. Similar to the biometric module 108 and the encryption module 110, the smart card module 112 may be included within the electronic device 102 or alternatively implemented as part of a separate device. The smart card module 112 may obtain one or more private keys generated using the encryption module 110 and program a smart card using one or more of the private keys. For example, the smart card module 112 may store a private key on a smart card that corresponds to specific biometric data and/or a public encryption key. The smart card module 112 may also be used to store one or more public keys on the smart card. The smart card module 112 may later be used to obtain the private key stored on the smart card for later decrypting an encrypted biometric template. The smart card may be issued when a patient first provides biometric data, and when the biometric template is first encrypted. The smart card may then be used when a patient subsequently provides biometric data and the private key on the smart card is used to verify a match between subsequently obtained biometric data and the encrypted biometric template. In some configurations, the smart card module 112 may not store any biometric information on the smart card.
  • The electronic device 102 may also include a communication interface 114. The communication interface 114 may be a hardware and/or software module used to communicate with one or more electronic and computing devices. The communications interface 114 may be used to send and receive communications to a storage device 104, smart card or other device. The communications interface 114 may be used to communicate with a variety of electronic and/or computing devices over a network 106.
  • The electronic device 102 may communicate with a storage device 104 over a network 106. The network 106 may be a computer network such as a Local Area Network (LAN), Wide Area Network (WAN), Public Switched Telephone Network (PSTN), cellular phone network, Internet, Intranet or other medium that may be used for transferring data between an electronic device 102 and one or more storage devices 104. In some configurations, the network 106 may be used to facilitate communication between multiple electronic and computing devices as well as additional storage devices.
  • The storage devices 104 may be used to store biometric information and/or other data. Each storage device 104 may include hardware and/or software for storing biometric information received from the electronic device 102 or other computing devices. One or more storage devices 104 may include a central database accessible to multiple electronic devices. The storage devices 104 may also be remote storage devices and/or include a virtual database (e.g., cloud computing) for storing biometric templates, public keys and/or other data received from the electronic device 102. Further, the storage devices 104 may be implemented on multiple devices and/or include multiple databases for storing data.
  • A storage device 104 may include a biometric template database 116. The biometric template database 116 may store encrypted biometric templates received from the electronic device 102. In some configurations, the biometric template database 116 may also store one or more public keys corresponding to the biometric templates. Thus, each biometric template may be stored centrally on a storage device 104 on a record-by-record basis with an accompanying public key used to encrypt the biometric template. In some configurations, the biometric template database 116 may store the encrypted biometric template and associated public key without also storing the private key associated with the biometric template. Thus, the biometric template database 116 may include one or more encrypted biometric templates and public keys without the necessary tools for decrypting the encrypted biometric templates received from the electronic device 102.
  • A storage device 104 may also include a records database 118. The records database 118 may store medical records of patients. In one configuration, the records may be encrypted using a separate encryption key or alternatively using the public key provided by the electronic device 102. The records may also be linked to a corresponding biometric template or other biometric information. The storage device 104 may determine whether a link exists between the biometric templates and records stored on one or more of the storage devices 104. In some configurations, one or more links between the encrypted biometric template and records may be included within the encrypted biometric template or among the biometric information provided by the electronic device 102. Records and other information stored on the records database 118 may include any kind of information (e.g., privacy sensitive information) that may be limited from access to the public and other organizations. For example, in addition to medical information, financial information or other privacy sensitive information about an individual may be stored using the systems and methods described herein. This information stored on the records database 118 may be stored such that businesses, insurance companies or other organizations may be restricted in accessing privacy sensitive information without the express permission of an individual associated with the information.
  • It should be noted that in some configurations, the biometric template database 116 and the records database 118 may be located on separate storage devices 104. For example, the records database 118 may be stored on a storage device 104 associated with a healthcare provider, while the biometric template database 116 may be stored on a separate storage device 104 associated with a third party.
  • A storage device 104 may also include a communication interface 120. The communication interface 120 may be a hardware and/or software module used to communicate with one or more electronic and computing devices. The communication interface 120 may be used to send and receive communications to one or more electronic devices over the network 106. The storage device 104 may use the communication interface 120 to send/receive encrypted biometric templates, medical records and other data over the network 106.
  • The electronic device 102 may be used to encrypt biometric information, which may be sent over the network 106 to be stored on a storage device 104. The electronic device 102 may obtain biometric data using a variety of techniques. For example, obtaining the biometric data may include scanning a fingerprint, scanning a thumbprint, scanning a handprint or palm, performing a vein scan of the palm, performing an eye, iris or retina scan, taking a blood sample or other technique of obtaining data that may be used for identifying a patient providing the biometric data. In some configurations, the electronic device 102 may obtain multiple types of biometric data from each patient in the case that one type of biometric data is insufficient or in cases where a specific device for obtaining a certain type of biometric data is unavailable. Further, obtaining multiple types of biometric data may provide enhanced reliability of biometric information.
  • The electronic device 102 may generate a biometric template based on the biometric data. In some cases, the electronic device 102 may generate a biometric template for each type of biometric data obtained by the electronic device 102. Generating the biometric template may include creating a reduced or compressed version of the biometric data. The biometric template may include some or all of the information from the biometric data in a reduced or compressed form. The biometric template may include data that may be used by the electronic device 102 or other computing device to determine that the biometric template is based on the biometric data or is linked to a specific patient. For example, where the biometric data is a fingerprint, the biometric template may include a reduced portion or encrypted data that corresponds to the fingerprint obtained by the electronic device 102. The biometric template may include enough data for determining with a high probability that the biometric template matches the fingerprint obtained by the electronic device 102. Thus, when the same patient later comes and provides a subsequent fingerprint, the electronic device would be able to identify the subsequent fingerprint as a likely or probable match to the biometric template generated based on the previously obtained biometric data. Alternatively, if a different person claiming to be the patient attempts to access the biometric template and corresponding medical data, the electronic device 102 would be able to prevent access to any confidential information about the patient.
  • The electronic device 102 may also encrypt the biometric template. In one configuration, the electronic device 102 may generate a public key and a private key for encrypting and decrypting the biometric template. The biometric template may be encrypted using the public key. The electronic device 102 may encrypt the biometric template or may alternatively provide the biometric template and the public key to another electronic device or computing device (e.g., a storage device 104) to be encrypted using the public key. The electronic device 102 may send the encrypted biometric template and the public key to a storage device 104. Because the private key is needed for decrypting the encrypted biometric template, the electronic device 102 may send the encrypted biometric template to the storage device 104 with the public key, but without the private key. Thus, the storage device 104 may store the encrypted biometric template and other information received from the electronic device 102.
  • The electronic device 102 may maintain the private key or store the private key on another device. In one configuration, the electronic device 102 may program a smart card having an integrated circuit or other medium for storing data (e.g., thumb drive, optical disc, etc.). The electronic device 102 may store the private key and the public key on the smart card. The smart card may be affiliated with and/or issued by a health care provider, such as a hospital, clinic, insurance company or other organization that may benefit from obtaining secure information about a patient. The smart card may be given exclusively to the patient, thus making it difficult or impossible to decrypt the encrypted biometric template without the use of the private key on the smart card. In some configurations, the electronic device 102 may then discard the private key such that the only existing private key is on the smart card. In another configuration, the electronic device 102 may maintain a copy of the private key or send the private key to a remote device for verification purposes in case the smart card is lost.
  • A storage device 104 may receive the biometric template and public key and store the biometric template and public key in a biometric template database 116. The biometric template may be encrypted on a record-by-record basis, and may correspond to medical records on the same or separate storage devices 104. It is noted that the biometric template database 116 may be implemented on a device (e.g., the storage device 104) or a computing cloud. In an example where the biometric template database 116 is stored in a computing cloud, each smart card may correspond to a public key stored in the cloud. Each patient and dependent may be linked together such that when a new biometric template is created, the new biometric template may be encrypted with all public keys associated with a patient.
  • In some configurations, no explicit association or link between the biometric template and the medical records may be stored (in the biometric template database 116, for example). In other configurations, a storage device 104 may receive the encrypted biometric template and link the encrypted biometric template with medical records corresponding to the biometric template stored on one or more storage devices 104. Thus, the encrypted biometric template based on the biometric data of a patient may be linked to medical records on one or more storage devices 104. In some configurations, the medical records may be anonymized and/or encrypted. For example, the storage device 104 may not contain personal identification information (e.g., Social Security Number (SSN), driver's license number, address, date of birth, etc.) that would directly identify one or more patients corresponding to the medical data until the encrypted biometric template is decrypted using the private key (e.g., from the smart card). Additionally or alternatively, the medical records may be encrypted using the same or a different public key as the biometric template. Thus, the biometric template and the medical data may be unreadable without using the private key to decrypt both the biometric template and the medical data. One or more storage devices 104 may also store the biometric template and the medical records on the same or different storage devices 104.
  • Encrypting the biometric template using a public key and then distributing the public key and the private key to different devices may ensure the privacy of the patient associated with the biometric data. For example, because the biometric template and the public key may be sent to a storage device 104 while the private key may be maintained on a smart card (and/or the electronic device 102), other devices with access to the storage device 104 would be unable to link the medical data to the patient or would be unable to access the medical data associated with a specific patient. By separating the public and private keys, the privacy of the patient is enhanced as it becomes more difficult for other devices to access a patient's medical records and/or identify a patient corresponding to the medical records. Further, in cases where medical records are encrypted using the public key, any additional information added to a patient profile or records after treatment may be re-encrypted using the same or a different public key, and stored again in the storage device 104 until the private key is later provided.
  • Further, by storing the public key and encrypted biometric template on a storage device 104 and separately storing the private key on a smart card, neither the electronic device 102, storage device 104 nor any other electronic or computing device would be able to access the medical records of a patient without first obtaining access to the private key on the smart card. Thus, because the smart card may be provided exclusively to the patient, and is generally not provided to multiple parties, the owner of the smart card may be granted exclusive control over who may utilize a patient's health care (e.g., insurance, health plan, etc.) or access a patient's medical records.
  • Furthermore, because the electronic device 102 may require both biometric data as well as the private key, it may be possible to further secure medical data from anyone who may be in wrongful possession of the smart card or from someone trying to manipulate the health care system. For example, if someone in wrongful possession of the smart card attempts to obtain medical records of a patient, their subsequently provided biometric data would not match the biometric template, even if the biometric template is decrypted using the private key on the smart card. Thus, a health care provider, even upon receiving a private key, could prevent unauthorized access from someone in wrongful possession of a smart card.
  • In some configurations, if a patient attempts to withhold medical data from their health providers, obtaining the biometric data coupled with the private key on the smart card may grant access to the medical records corresponding to the patient. Thus, it becomes considerably more difficult to falsify medical information when providing the biometric data and the smart card is a requirement for treatment. In some configurations, access to the medical data may be based on patient consent (e.g., patient consent settings for medical record access). For instance, a patient may restrict access to all or part of the medical data even when a matching biometric and private key are provided. In some configurations, the private key may also be accompanied by a personal identification number (PIN) as another level of security. Further, by associating biometric data with a smart card, a storage device 104 containing biometric templates may also be used to verify the existence of a patient or patient records in one or more storage devices 104. In another configuration, multiple types of biometric data may be captured for improving the ability to recover medical data from a storage device 104.
  • The electronic device 102 may also update biometric data that may change over time. For example, where a palm vein scan, face recognition or other changing feature is used to obtain biometric data, this or other biometric data may change gradually over time. Therefore, the electronic device 102 may periodically update a biometric template associated with the changing biometric data to more accurately represent a recent palm vein scan or image of a patient. In verifying a changed scan, another type of biometric data that changes less rapidly, such as a blood sample, fingerprint or other type of biometric data may be used to verify the identity of the patient seeking to update their biometric data. In some configurations, the smart card may be used to verify the identity of a patient when updating a biometric template associated with the patient.
  • FIG. 2 is a flow diagram illustrating one configuration of a method 200 for encrypting and storing biometric information on a storage device 104. In one configuration, the method may be performed by an electronic device 102 (e.g., computing device, server, smart phone, etc.).
  • Biometric data may be obtained 202. The biometric data may be obtained 202 using a variety of devices and techniques. For example, biometric data may be obtained 202 using a fingerprint scanner, a thumbprint scanner, a handprint or palm scanner, a vein scanner (e.g., a palm vein scanner), an eye scanner or other device capable of capturing data that may be used to identify a person. The biometric data may include any information or data that may be used in identifying a patient. Example of biometric data may include fingerprints, palm prints, vein scans or other types of data for identifying a patient. In some configurations, multiple types of biometric data may be obtained for each patient. Therefore, in cases where a certain device for capturing biometric data is unavailable or when a type of biometric data may not be obtained for one reason or another, an electronic device 102 may include different types of biometric data that may be used in encrypting and storing biometric information on one or more storage devices 104.
  • A biometric template based on the biometric data may be generated 204. Generating 204 the biometric template may include generating a reduced or condensed version of the biometric data. The biometric template may include enough information for later determining that the biometric template matches a subsequent scan of biometric data from the same patient. For example, in the case of biometric data being obtained through a fingerprint, the biometric template may include any data necessary for matching a subsequent scan of the same fingerprint. Thus, when a patient later scans the same finger, the biometric template may be used to determine with a high probability that the biometric template corresponds to the subsequently scanned fingerprint. Conversely, the biometric template may be compared to a fingerprint of someone other than the patient and determine with a high probability that the biometric template and the different finger do not match.
  • The biometric template may be encrypted 206. The encrypted biometric template may be encrypted 206 using a public key such that a private key is needed for decrypting the encrypted biometric template. Further, the decrypted biometric template may be necessary for determining that incoming biometric data corresponds to the non-encrypted biometric template. Thus, a private key may be maintained or stored for decrypting the encrypted biometric template in order to compare the biometric template with subsequently obtained biometric data. In some configurations, the encrypted biometric data may be linked to records on one or more storage devices 104 and one or more specific patients associated with the biometric data.
  • The encrypted biometric template may be sent 208 to a storage device 104. The encrypted biometric template may be accompanied by a public key when sent to the storage device 104. In some configurations, the private key for decryption may be withheld from the storage device 104 when sending the encrypted biometric template to the storage device 104. In some configurations, the electronic device 102 may send the encrypted biometric template to a storage device 104 over a network 106 (e.g., a wireless network). The storage device 104 may be a remote storage device or include a central database for storing one or more biometric templates. One or more storage devices 104 may also be used for storing medical records corresponding to the biometric templates.
  • FIG. 3 is a flow diagram illustrating a more detailed configuration of a method 300 for encrypting and storing biometric information on a storage device 104. The method 300 may be performed by one or more electronic devices. For example, one or more of the functions of the method 300 may be performed by a single electronic device 102 or separately by different electronic devices.
  • Biometric data may be obtained 302. This may be accomplished as described above in connection with one or more of FIGS. 1 and 2. A biometric template may be generated 304 based on the biometric data. This may be accomplished as described above in connection with one or more of FIGS. 1 and 2.
  • A public key may be generated 306. The public key may be used by an electronic device 102 for encrypting one or more biometric templates. A copy of the public key may be maintained with the biometric template on the electronic device 102 and/or on another device (e.g., a storage device 104).
  • A private key may also be generated 308. The private key may be used by an electronic device 102, computing device, storage device 104 or other device for decrypting the encrypted biometric template. The private key may be maintained on a remote device from the biometric template for preventing easy access to the biometric template or medical records associated with the biometric data. Thus, the private key may not be distributed or shared in the same way as the public key for preserving privacy of records or biometric data associated with the biometric template.
  • The biometric template may be encrypted 310 using the public key. While the public key may be used for encrypting the biometric template, the public key is not necessarily used for decrypting the biometric template. Thus, the public key may be distributed or shared without compromising privacy of records or biometric data associated with the biometric template.
  • The encrypted biometric template may be sent 312 to a storage device 104. The public key may also be sent 312 to the storage device 104. Because the encrypted biometric template is sent with the public key rather than the private key, the encrypted biometric template may not be easily decrypted without authorization of a patient or other device in possession of the private key. Thus, the encrypted biometric template may be stored on a central database, cloud computing space or storage device 104 accessible from one or more electronic devices over a network 106 without compromising the privacy of the records and other information associated with the biometric template.
  • The private key may be stored 314 on a smart card. The public key may also be stored on the smart card. This may be performed on an electronic device 102 or other device capable of programming a smart card. Thus, the private key may be stored on a smart card separate from the public key and encrypted biometric data stored on a storage device 104. Once stored on the smart card, the electronic device 102 may discard the private key such that the only copy of the private key is on the smart card. The smart card may be provided to a patient such that the patient has sole control over decryption of the encrypted biometric template. Therefore, the encrypted biometric template may not be decrypted without the patient providing the private key from the smart card.
  • The encrypted biometric template may be decrypted 316 using the private key. For example, a patient or health care provider may attempt to access the medical records, either through direct access to a storage device 104 or requesting access from the storage device 104 (e.g., by sending a request to the storage device 104 for biometric information). A patient or health care provider may provide the private key and public key corresponding to the encrypted biometric data by scanning or reading the smart card. In one configuration, the public key may be used to determine which encrypted biometric template to decrypt. Using the private key from the smart card, the encrypted biometric data may then be decrypted 316 and/or medical records may be associated with the biometric data. Further, the private key and/or public key may be used to link the biometric template to a specific patient and/or decrypting records associated with the patient.
  • Medical records corresponding to the biometric data may be obtained 318. For example, by decrypting the biometric template, the identity associated with records may be determined, thus providing a health care provider, patient or other device access to medical records associated with the patient. In some configurations, the medical records may be encrypted using the public key and decrypted using the private key. Additionally or alternatively, the medical records may have been linked to the encrypted biometric templates without further information regarding the identity of the patient or biometric data linked to the medical records. Thus, when the biometric templates are decrypted, the link between the medical records and the decrypted biometric template may be used to provide records associated with the patient.
  • Using this method of encrypting and storing biometric information, medical records may be protected because any link between the records and identity of a patient may be hidden due to the encrypting of the biometric template. Thus, even if the records are not encrypted, the biometric information that would be needed for identifying the patient associated with the records is hidden due to the encryption of the biometric template. In another configuration, the records may also be encrypted using the public key, thus further disabling access to the records without possession of the private key (e.g., the smart card).
  • FIG. 4 is a block diagram illustrating a more specific configuration of a system 400 for encrypting and storing biometric information on a storage device 404 using multiple public keys 428 and private keys 424. The system 400 may include an electronic device 402 and one or more storage devices 404 that communicate using a network 406. The system 400 may be one example of the system 100 described above in connection with FIG. 1. The system 400 may also include multiple smart cards 422 for storing one or more private keys 424 and public keys 428 for locating and decrypting biometric templates stored on a storage device 404 or other device.
  • The electronic device 402 may include a biometric module 408, encryption module 410, smart card module 412 and communication interface 414. The biometric module 408 may be similar to the biometric module 108 described above in connection with FIG. 1. The encryption module 410 may also be similar to the encryption module 110 described above in connection with FIG. 1. Further, the encryption module 410 may be used for encrypting one or more biometric templates and generating public keys 428, 440, 442, 444 and private keys 424 associated with each of the biometric templates. In one example, the encryption module 410 may generate public key A 428 a, public key B 428 b and public key C 428 c. The encryption module may also generate corresponding public key A 440, public key B 442 and public key C 444 c that are stored on a storage device 404 under various profiles associated with the encrypted biometric data. In one example, public key A 428 a, public key B 428 b and public key C 428 c correspond to public key A 440, public key B 442 and public key C 444 c on the storage device 404, respectively. The encryption module 410 may also generate private key A 424 a, private key B 424 b and private key C 424 c, where each is associated with respective public keys 428 a-c and biometric templates.
  • The smart card module 412 may be used for programming one or more smart cards 422. In one example, the smart card module 412 may program (e.g., write to) a user smart card 422 a with private key A 424 a and public key A 428 a, a spouse smart card 422 b with private key B 424 b and public key B 428 b and a dependent smart card 422 c with private key C 424 c and public key C 428 c. Each private key 424 and public key 428 on the smart cards 422 may correspond to one or more public keys 440, 442, 444 on the storage device 404.
  • The communication interface 414 may be used by the electronic device 402 for communicating with one or more devices (e.g., a storage device 404) over a network 406. The communication interface 414 may be similar to the communication interface 114 describe above in connection with FIG. 1.
  • One or more storage devices 404 may include a biometric template database 416, a records database 418 and a communication interface 420. The records database 418 may be similar to the records database 118 described above in connection with FIG. 1. The communication interface 420 may also be similar to the communication interface 120 described above in connection with FIG. 1. The biometric template database 416 may be one configuration of the biometric template database 116 described above in connection with FIG. 1.
  • In one configuration, the biometric template database 416 may be used to store one or more profiles 426 associated with one or more users (e.g., patients). For example, the biometric template database 416 may store a user profile 426 a associated with a primary user of an account, a spouse profile 426 b associated with a spouse of the user and a dependent profile 426 c associated with a dependent of the user. The biometric template database 416 may also store subsequent dependent profiles when new dependents are born or at a request of the user. Other configurations may include additional profiles 426. The user and/or spouse may both be designated as primary users of the account. In this case, the user profile 426 a may include one or more biometric templates generated based on biometric data obtained from the user.
  • The user profile may be encrypted with public key A 440. Public key A 440 on the storage device 404 may be a similar public key as public key A 428 a on the user smart card 422 a. In some configurations, public key A 440 on the storage device 404 and public key A 428 a on the smart card are identical. The spouse profile 426 b may include one or more biometric templates based on biometric data obtained from a spouse of the user. The spouse profile 426 b may be encrypted with public key B 442. Public key B 442 on the storage device 404 may be a similar public key as public key B 428 b on the spouse smart card 422 b. In some configurations, public key B 442 on the storage device 404 and public key B 428 b on the smart card are identical. The dependent profile 426 c may include one or more biometric templates based on biometric data obtained from a dependent of the user. The dependent profile 426 c may be encrypted with public key C 444 c. In one configuration, the dependent profile 426 c may be encrypted with additional public keys 444, including public key A 444 a associated with the user and public key B 444 b associated with the spouse of the user. Public key A 444 a, public key B 444 b and public key C 444 c on the storage device 404 may be similar to public key A 428 a, public key B 428 b and public key C 428 c on the smart cards 422, respectively. In some configurations, public keys 440, 442, 444 on the storage device and corresponding public keys 428 a-c on smart cards may be identical.
  • Encrypting a biometric template associated with a specific profile with multiple public keys may allow a user, spouse or dependent to access a dependent profile 426 c with their respective smart cards 422. In other configurations, relationships between profiles need not be familial (e.g., employer-employee, insurer-insured), nor are the profiles 426 limited to a certain number of public keys 440, 442, 444 that may be used when encrypting profiles 426 and corresponding biometric templates. In another configuration, a user and/or spouse may elect to permit decryption of a biometric template and/or medical records using a private key 424 on either a user smart card 422 a or the spouse smart card 422 b, such that each smart card may be used as a backup in case one or the other smart card 422 is lost.
  • In some configurations, multiple private keys 424 (on multiple smart cards 422) may be utilized to decrypt a biometric template and/or records associated with a particular user or patient. For example, the user smart card 422 a and the spouse smart card 422 b may be used to decrypt a biometric template and/or medical records associated with the respective profiles 426 of the user and spouse. In other configurations, a first encrypted biometric template and/or a first set of records may be decrypted using only a first private key (e.g., private key 424 a) on a first smart card (e.g., user smart card 422 a). However, a second encrypted biometric template and/or a second set of records may be decrypted using one of multiple keys (e.g., a first private key or a second private key, etc.). For example, the dependent's profile 426 c could be decrypted using any of private key A 424 a, private key B 424 b and private key C 424 c.
  • In one example with a user, spouse and dependent, the electronic device 402 may program separate smart cards 422 a-c for each of the user, spouse and dependent. Further, the user smart card 422 a and the spouse smart card 422 b may be used to decrypt a biometric template and/or medical records associated with the respective profiles 426 of the user and spouse. The dependent smart card 422 c may also be used to decrypt a biometric template and/or medical records and access information associated with the dependent profile 426 c. Additionally, the user smart card 422 a and the spouse smart card 422 b may be used to decrypt a biometric template and access medical records associated with the dependent profile 426 c because the dependent profile 426 c is encrypted in such a way as to be decrypted using either private key A 424 a, private key B 424 b or private key C 424 c.
  • Having separate smart cards allows for an increased level of flexibility. For example, where a mother and daughter are enrolled in a health plan and the mother is a primary user on the account, the daughter can come to a health care provider with her mother and receive health related services. In the case that the daughter does not bring her smart card, the daughter may have her biometric information verified through obtaining the daughter's biometric data and scanning the mother's smart card. Further, if the daughter desired to come into a clinic alone, she can do so without her mother present by bringing her respective smart card. Further, in cases where the daughter prefers to maintain confidentiality of her medical information, specific records may be encrypted or tagged as confidential (as based on consent settings, for example) and accessed exclusively by the daughter's smart card. Thus, privacy of one or more patients, even within respective families, may be protected while enabling access by health care providers to necessary information.
  • Restricting access between primary users and dependents may be enforced in order to respect privacy concerns of individuals (e.g., dependents) or, alternatively, for complying with specific laws regarding the privacy of medical records. Further, even without further encryption or tagging records as confidential (based on consent settings, for example), privacy of records are adequately protected where a biometric match between biometric data and a biometric template is required. Thus, even when a dependent or other profile permits decryption of a biometric template using a plurality of private keys 424, a storage device 404 may still require a match between biometric data and a biometric template before providing access to records on the storage device 404. Thus, in the illustrated example of FIG. 4, the user and/or spouse may still be required to provide biometric data of a dependent before gaining access to medical records of the dependent. Alternatively, a primary account holder's encrypted biometric template may be additionally stored along with a dependent's encrypted biometric template, for example. In this configuration, the primary account holder may access a dependent's records using the primary account holder's biometric data and private key 424.
  • FIG. 5 is a block diagram illustrating another configuration of a system 500 for encrypting and decrypting biometric information. The system 500 may include an electronic device 502 in communication with one or more storage devices 504 and a biometric computing device 530 over a network 506. The system 500 may be one configuration of the system 100 described above in connection with FIG. 1. The configuration described in connection with FIG. 5 may be beneficial in a scenario where a user (e.g., patient) is enrolled for healthcare at the electronic device 502 at a first location and later seeks healthcare at a second location (e.g., a clinic, hospital, etc.) where the biometric computing device 530 is located. In this scenario, the biometric computing device 530 may authenticate the user (e.g., patient) for service and/or may access records (e.g., medical records) corresponding to the user.
  • The electronic device 502 may include a biometric module 508, encryption module 510 and a communication interface 514. The biometric module 508, encryption module 510 and communication interface 514 may be similar to the biometric module 108, encryption module 110 and communication interface 114 described above in connection with FIG. 1.
  • One or more storage devices 504 may include a biometric template database 516, a records database 518 and/or a communication interface 520. The biometric template database 516, records database 518 and communication interface 520 may be similar to the biometric template database 116, records database 118 and communication interface 120 described above in connection with FIG. 1.
  • The biometric computing device 530 may be a separate device from the electronic device 502 and the storage device(s) 504. For example, the electronic device 502 may be operated by an organization for enrolling users with one or more smart cards associated with biometric data. One or more storage devices 504 may be operated by a health care provider, insurance company and/or other organization in possession of records. The biometric computing device 530 may be operated by a clinic or other health care provider capable of providing health care and processing biometric data. The biometric computing device 530 may be at the same location as or at a remote location from a storage device 504 where any records are maintained. The biometric computing device 530 may be an electronic device. Examples of a biometric computing device 530 may include servers, personal computers (PCs), laptop computers, tablet devices, smartphones or other kinds of electronic or computing devices.
  • The biometric computing device 530 may include a biometric capturing device 532. The biometric capturing device 532 may obtain biometric data from a patient. The biometric data may be obtained through a variety of techniques, including a palm vein scan, palm print, fingerprint, retinal scan, face recognition scan, blood sample or other method for capturing data about a patient. The obtained biometric data may be used to identify whether a smart card and/or patient matches a biometric template stored on a storage device 504.
  • The biometric computing device 530 may also include a smart card module 534. The smart card module 534 may perform similar functions as the smart card module 112 described above in connection with FIG. 1. In addition to obtaining biometric data, the biometric computing device 530 may obtain a private key from one or more smart cards using the smart card module 534. For example, the smart card module 534 may obtain a private key by scanning a smart card provided by a patient requesting health care. The private key from the smart card may be used for verifying that the biometric data matches a biometric template stored on a storage device 504.
  • The biometric computing device 530 may also include a decryption module 536. The decryption module 536 may be used for decrypting one or more biometric templates from a storage device 504. In decrypting one or more encrypted biometric templates, the decryption module 536 may use the private key provided by the smart card. If the private key corresponds to the encrypted biometric template as well as the subsequently obtained biometric data, then the biometric computing device 530 may determine that the encrypted biometric template and the biometric data subsequently obtained using the biometric capturing device 532 are a match.
  • The biometric computing device 530 may be used as a way of verifying and/or notifying one or more electronic devices 502 or a storage device 504 about whether biometric data and/or private keys correspond to one or more encrypted biometric templates stored on a storage device 504. For example, the biometric computing device 530 may obtain one or more types of biometric data from a patient. Additionally, the biometric computing device 530 may obtain a private key from a smart card provided by a patient. The biometric computing device 530 may further obtain an encrypted biometric template from a storage device 504 that matches the private key and/or the biometric data. Using the private key, the biometric computing device 530 may decrypt the biometric template. The biometric computing device 530 may determine whether the biometric data matches the decrypted biometric template. Each of these functions may be performed by the biometric computing device 530. Alternatively, one of more of these functions may be performed by another device (e.g., the electronic device 502, the storage devices 504) in communication with the biometric computing device 530. For example, the biometric computing device 530 may provide the private key and biometric data to another device, which may decrypt the biometric template and determine whether the biometric data matches the decrypted biometric template.
  • Upon determining that the biometric data and a decrypted biometric template match, the biometric computing device 530 may send an indication of the matching information to a storage device 504. This may indicate to the storage device 504 to release medical records of the patient to a requesting device. Alternatively, the biometric computing device 530 may obtain the records from a storage device 504 over the network 506. The biometric computing device 530 may be a remote device for authenticating a match between biometric data, a private key and the biometric templates and/or may be controlled by a requesting clinic seeking to gain access to patient records for providing health care.
  • FIG. 6 is a flow diagram illustrating one configuration of a method 600 for decrypting biometric information. In one configuration, the method 600 may be performed by a storage device 104 or other computing device (e.g., biometric computing device 530, server, smart phone, etc.).
  • An encrypted biometric template may be received 602. The encrypted biometric template may be based on biometric data obtained by an electronic device 102. The encrypted biometric template may be encrypted using a public key. In some configurations, the public key initially used to encrypt the biometric template may also be received and stored. A storage device 504 or other device obtaining the encrypted biometric template may be unable to decrypt the biometric template without obtaining a private key for decrypting the encrypted biometric template.
  • A public key may also be received 604. This public key (e.g., a public key subsequently received from the public key that was initially used to encrypt the biometric template) may be received 604 from the electronic device 102 or another computing device (e.g., biometric computing device 530). The public key may also be received via a smart card, where the public key is obtained from the smart card using a scanner or other device coupled to the electronic device 102 or biometric computing device 530. For example, a patient may provide a public key by scanning a smart card using a biometric computing device 530 at a clinic. The biometric computing device 530 may be used to send the public key obtained from the smart card to a storage device 104. The storage device 104 may receive the public key obtained from the smart card. The public key from the smart card may be a similar public key to a public key initially received by the storage device 104 when the encrypted biometric template was first received. In some configurations, more than one public key may be received for each encrypted biometric template. Further, the biometric template may have been encrypted by an electronic device 102 using more than one of the public keys.
  • A private key for decrypting the encrypted biometric template may be received 606. Receiving 606 the private key may be in response to determining that the received public key matches the encrypted biometric data. Additionally or alternatively, receiving 606 the private key may also be in response to a comparison between the received public key and a public key initially received with the encrypted biometric template. In some configurations, a storage device 104 may receive a private key for decrypting the encrypted biometric template without knowing whether the public key corresponds to the biometric template.
  • The storage device 104 may also determine 608 whether the encrypted biometric template corresponds to the public key. Determining 608 whether there is a match between the encrypted biometric template and the public key may be based on whether the public key matches an encryption key or similar public key used for encrypting the biometric template. Determining 608 whether there is a match may also include comparing the public key on a smart card with a public key initially received with the biometric template. Further, determining 608 whether there is a match between the encrypted biometric template and the public key may include sending the encrypted biometric template, public key and the private key to a remote device (e.g., electronic device 102, biometric computing device 530) for decrypting the encrypted biometric template and determining whether the resulting biometric template may be decrypted and/or matches biometric data obtained from a patient.
  • It should be noted that receiving 606 the private key may be optional in some configurations. For example, upon receiving 604 a public key and determining 608 that the encrypted biometric template corresponds to the public key, the storage device 104 may simply send the encrypted biometric template to another device. In this way, the other device (e.g., an electronic device 102 or a biometric computing device 530) may utilize the private key for decrypting the encrypted biometric template (and/or determining whether supplied biometric data matches the decrypted biometric template).
  • FIG. 7 is a flow diagram illustrating another configuration of a method 700 for decrypting biometric information. In one configuration, the method 700 may be performed by a biometric computing device 530 or other electronic or computing device (e.g., storage device 104, server, smart phone, etc.).
  • Biometric data may be obtained 702. The biometric data may be obtained for comparing to one or more biometric templates previously stored on a storage device 104. Obtaining the biometric data may be performed by a biometric computing device 530 or other device coupled to the biometric computing device 530. The biometric data may be obtained 702 using a variety of devices and techniques. For example, biometric data may be obtained 702 using a fingerprint scanner, a thumbprint scanner, a handprint or palm scanner, a vein scanner (e.g., a palm vein scanner), an eye scanner or other device capable of capturing data that may be used to identify a person. The biometric data may include any information or data that may be compared to a biometric template stored on a storage device 104. In some configurations, multiple types of biometric data may be obtained.
  • A public key may also be obtained 704. The public key may be obtained 704 from a smart card. The public key may be stored on the smart card previously issued to a patient. The public key may be obtained from the smart card using a scanner or other device. In some configurations, more than one public key may be obtained from a smart card. The public key on the smart card may be a similar key to the public key used for encrypting a biometric template by an electronic device 102.
  • A private key for decrypting an encrypted biometric template may be obtained 706. The private key may be obtained 706 from a smart card. The private key may be used by the biometric computing device 530, storage device 104, electronic device 102 or other computing device for decrypting an encrypted biometric template. For example, if the public key from the smart card corresponds to a public key used for encrypting the biometric template or other data, the private key from the smart card may be used for decrypting the biometric template or other data encrypted using the corresponding public key.
  • The biometric computing device 530 may be used to determine 708 whether the encrypted biometric template corresponds to the public key. The biometric computing device 530 may also be used to determine whether a public key from the smart card matches a public key provided earlier to the storage device 104. Determining 708 whether the encrypted biometric template corresponds to the public key may be based on a comparison between a public key obtained from the smart card and received information (e.g., public keys, encrypted biometric templates) from the storage device 104. Alternatively, determining whether a public key from a smart card corresponds to an encrypted biometric template may be performed by a storage device 104. If it is determined that the encrypted biometric template corresponds to the public key, the biometric computing device 530 (or the storage device 104) may decrypt 712 the encrypted biometric template using the private key. Once the decrypted biometric template is obtained, the biometric computing device 530 (or the storage device 104) may determine 714 whether the biometric data corresponds to the decrypted biometric template. Thus, the biometric computing device 530 may be used to determine whether a public key from a smart card corresponds to an encrypted biometric template. The biometric computing device 530 may also be used to decrypt an encrypted biometric template using a private key from the smart card. The biometric computing device 530 may also be used for determining whether the decrypted biometric template matches the biometric data before obtaining permission to access or receive records or other privacy sensitive data (e.g., medical records) stored on one or more storage devices 104.
  • Conversely, if it is determined that the encrypted biometric template does not correspond to the public key, the biometric computing device 530 or storage device 104 may provide 710 an indication that the biometric template does not correspond to the public key. This indication may be sent to one or more storage devices 104 or may be provided to a patient seeking access to records on the storage devices 104. In another configuration, the biometric computing device 530 or storage device 104 may simply decrypt the biometric template using whichever private key is provided, and determine whether the biometric template matches the public key and/or biometric data by comparing the biometric template (correctly or incorrectly decrypted) to the biometric data obtained by the biometric computing device 530.
  • In another configuration, the biometric computing device 530 may obtain access to records or other information stored on the storage device 104 if it is determined that the public key matches the encrypted biometric template and the biometric data matches the decrypted biometric template. Obtaining access to records on one or more storage devices 104 may include receiving records or being granted permission to access the records on a records database 518.
  • FIG. 8 is a block diagram illustrating various components that may be utilized in an electronic device 102. One or more storage devices 104 and/or a biometric computing device 530 may also use similar components. Although only one electronic device 802 is shown, the configurations herein may be implemented in a distributed system using many computer systems. The electronic device 802 may include the broad range of digital computers, including microcontrollers, hand-held computers, personal computers, servers, mainframes, supercomputers, minicomputers, workstations and any variation or related device thereof.
  • The electronic device 802 is shown with a processor 801 and memory 803. The processor 801 may control the operation of the electronic device 802 and may be embodied as a microprocessor, a microcontroller, a digital signal processor (DSP) or other device known in the art. The processor 801 typically performs logical and arithmetic operations based on program instructions 804 a stored within the memory 803. The instructions 804 a in the memory 803 may be executable to implement the methods described herein.
  • The electronic device 802 may also include one or more communication interfaces 807 and/or network interfaces 813 for communicating with other electronic devices. The communication interface(s) 807 and the network interface(s) 813 may be based on wired communication technology and/or wireless communication technology.
  • The electronic device 802 may also include one or more input devices 809 and one or more output devices 811. The input devices 809 and output devices 811 may facilitate user input/user output. Other components 815 may also be provided as part of the electronic device 802.
  • Data 806 a and instructions 804 a may be stored in the memory 803. The processor 801 may load and execute instructions 804 b from the instructions 804 a in memory 803 to implement various functions. Executing the instructions 804 a may involve the use of the data 806 b that is loaded from the memory 803. The instructions 804 a are executable to implement one or more of the processes or configurations shown herein, and the data 806 a may include one or more of the various pieces of data described herein.
  • The memory 803 may be any electronic component capable of storing electronic information. The memory 803 may be embodied as random access memory (RAM), read-only memory (ROM), magnetic disk storage media, optical storage media, flash memory devices in RAM, on-board memory included with the processor, EPROM memory, EEPROM memory, an ASIC (Application Specific Integrated Circuit), registers, and so forth, including combinations thereof.
  • As used herein, the term “determining” encompasses a wide variety of actions and, therefore, “determining” can include calculating, computing, processing, deriving, investigating, looking up (e.g., looking up in a table, a database or another data structure), ascertaining and the like. In addition, “determining” can include receiving (e.g., receiving information), accessing (e.g., accessing data in a memory) and the like. Further, “determining” can include resolving, selecting, choosing, establishing and the like.
  • The phrase “based on” should not be interpreted as “based only on,” unless expressly specified otherwise. In other words, the phrase “based on” describes both “based only on” and “based at least on.”
  • The term “processor” should be interpreted broadly to encompass a general-purpose processor, a central processing unit (CPU), a microprocessor, a digital signal processor (DSP), a controller, a microcontroller, a state machine, and so forth. Under some circumstances, a “processor” may refer to an application specific integrated circuit (ASIC), a programmable logic device (PLD), a field programmable gate array (FPGA), etc. The term “processor” may refer to a combination of processing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • The term “memory” should be interpreted broadly to encompass any electronic component capable of storing electronic information. The term memory may refer to various types of processor-readable media such as random access memory (RAM), read-only memory (ROM), non-volatile random access memory (NVRAM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically erasable PROM (EEPROM), flash memory, magnetic or optical data storage, registers, etc. Memory is said to be in electronic communication with a processor if the processor can read information from and/or write information to the memory. Memory may be integral to a processor and still be said to be in electronic communication with the processor.
  • The terms “instructions” and “code” should be interpreted broadly to include any type of computer-readable statement(s). For example, the terms “instructions” and “code” may refer to one or more programs, routines, sub-routines, functions, procedures, etc. “Instructions” and “code” may comprise a single computer-readable statement or many computer-readable statements.
  • The functions described herein may be implemented in hardware, software, firmware or any combination thereof. If implemented in software, the functions may be stored as one or more instructions on a computer-readable medium. The term “computer-readable medium” refers to any available medium that can be accessed by a computer. By way of example, and not limitation, a computer-readable medium may comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. Disk and disc, as used herein, includes compact disc (CD), laser disc, optical disc, digital versatile disc (DVD), floppy disk and Blu-ray® disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers.
  • Software or instructions may also be transmitted over a transmission medium. For example, if the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL) or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL or wireless technologies such as infrared, radio, and microwave are included in the definition of transmission medium.
  • The methods disclosed herein comprise one or more steps or actions for achieving the described method. The method steps and/or actions may be interchanged with one another without departing from the scope of the claims. In other words, unless a specific order of steps or actions is required for proper operation of the method that is being described, the order and/or use of specific steps and/or actions may be modified without departing from the scope of the claims.
  • Further, it should be appreciated that modules and/or other appropriate means for performing the methods and techniques described herein, such as those illustrated by FIGS. 2, 3, 6 and 7, can be downloaded and/or otherwise obtained by a device. For example, a device may be coupled to a server to facilitate the transfer of means for performing the methods described herein. Alternatively, various methods described herein can be provided via a storage means (e.g., random access memory (RAM), read-only memory (ROM), a physical storage medium such as a compact disc (CD) or floppy disk, etc.), such that a device may obtain the various methods upon coupling or providing the storage means to the device. Moreover, any other suitable technique for providing the methods and techniques described herein to a device can be utilized.
  • It is to be understood that the claims are not limited to the precise configuration and components illustrated above. Various modifications, changes and variations may be made in the arrangement, operation and details of the systems, methods and apparatus described herein without departing from the scope of the claims.

Claims (20)

What is claimed is:
1. A method for encrypting biometric information by an electronic device, comprising:
obtaining biometric data;
generating a biometric template based on the biometric data;
encrypting the biometric template; and
sending the encrypted biometric template to a storage device.
2. The method of claim 1, further comprising storing a private key for decrypting the biometric template on a smart card.
3. The method of claim 2, wherein the smart card is associated with a health care provider.
4. The method of claim 1, further comprising:
generating a public key for encrypting the biometric template; and
sending the public key to the storage device.
5. The method of claim 1, further comprising:
generating a private key for decrypting the encrypted biometric template; and
storing the private key on a smart card.
6. The method of claim 1, further comprising obtaining medical records corresponding to the encrypted biometric template.
7. The method of claim 1, further comprising:
storing a first private key on a first smart card corresponding to a first encrypted biometric template; and
storing a second private key on a second smart card corresponding to a second encrypted biometric template.
8. The method of claim 7, wherein the first encrypted biometric template is configured to be decrypted using only the first private key on the first smart card.
9. The method of claim 7, wherein the second encrypted biometric template is configured to be decrypted using one of the first private key on the first smart card and the second private key on the second smart card.
10. The method of claim 1, wherein the biometric template is stored in a computing cloud.
11. The method of claim 1, further comprising:
scanning a smart card including a private key corresponding to the biometric template; and
sending the private key to the storage device for decrypting the encrypted biometric template in response to scanning the smart card.
12. An electronic device for storing an encrypted biometric template on a storage device, comprising:
a processor;
memory in electronic communication with the processor; and
instructions stored in memory, the instructions being executable to:
obtain a biometric identification;
generate a biometric template from the biometric identification;
encrypt the biometric template; and
send the encrypted biometric template to be stored in a storage device.
13. The electronic device of claim 12, wherein the instructions are further executable to store a private key for decrypting the biometric template on a smart card.
14. The electronic device of claim 12, wherein the instructions are further executable to:
store a first private key on a first smart card corresponding to a first encrypted biometric template; and
store a second private key on a second smart card corresponding to a second encrypted biometric template.
15. The electronic device of claim 14, wherein the first encrypted biometric template is configured to be decrypted using only the first private key on the first smart card.
16. The electronic device of claim 14, wherein the second encrypted biometric template is configured to be decrypted using one of the first private key on the first smart card and the second private key on the second smart card.
17. A method for storing biometric information by a storage device, comprising:
receiving an encrypted biometric template;
receiving a public key;
receiving a private key for decrypting the encrypted biometric template; and
determining whether the encrypted biometric template corresponds to the public key.
18. The method of claim 17, wherein if it is determined that the encrypted biometric template corresponds to the public key, further comprising decrypting the encrypted biometric template using the private key.
19. The method of claim 17, further comprising sending the encrypted biometric template to an electronic device.
20. The method of claim 17, wherein if it is determined that the encrypted biometric template does not correspond to the public key and the private key, providing an indication that the biometric template is not associated with the public key.
US13/899,289 2012-05-22 2013-05-21 Encrypting and storing biometric information on a storage device Abandoned US20130318361A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US13/899,289 US20130318361A1 (en) 2012-05-22 2013-05-21 Encrypting and storing biometric information on a storage device
PCT/US2013/042256 WO2013177297A2 (en) 2012-05-22 2013-05-22 Encrypting and storing biometric information on a storage device

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US201261650252P 2012-05-22 2012-05-22
US201261650640P 2012-05-23 2012-05-23
US13/899,289 US20130318361A1 (en) 2012-05-22 2013-05-21 Encrypting and storing biometric information on a storage device

Publications (1)

Publication Number Publication Date
US20130318361A1 true US20130318361A1 (en) 2013-11-28

Family

ID=49622518

Family Applications (2)

Application Number Title Priority Date Filing Date
US13/899,289 Abandoned US20130318361A1 (en) 2012-05-22 2013-05-21 Encrypting and storing biometric information on a storage device
US13/899,306 Active 2033-09-12 US9202083B2 (en) 2012-05-22 2013-05-21 Systems and methods for verifying uniqueness in anonymous authentication

Family Applications After (1)

Application Number Title Priority Date Filing Date
US13/899,306 Active 2033-09-12 US9202083B2 (en) 2012-05-22 2013-05-21 Systems and methods for verifying uniqueness in anonymous authentication

Country Status (2)

Country Link
US (2) US20130318361A1 (en)
WO (2) WO2013177304A2 (en)

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160328600A1 (en) * 2014-12-01 2016-11-10 Xiamen ZKTeco Electronic Biometric Identification Technology Co., Ltd. System and method for personal identification based on multimodal biometric information
US20160328594A1 (en) * 2014-12-01 2016-11-10 DongGuan ZKTeco Electronic Technology Co., Ltd. System and Method for Acquiring Multimodal Biometric Information
CN109791714A (en) * 2016-09-30 2019-05-21 亚萨合莱有限公司 The access to physical space is controlled using fingerprint sensor
WO2019125722A1 (en) * 2017-12-22 2019-06-27 Mastercard International Incorporated Systems and methods for provisioning biometric image templates to devices for use in user authentication
CN109961291A (en) * 2017-12-14 2019-07-02 红石生物特征科技有限公司 A kind of biological characteristic authentication system and method
US10404464B2 (en) * 2016-08-22 2019-09-03 Mastercard International Incorporated Method and system for secure FIDO development kit with embedded hardware
US10419922B1 (en) * 2018-11-08 2019-09-17 T-Mobile Usa, Inc. Subscriber identity privacy
EP3472970A4 (en) * 2016-06-17 2019-11-27 Weimer, Jonathan Blockchain systems and methods for user authentication
US10580521B1 (en) 2015-07-22 2020-03-03 Medris, LLC Emergency information and identification device and method
US10650632B2 (en) 2017-12-22 2020-05-12 Mastercard International Incorporated Systems and methods for provisioning digital identities to authenticate users
US20200265132A1 (en) * 2019-02-18 2020-08-20 Samsung Electronics Co., Ltd. Electronic device for authenticating biometric information and operating method thereof
US10785217B2 (en) 2017-01-10 2020-09-22 International Business Machines Corporation System, method and computer program product for controlling and altering biological, biometric, and idiosyncratic authentications
US10979426B2 (en) * 2017-09-26 2021-04-13 Visa International Service Association Privacy-protecting deduplication
US11036870B2 (en) * 2016-08-22 2021-06-15 Mastercard International Incorporated Method and system for secure device based biometric authentication scheme
US20210266170A1 (en) * 2020-02-26 2021-08-26 Antonio Rossi System and method of trustless confidential positive identification and de-anonymization of data using blockchain
US11275820B2 (en) * 2019-03-08 2022-03-15 Master Lock Company Llc Locking device biometric access
US20220270728A1 (en) * 2021-02-23 2022-08-25 Zebra Technologies Corporation Patient unique identifier
US11443065B2 (en) * 2019-04-08 2022-09-13 Immuta, Inc. Systems and methods for obscuring data from a data source
US11483310B1 (en) * 2022-05-11 2022-10-25 King Fahd University Of Petroleum And Minerals Post-quantum biometric template protection system using smart card
US11533180B1 (en) * 2017-11-28 2022-12-20 Shanghai Harvest Intelligence Technology Co., Ltd. Storage device and electronic device

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101030489B1 (en) * 2007-06-22 2011-04-25 주식회사 케이티 system for controlling smart card and method thereof
US8874935B2 (en) 2011-08-30 2014-10-28 Microsoft Corporation Sector map-based rapid data encryption policy compliance
US8887259B1 (en) * 2011-12-06 2014-11-11 Imageware Systems, Inc. Anonymous biometric verification
US20140344570A1 (en) 2013-05-20 2014-11-20 Microsoft Corporation Data Protection For Organizations On Computing Devices
US10340035B2 (en) * 2013-11-13 2019-07-02 Fenwal, Inc. Medical record storage with electronic signature
US9226109B2 (en) 2013-12-31 2015-12-29 Ping4 Inc. System and method for anonymous delivery of geographically specific rich media information
US10615967B2 (en) 2014-03-20 2020-04-07 Microsoft Technology Licensing, Llc Rapid data protection for storage devices
US9825945B2 (en) 2014-09-09 2017-11-21 Microsoft Technology Licensing, Llc Preserving data protection with policy
US9853812B2 (en) 2014-09-17 2017-12-26 Microsoft Technology Licensing, Llc Secure key management for roaming protected content
US9900295B2 (en) 2014-11-05 2018-02-20 Microsoft Technology Licensing, Llc Roaming content wipe actions across devices
US20160269411A1 (en) * 2015-03-12 2016-09-15 Ronen MALACHI System and Method for Anonymous Biometric Access Control
US9819665B1 (en) * 2015-06-26 2017-11-14 EMC IP Holding Company LLC Synchronization of access tokens for session continuity across multiple devices
US9819672B1 (en) * 2015-06-26 2017-11-14 EMC IP Holding Company LLC Sharing access tokens with trusted users
US9853820B2 (en) 2015-06-30 2017-12-26 Microsoft Technology Licensing, Llc Intelligent deletion of revoked data
US9900325B2 (en) 2015-10-09 2018-02-20 Microsoft Technology Licensing, Llc Passive encryption of organization data
US10129252B1 (en) 2015-12-17 2018-11-13 Wells Fargo Bank, N.A. Identity management system
CN107294721B (en) 2016-03-30 2019-06-18 阿里巴巴集团控股有限公司 The method and apparatus of identity registration, certification based on biological characteristic
KR102397812B1 (en) 2016-08-23 2022-05-13 비자 인터네셔널 서비스 어소시에이션 Remote use of locally stored biometric authentication data
US10237270B2 (en) 2016-09-29 2019-03-19 International Business Machines Corporation Distributed storage of authentication data
CN110741369B (en) * 2017-06-02 2023-10-31 维萨国际服务协会 Secure biometric authentication using electronic identity
US10373165B2 (en) * 2017-09-25 2019-08-06 Capital One Services, Llc Automated sensor-based customer identification and authorization systems within a physical environment
EP3579595B1 (en) * 2018-06-05 2021-08-04 R2J Limited Improved system and method for internet access age-verification
EP3629308A1 (en) * 2018-09-25 2020-04-01 R2J Limited Improved system and method for electronic voting
US11394706B2 (en) * 2019-09-03 2022-07-19 Seagate Technology Llc Password-less login
US11113685B2 (en) * 2019-12-23 2021-09-07 Capital One Services, Llc Card issuing with restricted virtual numbers
SG10202003630VA (en) * 2020-04-21 2021-09-29 Grabtaxi Holdings Pte Ltd Authentication and validation procedure for improved security in communications systems
CN114900325B (en) * 2022-03-25 2024-03-26 杭州博盾习言科技有限公司 Federal learning-based privacy set intersection method, system, equipment and medium
CN116471081B (en) * 2023-04-18 2023-12-12 中国石油天然气股份有限公司辽宁销售分公司 Indoor security anonymous authentication method based on Internet of things technology

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6317834B1 (en) * 1999-01-29 2001-11-13 International Business Machines Corporation Biometric authentication system with encrypted models
US7302583B2 (en) * 2001-11-08 2007-11-27 Ncr Corporation Biometrics template
US20100138667A1 (en) * 2008-12-01 2010-06-03 Neil Patrick Adams Authentication using stored biometric data
US7895432B2 (en) * 2000-03-30 2011-02-22 Digitalpersona, Inc. Method and apparatus for using a third party authentication server
US8001387B2 (en) * 2006-04-19 2011-08-16 Dphi, Inc. Removable storage medium with biometric access

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090024416A1 (en) * 2000-03-15 2009-01-22 Mclaughlin Mark R Healthcare Medical Information Management System
US20020026578A1 (en) 2000-08-22 2002-02-28 International Business Machines Corporation Secure usage of digital certificates and related keys on a security token
US20020112177A1 (en) * 2001-02-12 2002-08-15 Voltmer William H. Anonymous biometric authentication
AU2002248604A1 (en) * 2001-03-09 2002-09-24 Pascal Brandys System and method of user and data verification
JP4221385B2 (en) * 2005-02-21 2009-02-12 日立オムロンターミナルソリューションズ株式会社 Biometric authentication device, terminal device and automatic transaction device
JP2007018050A (en) * 2005-07-05 2007-01-25 Sony Ericsson Mobilecommunications Japan Inc Portable terminal device, personal identification number certification program, and personal identification number certification method
US7747861B2 (en) * 2005-11-09 2010-06-29 Cisco Technology, Inc. Method and system for redundant secure storage of sensitive data by using multiple keys
US20080052527A1 (en) 2006-08-28 2008-02-28 National Biometric Security Project method and system for authenticating and validating identities based on multi-modal biometric templates and special codes in a substantially anonymous process
US8769275B2 (en) * 2006-10-17 2014-07-01 Verifone, Inc. Batch settlement transactions system and method
JP5365512B2 (en) 2007-03-28 2013-12-11 日本電気株式会社 Software IC card system, management server, terminal, service providing server, service providing method and program
EP2590101B1 (en) * 2008-12-01 2017-09-27 BlackBerry Limited Authentication using stored biometric data
US8887246B2 (en) 2010-06-22 2014-11-11 Telefonaktiebolaget L M Ericsson (Publ) Privacy preserving authorisation in pervasive environments

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6317834B1 (en) * 1999-01-29 2001-11-13 International Business Machines Corporation Biometric authentication system with encrypted models
US7895432B2 (en) * 2000-03-30 2011-02-22 Digitalpersona, Inc. Method and apparatus for using a third party authentication server
US7302583B2 (en) * 2001-11-08 2007-11-27 Ncr Corporation Biometrics template
US8001387B2 (en) * 2006-04-19 2011-08-16 Dphi, Inc. Removable storage medium with biometric access
US20100138667A1 (en) * 2008-12-01 2010-06-03 Neil Patrick Adams Authentication using stored biometric data

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160328600A1 (en) * 2014-12-01 2016-11-10 Xiamen ZKTeco Electronic Biometric Identification Technology Co., Ltd. System and method for personal identification based on multimodal biometric information
US20160328594A1 (en) * 2014-12-01 2016-11-10 DongGuan ZKTeco Electronic Technology Co., Ltd. System and Method for Acquiring Multimodal Biometric Information
US11495046B2 (en) * 2014-12-01 2022-11-08 Zkteco Co., Ltd. System and method for acquiring multimodal biometric information
US11475704B2 (en) * 2014-12-01 2022-10-18 Zkteco Co., Ltd. System and method for personal identification based on multimodal biometric information
US20200394379A1 (en) * 2014-12-01 2020-12-17 Zkteco Co., Ltd. System and Method for Acquiring Multimodal Biometric Information
US10733414B2 (en) * 2014-12-01 2020-08-04 Zkteco Co., Ltd. System and method for personal identification based on multimodal biometric information
US10726235B2 (en) * 2014-12-01 2020-07-28 Zkteco Co., Ltd. System and method for acquiring multimodal biometric information
US10580521B1 (en) 2015-07-22 2020-03-03 Medris, LLC Emergency information and identification device and method
EP3472970A4 (en) * 2016-06-17 2019-11-27 Weimer, Jonathan Blockchain systems and methods for user authentication
US10404464B2 (en) * 2016-08-22 2019-09-03 Mastercard International Incorporated Method and system for secure FIDO development kit with embedded hardware
US11036870B2 (en) * 2016-08-22 2021-06-15 Mastercard International Incorporated Method and system for secure device based biometric authentication scheme
CN109791714A (en) * 2016-09-30 2019-05-21 亚萨合莱有限公司 The access to physical space is controlled using fingerprint sensor
US11094153B2 (en) * 2016-09-30 2021-08-17 Assa Abloy Ab Controlling access to a physical space using a fingerprint sensor
US10785217B2 (en) 2017-01-10 2020-09-22 International Business Machines Corporation System, method and computer program product for controlling and altering biological, biometric, and idiosyncratic authentications
US10979426B2 (en) * 2017-09-26 2021-04-13 Visa International Service Association Privacy-protecting deduplication
US11716328B2 (en) 2017-09-26 2023-08-01 Visa International Service Association Method of constructing a table for determining match values
US11533180B1 (en) * 2017-11-28 2022-12-20 Shanghai Harvest Intelligence Technology Co., Ltd. Storage device and electronic device
CN109961291A (en) * 2017-12-14 2019-07-02 红石生物特征科技有限公司 A kind of biological characteristic authentication system and method
US10937267B2 (en) 2017-12-22 2021-03-02 Mastercard International Incorporated Systems and methods for provisioning digital identities to authenticate users
WO2019125722A1 (en) * 2017-12-22 2019-06-27 Mastercard International Incorporated Systems and methods for provisioning biometric image templates to devices for use in user authentication
US20190199714A1 (en) * 2017-12-22 2019-06-27 Mastercard International Incorporated Systems and Methods for Provisioning Biometric Image Templates to Devices for Use in User Authentication
US11240233B2 (en) * 2017-12-22 2022-02-01 Mastercard International Incorporated Systems and methods for provisioning biometric image templates to devices for use in user authentication
US10650632B2 (en) 2017-12-22 2020-05-12 Mastercard International Incorporated Systems and methods for provisioning digital identities to authenticate users
US11824642B2 (en) 2017-12-22 2023-11-21 Mastercard International Incorporated Systems and methods for provisioning biometric image templates to devices for use in user authentication
US10419922B1 (en) * 2018-11-08 2019-09-17 T-Mobile Usa, Inc. Subscriber identity privacy
US10652729B1 (en) * 2018-11-08 2020-05-12 T-Mobile Usa, Inc. Subscriber identity privacy
US20200265132A1 (en) * 2019-02-18 2020-08-20 Samsung Electronics Co., Ltd. Electronic device for authenticating biometric information and operating method thereof
US11947649B2 (en) 2019-03-08 2024-04-02 Master Lock Company Llc Locking device biometric access
US11275820B2 (en) * 2019-03-08 2022-03-15 Master Lock Company Llc Locking device biometric access
US11443065B2 (en) * 2019-04-08 2022-09-13 Immuta, Inc. Systems and methods for obscuring data from a data source
US20230004678A1 (en) * 2019-04-08 2023-01-05 Immuta, Inc. Systems and methods for obscuring data from a data source
US11734452B2 (en) * 2019-04-08 2023-08-22 Immuta, Inc. Systems and methods for obscuring data from a data source
US20210266170A1 (en) * 2020-02-26 2021-08-26 Antonio Rossi System and method of trustless confidential positive identification and de-anonymization of data using blockchain
US20220270728A1 (en) * 2021-02-23 2022-08-25 Zebra Technologies Corporation Patient unique identifier
US11483310B1 (en) * 2022-05-11 2022-10-25 King Fahd University Of Petroleum And Minerals Post-quantum biometric template protection system using smart card

Also Published As

Publication number Publication date
US20130318359A1 (en) 2013-11-28
WO2013177304A2 (en) 2013-11-28
WO2013177297A2 (en) 2013-11-28
US9202083B2 (en) 2015-12-01
WO2013177304A3 (en) 2014-03-13
WO2013177297A3 (en) 2014-03-06

Similar Documents

Publication Publication Date Title
US20130318361A1 (en) Encrypting and storing biometric information on a storage device
US11200340B2 (en) Method and system for managing personal information within independent computer systems and digital networks
US11936789B1 (en) Biometric reference template record
US20210409221A1 (en) Portable Biometric Identity on a Distributed Data Storage Layer
US9213818B2 (en) Anonymous authentication using backup biometric information
US11531781B2 (en) Encryption scheme for making secure patient data available to authorized parties
Nelson Practical implications of sharing data: a primer on data privacy, anonymization, and de-identification
US10193884B1 (en) Compliance and audit using biometric tokenization
JP2022530535A (en) How to operate a computer system and a computer system for processing anonymous data
US20220405765A1 (en) Know your customer (kyc) and anti-money laundering (aml) verification in a multi-decentralized private blockchains network
US20150101065A1 (en) User controlled data sharing platform
Bradish et al. Covichain: A blockchain based covid-19 vaccination passport
TWI444849B (en) System for monitoring personal data file based on server verifying and authorizing to decrypt and method thereof
Ko et al. A Study on Secure Medical‐Contents Strategies with DRM Based on Cloud Computing
El Kettani et al. Confidentiality in Electronic Health Records Systems: a Review
Parkavi et al. Data Breach in the Healthcare System: Enhancing Data Security
Lynda et al. Data security and privacy in e-health cloud: Comparative study
Abouakil et al. Data models for the pseudonymization of DICOM data
US11514144B1 (en) Universal identification device
Sanzi et al. Identification and Adaptive Trust Negotiation in Interconnected Systems
US20210224416A1 (en) Cryptographic key management
Vithanwattana et al. Middlesex University Research Repository
Thendral et al. A Blockchain Based Secure Mechanism for Sharing Medical Data in the Cloud

Legal Events

Date Code Title Description
AS Assignment

Owner name: PARTNET, INC., UTAH

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ERICKSON, DOUGLAS M.;MORRIS, CAMERON CRAIG;REEL/FRAME:031102/0273

Effective date: 20130517

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION