Organism detection system and method for identity verification

By combining a light source and a brightness measurement unit with a deception detection light source to determine whether an object is an organic part, the problem of traditional biometric systems being unable to prevent deception attacks is solved, achieving higher reliability and security.

CN115273162BActive Publication Date: 2026-06-30SILK ID SYSTEMS INC

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
SILK ID SYSTEMS INC
Filing Date
2016-06-23
Publication Date
2026-06-30

AI Technical Summary

Technical Problem

Traditional biometric systems struggle to effectively detect and prevent spoofing attacks, leading to reliability and security issues.

Method used

By measuring the brightness distribution of an object using a light source and a brightness measurement unit, and combining this with a deception detection light source and a determinant, the system determines whether the object is an organic part. It also distinguishes between real and fake biological features by utilizing the diffusion characteristics of light in organic and non-biological materials.

Benefits of technology

This improves the reliability and security of biometric systems, enabling them to effectively identify genuine organic parts and reject deceptive materials.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN115273162B_ABST
    Figure CN115273162B_ABST
Patent Text Reader

Abstract

This invention relates to methods, systems, and procedures for user identification and authentication. One embodiment discloses an apparatus for user authentication, comprising: a surface on which an object is placed; a light source configured to emit light to illuminate a first portion of the surface; a brightness measurement unit configured to measure a brightness distribution in a second portion of the surface, wherein the object diffuses light from the first portion to the second portion to produce the brightness distribution; and a determiner configured to determine whether the object is an organic part based on the brightness distribution.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] This application is a divisional application of Chinese Patent Application No. 201680065976.4, filed on June 23, 2016, entitled "Organic Detection System and Method for Identity Verification".

[0002] Cross-references to related applications

[0003] This application claims priority to U.S. Patent Application No. 14 / 873,729, entitled "Organism Detection System and Method for Authentication", filed on October 2, 2015, the entire contents of which are incorporated herein by reference. Technical Field

[0004] This disclosure relates to user authentication and identification, and more particularly to user authentication and identification based on organism detection. Background Technology

[0005] Biometric identification systems are widely used for user identification and authentication based on biometric information. A major challenge facing biometric systems is detecting and rejecting spoofing attacks, in which an unauthorized person provides a biometric sample to the system by illegally obtaining another user's account, data, or permissions. An example of a spoofing attack is submitting a fingerprint model or image to a fingerprint reader instead of the legitimate owner's real finger. Most traditional biometric systems lack effective methods for detecting spoofing attacks, also known as organism detection or spoofing detection. This poses serious reliability and security problems for biometric systems.

[0006] Therefore, there is a need to provide a user identification / authentication solution with improved reliability.

[0007] summary

[0008] This teaching relates to methods, systems, and procedures for user authentication and identification. In particular, this teaching is directed to methods, systems, and procedures for user authentication and identification based on organism detection.

[0009] In one example, an apparatus for user authentication is disclosed. The apparatus includes: a surface on which an object is placed; a light source configured to emit light to illuminate a first portion of the surface; a brightness measurement unit configured to measure a brightness distribution in a second portion of the surface, wherein the object diffuses light from the first portion to the second portion to produce the brightness distribution; and a determiner configured to determine whether the object is an organic part based on the brightness distribution.

[0010] In one different example, a method for detecting whether an object is an organism, implemented on a device, is disclosed. The presence of the object is sensed when an individual places it on the surface of the device. Light is provided to illuminate a first portion of the surface. The brightness distribution of a second portion of the surface is measured. The brightness distribution is generated by the object diffusing light from the first portion to the second portion. Based on the brightness distribution, it is determined whether the object is an organic part.

[0011] In another example, a system for identifying a person is disclosed. The system includes: a surface on which a person places an object; a light source configured to emit light illuminating a first portion of the surface; a brightness measurement unit configured to measure the brightness distribution in a second portion of the surface, wherein the object diffuses light from the first portion to the second portion, thereby generating the brightness distribution; a diffusion-based determiner configured to determine whether the object is an organic part based on the brightness distribution and generate a determination result; a biometric image processing unit configured to acquire a biometric image of the object; and an identity determiner configured to identify a person based on the biometric image and the determination result.

[0012] In yet another example, a device for reading the biometric features of an object is disclosed. The device includes: a light source configured to provide light to illuminate a first portion of an object, wherein the object is not in contact with the device; a brightness measurement unit configured to measure the brightness distribution in a second portion of the object, wherein the object diffuses light from the first portion to the second portion to generate the brightness distribution; and a determiner configured to determine whether the object is an organic part based on the brightness distribution.

[0013] Other concepts relate to software that implements this teaching, performing organism-based user authentication. According to this concept, a software product includes at least one machine-readable, non-transitory medium and information carried by that medium. The information carried by the medium may be executable program code data, parameters associated with the executable program code, and / or user-related information, requests, content, or information related to a social group, etc.

[0014] Additional novel features will be set forth in the description below, and some will become apparent to those skilled in the art upon viewing the following figures or from the making or operation of the examples. The novel features of this teaching can be realized and obtained by implementing or using various aspects of the methods, means, and combinations described in the detailed examples discussed below. Attached Figure Description

[0015] The methods, systems, and / or programs of the present invention are further illustrated by means of exemplary embodiments. These exemplary embodiments are described in detail with reference to the accompanying drawings. These embodiments are non-limiting exemplary embodiments, wherein the same reference numerals represent similar structures in various views of the drawings, and wherein:

[0016] Appendix Figure 1 A conventional fingerprint reader based on existing technology is described;

[0017] Appendix Figure 2 A biometric identifier according to an embodiment of this teaching is described;

[0018] Appendix Figure 3 A biometric device according to an embodiment of this teaching is described, with a real finger placed on a table;

[0019] Appendix Figure 4 A biometric device according to an embodiment of this teaching is described, with an opaque object placed on a platform;

[0020] Appendix Figure 5 A biometric device according to an embodiment of the present teaching is described, having a transparent or translucent object placed on a platform;

[0021] Appendix Figure 6 A biometric device according to an embodiment of this teaching is described, with a spoofing detection light source located below a prism;

[0022] Appendix Figure 7 A biometric device based on this teaching is described, with a spoofing detection light source located below a window on the platform;

[0023] Appendix Figure 8 This is a high-level description of an exemplary system for user identification / authentication according to embodiments of this teaching;

[0024] Appendix Figure 9 This is a high-level description of another exemplary system for user identification / authentication according to embodiments of this teaching;

[0025] Appendix Figure 10 Example diagrams are depicted of an anti-spoofing identification module in a user identification / verification system according to embodiments of this teaching;

[0026] Appendix Figure 11 A flowchart illustrating an exemplary process for user identification with spoofing detection according to embodiments of this teaching;

[0027] Appendix Figure 12 This is an example diagram of a diffusion tester according to an embodiment of this teaching;

[0028] Appendix Figure 13A flowchart illustrating an exemplary process performed by a diffusion tester according to an embodiment of this teaching;

[0029] Appendix Figure 14 This is an example diagram of the identification / verification module according to an embodiment of this teaching;

[0030] Appendix Figure 15 This is a flowchart illustrating an exemplary process performed by the identification / verification module according to embodiments of this teaching.

[0031] Appendix Figure 16 A general mobile device architecture that can implement this teaching is described;

[0032] Appendix Figure 17 A general-purpose computer architecture for implementing this teaching is described;

[0033] Appendix Figure 18 An exemplary manner in which this teaching can be implemented on a general-purpose computer is described;

[0034] Appendix Figure 19 A sample image captured by an exemplary device according to an embodiment is described, showing a real finger placed on a table.

[0035] Appendix Figure 20 The description includes a sample image captured by an exemplary device according to an embodiment, with an opaque object placed on a platform; and

[0036] Appendix Figure 21 The illustration describes a sample image captured by an exemplary device according to this embodiment, showing a transparent or translucent object placed on a platform. Detailed description

[0037] In the following detailed description, numerous specific details are illustrated by example to provide a comprehensive understanding of the teachings. However, it will be apparent to those skilled in the art that these details, along with additional features, may not be necessary to implement the teachings. In other instances, well-known methods, processes, systems, components, and / or circuits have been described at a relatively high level without additional detail to avoid unnecessarily obscuring aspects of the teachings.

[0038] This disclosure describes methods, systems, and procedures for detecting deception attacks by determining whether an object is a part of an organism.

[0039] According to one embodiment of this teaching, an authentication device includes a transparent platform on which a user places their finger and a light source that illuminates a first portion of the platform but not a second portion. The finger may or may not touch either portion of the platform. The device may also include an imaging system for measuring light propagating from the directly illuminated portion of the platform to the indirectly illuminated portion where the finger touches the platform. Measuring and characterizing this light propagation can be compared with preset values ​​to determine whether the presented finger is genuine. This may be referred to as spoofing detection regarding whether it is a fake or deceptive finger. The device can determine whether to authenticate the person based on the spoofing detection and stored biometric data provided by the person. For example, if the presented finger is identified as an organism part, and if the biometric sample provided by the person matches stored data associated with an authentication identity, the device will authenticate the person. The stored biometric data may be fingerprints, diffusion images, simplified templates of fingerprint information, and / or datasets characterizing diffusion information, etc. It is understood that other organism parts may also be used for authentication based on similar spoofing detection. For example, instead of using fingerprints, user authentication can be based on the aforementioned spoofing detection and matched with images of a person's palm, face, eyes, etc.

[0040] This teaching discloses an apparatus and method for distinguishing between a human organic finger and a finger replica. For an organic part, such as a human finger, light can penetrate the skin and scatter features that are difficult to recreate with non-biological materials. One significant difference can be the light diffusion from the directly illuminated portion of the platform to the indirectly illuminated portion where the finger contacts the platform. Some fake fingerprints (e.g., made of latex) are relatively opaque, and light propagates much less in unilluminated areas than in a real finger. Other fake fingerprints (e.g., made of silicone) are relatively translucent or transparent, and light propagates much more in unilluminated areas than in a real finger. Both of these cases can be detected and denied (accessed) by the device disclosed in this teaching.

[0041] In a practical example, an entity's database may include the identity information (name, employee ID, etc.) of known persons authorized to access the entity's properties. For each known identity, the database contains a pre-defined fingerprint template associated with that identity. Once a fingerprint is obtained from a person, if that fingerprint is obtained from a body part and matches the fingerprint template associated with the known identity, the device disclosed in this teaching is able to determine the person's identity. Based on the determined identity, the person may be allowed or denied entry to the property.

[0042] Additional novel features will be set forth in the description below, some of which may become apparent to those skilled in the art upon viewing the following and accompanying drawings, or may be learned by production or operation of the examples. The novel features of this teaching may be realized and obtained by practice or by using various aspects of the methods, means, and combinations thereof set forth in the detailed examples discussed below.

[0043] Appendix Figure 1 A conventional fingerprint reader based on existing technology is described. (Appendix) Figure 1 The image shows a typical suppressed total internal reflection (FTIR) optical fingerprint reader, comprising a prism 103 with a top surface 130 (forming a platform 140) for placing a finger 150, a lens with a lens-aperture 104, a CMOS (complementary metal-oxide-semiconductor) image sensor 105, and a "main illumination source" 101. All light rays incident from the platform 140 onto the lens-aperture 104 are at an angle greater than the critical angle of the glass-air or plastic-air interface, typically 42 degrees. This setup is a "dark field" because a black element 102 is present on or behind the rear surface of the prism 103. Therefore, when there is no object on the platform surface of the prism, the reader's imaging system captures a black background. This black element could be a black coating on the back of the prism or a black solid sheet behind the back of the prism. When a user touches the device with their finger 150, the ridges of the user's fingerprint make optical contact with the platform surface of the prism, and the skin of these ridges reflects and scatters light from the main illumination source 101, some of which may scatter towards the lens-aperture 104 element. Therefore, a bright image of the fingerprint ridges on a black background is electronically captured by the CMOS imaging sensor 105.

[0044] Appendix Figure 2 A biological reader according to one embodiment of this teaching is described. (Appendix) Figure 2 Biological readers and attachments Figure 1 The readers in the document are different. (See attached document.) Figure 2 As shown, the black element 202 on the back of prism 103 has an opening 203. An additional light source (hereinafter referred to as "spoofing detection light source 201") is located below the opening 203 to emit light through the opening and illuminate a portion of the central fingerprint area, relatively noticeable between the illuminated area 210 and the unilluminated area 220. The spoofing detection light source 201 may use a laser, lens, or shadow mask to create a sharp edge to the illuminated area. The spoofing detection light source 201 may include one or more LEDs (light-emitting diodes). Actual embodiments of this biometric reader may additionally include mirrors in the optical path to reduce device size.

[0045] The area 210 illuminated by the deception detection light source can be circular, rectangular, a series of dots or stripes, or any other similar shape. For example, a rectangular opening can be formed in the black paint on the back surface of the prism, allowing the deception detection light source 201 to illuminate a rectangular area near the center of the platform 140. When the deception detection light source 201 is on and the main illumination light source 101 is off, the auxiliary... Figure 2 The imaging system of the biometric reader shown can capture images with different characteristics depending on the object placed on the platform.

[0046] In one embodiment, the angle difference between the light illuminating region 210 from the deception detection light source 201 and the light illuminating imaging elements such as lens-aperture 104 from region 210 is at least 45 degrees.

[0047] When no object is placed on the platform, the image may be relatively dark, although some noise is typical in areas illuminated by the deception detection light source. (See attached image) Figure 3 As shown, when an organism's finger 350 is placed on the platen, the faint glow of the fingerprint ridge will extend to a certain distance, such as 1 millimeter, into the unlit area. (See attached image.) Figure 4 As shown, the light from opaque fake fingerprints (such as membrane fingers made of photocopying or latex, opaque rubber, opaque plastic, clay modeling compounds, etc.) does not extend much into the unlit area, such as 0-0.5 mm. (See attached image.) Figure 5 As shown, the luminous fingerprint ridges of typically transparent or semi-transparent fake fingerprints (such as finger models made of silicone, gelatin, etc.) extend quite far in unlit areas, such as 2 millimeters or longer.

[0048] When there is a latent fingerprint on the fingerprint plate, light generally does not diffuse from the illuminated area to the unilluminated area, regardless of whether the latent fingerprint has been dusted. When there is a latent fingerprint on the fingerprint plate and external light (such as a flashlight) is used to enhance the "dim light" of the latent fingerprint, there will be a significant light signal in the unilluminated area, but it will not have the size, shape, and rolling features of a real organic finger.

[0049] Understandably, the deception detection light source can be placed nearby. Figure 2 Other locations besides those shown. For example, the deception detection light source could be placed below the prism or stage window, or immediately adjacent to the prism's exit surface. (See attached image) Figure 6 A biometric reader according to one embodiment of this teaching is described, having a spoofing detection light source 201 located below a prism 103. (See attached image) Figure 7 A biometric reader according to one embodiment of this teaching is described, which is based on a different imaging technology and spoofs the detection light source 201 located below the window of the stage 140. The size, shape, and position of the illumination area can be hard-coded into software, programmed into the device or system during factory calibration, or determined automatically during use.

[0050] In one embodiment of this teaching, the biometric reader includes a single light source so that diffuse information and fingerprint information of an object on surface 130 can be captured synchronously with the single light source.

[0051] Although attached Figure 2 An FTIR fingerprint reader is demonstrated, and this teaching is equally applicable to non-FTIR fingerprint readers. This non-FTIR fingerprint reader can use localized internal reflection, also known as Fresnel reflection, or can directly observe the finger. Direct observation of the finger can be done through air (a non-contact method) or by placing the finger on a platform (which can be flat glass, a flat plastic, or a prism). It is also understood that this teaching applies to hand and face readers, where the imaging system directly observes the object rather than through an FTIR prism.

[0052] Appendix Figure 19-21 Describes the construction and attachment Figure 2 The devices described herein capture different sample images using substantially similar means. In terms of size, the total area of ​​each of these rectangular images is approximately 15.2 x 20.3 mm. In all these images, black represents the absence of light, and grayscale values ​​represent the presence and intensity of light diffused from the object placed on the platform into the imaging system. Software image processing can be used to correct the characteristic geometric distortions of this fingerprint reader in order to generate... Figure 19-21 The image shown is a geometrically correct rectangular image.

[0053] Appendix Figure 19 Image 1901 shows a real finger placed on a platen and illuminated by the main light source; this is a clear fingerprint image result. (Attached...) Figure 19-21In the other images, the main illumination source is off, and the deception detection source is on. For image 1902, the table is clean and untouched. Small reflected signals (C) are received from the opening in the black mask; these can be considered noise. For image 1903, there is some potential finger grease on the table, but no fingers or fake fingers are in contact with it. In addition to the small reflected signals (C) received from the opening in the black mask, there are some signals (D) scattered across the illuminated area of ​​the table. This can also be considered noise. For image 1904, white paper is laid across the entire table, with some liquid to enhance optical contact. The bright white area, part of the paper, receives and scatters light from the deception detection source, thus defining the "illuminated area." All non-white areas in this image can be considered "non-illuminated areas." In Figure 1905, because the paper on the table creates an "illuminated area," two new "non-illuminated areas" are defined for discussion: "Area A is adjacent to the illuminated area, and Area B is far from the illuminated area. In this example, Area A is relatively narrow while Area B is slightly wider, but areas of completely different shapes and sizes can be used in different embodiments. Figure 1906 and Appendix..." Figure 20-21 In other images, the positions of regions A and B are exactly the same as those defined in image 1905. In image 1906, a real finger is placed on a platen. It is clear that region A receives a moderately strong fingerprint signal, while region B receives little or no fingerprint signal. This combination of results is typical of a living finger and is difficult to replicate using deceptive materials.

[0054] Appendix Figure 20 Images of samples captured by an exemplary device according to this embodiment when an opaque object is placed on a platen are described. Image 2001 shows a fingerprint copy placed on a platen (with liquid to enhance optical contact). It is clear that there is little or no fingerprint image signal in area A or area B. This combination of results is typical of opaque deceptive materials. For image 2002, a pink rubber stamp of a fingerprint is placed on a platen. It is clear that there is little or no fingerprint image signal in area A or area B. This combination of results is very typical of opaque deceptive materials. For image 2003, a latex model of a fingerprint is placed on a platen. It is clear that there is little or no fingerprint image signal in area A or area B. This combination of results is typical of opaque deceptive materials. For image 2004, a fingerprint model made of modeling clay compound is placed on a platen. It is clear that there is little or no fingerprint image signal in area A or area B. This combination of results is typical of opaque deceptive materials.

[0055] Appendix Figure 21The images depict sample images captured by an exemplary device according to this embodiment when a transparent or translucent object is placed on a platform. For image 2101, a fingerprint model made of thick, transparent silicone is placed on the platform. It is clear that there is a lot of signal in region B. This result is typical of transparent or translucent deceptive materials. For image 2102, a fingerprint model made of thin, transparent silicone is placed on the platform. It is clear that there is a lot of signal in region B. This result is typical of transparent or translucent deceptive materials. For image 2013, a fingerprint model made of a transparent polymer rubber stamp is placed on the platform. It is clear that there is a lot of signal in region B. This result is typical of transparent or translucent deceptive materials.

[0056] A computational system can analyze the extent of light diffusion in unlit areas and determine whether the provided image is a real finger or a fake finger. The diffusion of light can be measured using a variety of different methods envisioned in this teaching.

[0057] The computing system can measure the distance of light extending into a non-illuminated area beyond an intensity threshold. For example, the distance to a 50% peak intensity point can be obtained by measuring one or more rays radiating outward from an "illuminated area." The computing system can also measure the rate of intensity decrease over distance. For example, the distance between a 50% peak intensity point and a 10% peak intensity point can be obtained by measuring one or more rays radiating outward from an "illuminated area." The computing system can define at least one non-illuminated area and measure the signal strength within that area. The computing system can also use combinations of the above.

[0058] Those skilled in the art will recognize that measurements of light diffusion can be made by comparison with a fixed value, such as a comparison based on a relative value. An example of a relative value is X percent of the peak intensity measured at another specific point or area. This relative measurement is more reliable and can compensate for variations in light source intensity, color, or reflectivity of different users' skin, as well as other real-world drift and error sources.

[0059] The peak value of this relative measurement can be the maximum value of a set of pixels, or optimally, the histogram value of the pixel group, such as 90% of the intensity of a set of pixels.

[0060] The peak values ​​for certain measurements of light diffusion are best measured in the region that includes the pixels in the "illuminated area". Finger oil on the platen can introduce noise in this region, adding error to the measurement. One way to reduce this error is to calculate the pixel value by multiplying the pixel value of the image when only the "spoof detection light source" is turned on with the same pixel value of the image when only the "main illumination light source" is turned on. Because the pixel values ​​in the image data under the "main illumination light source" are essentially zero at the fingerprint indentation, and the values ​​at the fingerprint ridge are very close to the high value range described in this embodiment, this multiplication operation can effectively eliminate noise at the fingerprint indentation and normalize the ridge values.

[0061] Although the term "indirectly illuminated area" is used here, this does not mean that there is zero light in the "indirectly illuminated area." In practical embodiments of this teaching, the "indirectly illuminated area" may also have a small amount of light due to light leakage or other design purposes. Furthermore, the "indirectly illuminated area" may contain substantial light with a wavelength or polarization different from the light from the "deception detection light source." In these cases, the light diffusion from the brighter "directly illuminated area" to the "indirectly illuminated area" through the finger is still measurable.

[0062] In addition to simply measuring light diffusion, the system disclosed in this invention can also measure the time-varying components, wavelength dependence, and pressure dependence of light diffusion.

[0063] To further enhance the accuracy of spoofing detection, multiple LEDs of different wavelengths, or LEDs like "white LEDs" that can emit multiple wavelengths, can be used. "White LEDs" can consist of blue-emitting LED chips with a second phosphor component, capable of emitting light across a wide visible light spectrum. Red and infrared light penetrate the human body deeper and farther than blue and green wavelengths and diffuse within it. The diffusion of these different wavelengths can be measured by the device and compared to a threshold, thus more accurately distinguishing between real and fake fingers.

[0064] When a finger is pressed against a surface, the color of the fingertip changes from pink to white ("whitening"). The time-varying and pressure-related changes in light diffusion from an illuminated area to an unilluminated area caused by the whitening of the skin can also be measured and compared with characteristic values ​​of a real finger.

[0065] When the main illumination source is turned off, the spoofing detection source can be illuminated to specifically capture an image for spoofing determination, completely separate from the main fingerprint image. This diffused image can be captured before or after the main fingerprint image is read. Alternatively, the spoofing detection image data can be acquired synchronously with the main fingerprint image. In this case, several methods can be employed to distinguish the optical signals of the spoofing detection source from those of the main illumination source. This can be achieved by using light of different wavelengths in the spoofing detection source and the main illumination source, or by analyzing the amplitude of the image signal near the boundary between the illuminated and unilluminated areas of the spoofing detection source.

[0066] In some cases, a biometric reader may incorrectly identify a genuine finger as a deception attempt. These cases include, but are not limited to: misplaced finger (too far from the center), or finger touched too quickly (producing very little or no data under one illumination method). To capture this, a correlation can be constructed between two images (one taken using a 'spoofing probe light source' and the other using a 'main illumination light source'). In the 'main illumination light source' image, the light intensity distribution at the boundaries of the 'illuminated area' is more uniform than under the 'spoofing light source'. In both illumination methods, the image data in the central region illuminated by the 'spoofing probe light source' should be substantially similar to the data in the fingerprint structure. If they are dissimilar, the finger may have been lifted too quickly. For the portion of the 'non-illuminated area' (caused by the spoofing probe light source) used for deception determination measurements (such as region A in images 1905-2103), there must be a strong fingerprint image in the image data taken under the 'main illumination light source'. Otherwise, the finger was either misplaced or moved, leading to an incorrect determination.

[0067] This instruction is applicable to optical fingerprint readers, as well as fingerprint readers employing capacitive, thermal, radio frequency, electric field, ultrasonic, or other fingerprint reading technologies, wherein transparent substrate components are used, including but not limited to TFT-on-glass, TFT-on-plastic, and TFT-on-flex circuits.

[0068] The term "transparent" is used herein to mean that the light used for the measurement is at least partially transparent to the wavelength of the light. The wavelength of the light can be infrared and / or ultraviolet and / or visible light.

[0069] Methods for reading light diffusion from a placed finger can be based on CMOS or CCD image sensors with an imaging system incorporating lenses. The method can also be constructed using TFT-on-glass, TFT-on-plastic, and TFT-on-flex technologies. This TFT technology can measure the fingerprint image optically using photodiodes, phototransistors, or photodetectors, or by using capacitive, radio frequency, or ultrasonic sensors integrated into an array. At least one light source and at least one photodetector element may be integrated into or located beneath the sensor array.

[0070] Appendix Figure 8 This is a high-level description of an exemplary system 800 for user identification and authorization according to embodiments of this teaching. (Appendix) Figure 8 In this example, system 800 includes a server 830, an anti-spoofing identification device 840, one or more authorization controllers 810, a user 850, and a network 820. Network 820 can be a single network or a combination of different networks. For example, network 820 can be a local area network (LAN), a wide area network (WAN), a public network, a private network, a dedicated network, a public switched telephone network (PSTN), the Internet, a wireless network, a virtual network, or any combination thereof. Network 820 can contain various network access points, such as base stations or wired or wireless access points like Internet switching points 820-1…820-2. The authorization controller 810 connects to network 820 through this access point to obtain authorization information.

[0071] The authorization controller 810 can be of different types, such as an authorization controller connected to a door 810-1, a car 810-2, a laptop 810-3, or a mobile device 810-4. A user 850 may want to enter a building through a door, enter a car, or access data on a laptop or mobile device. In each case, the user 850 needs to obtain access authorization from the corresponding authorization controller 810. Access authorization can be obtained by performing a user authentication procedure on an anti-spoofing identity verification device 840, which is directly connected to the authorization controller 810 via network 820 or, as shown in the figure.

[0072] The anti-fraud identity verification device 840 may also include an attachment Figure 2-7 This is part of the product described herein. The anti-spoofing identity verification device 840 can obtain biometric information such as fingerprints, diffuse images, or facial images of user 850. Based on the obtained biometric information, the anti-spoofing identity verification device 840 can identify user 850 independently or with the assistance of server 830.

[0073] In one embodiment, the anti-spoofing identification device 840 communicates with the server 830 via network 820 to identify the user 850. This might be applicable to a situation where a user wants to enter a company-related building with hundreds or thousands of employees and multiple office buildings. In this case, the user or employee data used for identification and authorization may be relatively large and change frequently. Therefore, providing this massive amount of data at each office building location may be impractical. Thus, the user / employee data used for identification and authorization can be stored in the server 830 and accessed by multiple anti-spoofing identification devices 840 associated with different office locations. For example, after the identification device 840 captures and generates a fingerprint image from the user 850's finger, the anti-spoofing identification device 840 can send the image to the server 830 via network 820. The server 830 can compare the fingerprint image with images in its database. The server 830 can then send the image comparison result back to the anti-spoofing identification device 840 for user identification or directly to the authorization controller 810 for user authorization.

[0074] In one embodiment, the anti-spoofing identity verification device 840 captures a diffused image from the user 850's finger when the anti-spoofing detection light source is turned on (as shown in the attached image). Figure 19-21 (Images 1905-2103 in the image). The anti-spoofing identification device 840 can determine the authenticity (organic) of the finger based on the diffusion of light in the unlit area of ​​the diffused image. The anti-spoofing identification device 840 can also obtain the comparison results of the fingerprint image with images in the database running in the server 830. Based on the spoofing check confirmation and fingerprint comparison results, the anti-spoofing identification device 840 can identify the user for the authorization controller 810, causing the controller to issue user authorization, or it can fail to identify the user for the authorization controller 810, causing the authorization controller 810 to refuse to grant authorization to the user. The reason for the refusal may be that the finger is identified as non-organic, or that there is no matching fingerprint in the database.

[0075] Appendix Figure 9 This is a high-level description of another exemplary system 900 for user identification and authorization according to one embodiment of this teaching. The exemplary system 900 in this example includes an authorization controller 910, an anti-spoofing identification device 940, and a user 950. In this example, the user 950 wishes to enter a building through a door controlled by the authorization controller 910. The anti-spoofing identification device 940 in this example is located near the door and can communicate directly with the authorization controller 910 without a network.

[0076] In this embodiment, the anti-spoofing identification device 940 may have inherent attributes for identifying user 950. This embodiment is applicable to situations where a user wishes to enter a specific building (such as a private residence) associated with a small group of people. In this case, the data used to identify and authorize access for users or employees is relatively small and fixed, and the user identification process does not require many resources. Therefore, a database containing user information can be implemented or provided locally at the anti-spoofing identification device 940. For example, after generating a fingerprint image, the anti-spoofing identification device 940 can compare the fingerprint image with images in its local database to obtain a matching result for user identification. Based on the comparison result and spoofing detection, the anti-spoofing identification device 940 can determine whether user 950 is authorized and issue authorization information to the authorization controller 910, granting or denying the user's access.

[0077] Appendix Figure 10 An example diagram is shown of an anti-spoofing identification module 1000 in a user identification / authentication system according to an embodiment of this teaching. The anti-spoofing identification module 1000 may be located in the attached... Figure 8 The anti-spoofing identity verification device 840 shown can also be placed in an attached... Figure 9 The anti-spoofing identity verification device 940 shown in this example includes an anti-spoofing authentication module 1000 comprising a controller 1002, a biometric detection light configuration unit 1012, a diffusion test light configuration unit 1014, a biometric image processing unit 1022, a diffusion tester 1024, a communication unit 1004, a pattern-based controller 1006, an identity association unit 1008, a database manager 1010, and an identification / confirmation module 1020.

[0078] In this example, controller 1002 receives information from detector 141, which can detect fingers placed on the platform of anti-spoofing identity recognition device 840 or 940. When a finger is detected, controller 1002 activates biometric detection light configuration unit 1012 and diffusion test light configuration unit 1014, thereby configuring first light source 101 and spoofing detection light source 201 (second light source) respectively. In one example, according to the configuration information, first light source 101 and spoofing detection light source 201 can emit light of the same wavelength at different time periods. In another example, first light source 101 and spoofing detection light source 201 can emit light of different wavelengths simultaneously.

[0079] In one embodiment, the controller 1002 may also control the image sensor 105 to sense light and collect images. In another embodiment, the image sensor 105 may automatically sense light and collect images without the control of the controller 1002. In any embodiment, the image sensor 105 may generate a biometric image (such as a fingerprint image, diffusion image, or face image) and send it to the biometric image processing unit 1022 for processing, while simultaneously generating a diffusion image and sending it to the diffusion tester 1024 for processing. From this point onward, fingerprint images will be used as an example to describe biometric images captured by the image sensor 105.

[0080] In this example, the biometric image processing unit 1022 receives and processes a fingerprint image from the image sensor 105 to generate a fingerprint template. The fingerprint image processing includes at least extracting detailed features from the fingerprint image and generating a fingerprint template based on the extracted features.

[0081] In this example, the diffusion tester 1024 receives a diffusion image from the image sensor 105 and processes the diffusion image based on the degree of light diffusion in the diffusion image to determine whether a finger is an organism. If the diffusion tester 1024 determines that the finger is not an organism, it generates a deception notification and sends it to the communication unit 1004, which directly notifies the authorization controller or user that the finger is not a real finger and access permission cannot be granted. The diffusion tester 1024 can also send a deception notification to the pattern-based controller 1006, which can then perform operations on the identity association unit 1008 and the identification / verification module 1020 based on the fact that the finger is not an organism. The diffusion tester 1024 can also extract features from the diffusion image of a known organism finger, so that the processed diffusion image with the extracted diffusion-related features can be used as an additional biometric image for personal identification.

[0082] In this example, the communication unit 1004 can communicate with an authorization controller, which can be authorization controller 910 or authorization controller 810. When a user attempts to obtain access controlled by the authorization controller, the authorization controller can send a user identification request to the anti-spoofing identification module 1000 through the communication unit 1004. In another scenario, when the system needs to collect biometric information from a known user or a user determined to have access rights controlled by the authorization controller, the authorization controller can send a biometric record request to the anti-spoofing identification module 1000 through the communication unit 1004.

[0083] In this example, the pattern-based controller 1006 receives a fingerprint template from the biometric image processing unit 1022 and a processed diffusion image from the diffusion tester 1024, and determines the operating or running mode of the anti-spoofing identification module 1000 based on a request received from the authorization controller via the communication unit 1004. In one example, if the request received from the authorization controller is a "user identification" request, the pattern-based controller 1006 will determine the operating or running mode directed to user identification. In this mode, the user's identity is unknown and needs to be determined based on the fingerprint template and the processed diffusion image. The pattern-based controller 1006 can then forward the fingerprint template and the processed diffusion image to the identification / verification module 1020 for user identification or verification.

[0084] In another example, if the request received from the authorization controller is a "biometric recording" request, the pattern-based controller 1006 will determine the working or operating mode for biometric recording. In this mode, the user's identity is known, but it is necessary to record user biometric information contained in a fingerprint template and / or a processed diffused image. The pattern-based controller 1006 can then forward the fingerprint template and the processed diffused image to the identity association unit 1008 for biometric information recording.

[0085] In this example, the identity association unit 1008 associates an identity with a template or image. For example, the user's identity (such as name, employee ID, etc.) is known, and the authorization controller requests to record the user's fingerprint and diffusion-related information. In this example, the identity association unit 1008 receives a fingerprint template and a processed diffusion image from the pattern-based controller 1006, and associates it with the user's identity if the diffusion tester 1024 determines that the finger is a genuine finger based on the processing of the diffusion image.

[0086] In this example, the database manager 1010 receives fingerprint templates and processed diffusion images associated with user identities from the identity association unit 1008 and stores them in the biometric database 1050 located in the anti-spoofing identification module 1000. The biometric database 1050 in this example contains biometric information associated with each user identity. The biometric information includes at least information from the fingerprint template and diffusion image. Fingerprint templates and diffusion images are stored in pairs in the biometric database 1050, with each pair corresponding to an identity. Therefore, each record in the biometric database contains the identity associated with the corresponding diffusion image generated from the same finger of the user with that identity and the corresponding fingerprint template. In one embodiment, when a clearer (e.g., higher resolution) version of the image associated with an existing identity appears, resulting in new biometric data, the database manager 1010 can update some of the biometric data in the biometric database 1050. After saving or updating the biometric data, the database manager 1010 can send a response to the authorization controller via the communication unit 1004, informing that the biometric information has been recorded and / or updated. Understandably, in some embodiments, the fingerprint template is stored in one database, while the diffusion image is stored in another database.

[0087] In this example, the identification / verification module 1020 identifies or verifies an individual based on a fingerprint template received from the pattern-based controller 1006 and a processed diffusion image. In one example, when a user wants to enter a building controlled by an authorized controller, he / she can directly place his / her finger on the surface of the device including the anti-spoofing identification module 1000 without providing other identification information. The identification / verification module 1020 then identifies the user based on the fingerprint template and the processed diffusion image. In another example, when a user wants to enter a building controlled by an authorized controller, he / she can provide other identity-related information by entering his / her name or scanning identification information on a badge before placing his / her finger on the surface of the device including the anti-spoofing identification module 1000. The identification / verification module 1020 then verifies whether the user truly belongs to the username based on the fingerprint template and the processed diffusion image.

[0088] When the identification / verification module 1020 needs to perform user identification, it compares the fingerprint templates and diffusion images received at the pattern-based controller 1006 and stored in the biometric database 1050, respectively. Since there is no other information about the user's identity, the comparison order can be determined based on the access frequency associated with each identity. For example, if the first identity in the biometric database 1050 accesses more frequently than the second identity in the database, the first identity should be checked before the second. Accordingly, the fingerprint templates and processed diffusion images are first compared with the fingerprint templates and processed diffusion images associated with the first identity, and then compared with the fingerprint templates and processed diffusion images associated with the second identity. The comparison result can be determined based on a specific threshold associated with a confidence value. When the confidence value is higher than the threshold, the identity is determined. The confidence value can be any real number or percentage representing the degree of matching between two templates or two images.

[0089] In one embodiment, the identification / authentication module 1020 can identify a person solely based on a processed diffuse image received from the pattern-based controller 1006. In this example, there is no need to collect fingerprints from a finger.

[0090] After identifying a user, the identification / verification module 1020 can send a response to the authorization controller via the communication unit 1004 to inform the authorization controller of the user's identity and whether the user should be authorized. In one embodiment, the identification / verification module 1020 only informs the authorization controller of the user's identity and the corresponding confidence value; the authorization controller will determine whether the user should be authorized on its own.

[0091] When the identification / verification module 1020 needs to verify a user, it compares the fingerprint template and diffused image received from the module-based controller 1006 and stored in the biometric database 1050, which are associated with the user's provided identity (information) such as their name. The comparison result can be determined based on a threshold related to a confidence value. When the confidence value is higher than the threshold, the identity is verified. The confidence value can be any real number or percentage representing the degree of matching between two templates or two images. After user identity verification, the identification / verification module 1020 can send a response to the authorization controller via the communication unit 1004 to inform that the user's identity has been verified and whether the user should be authorized.

[0092] Appendix Figure 11 This is a flowchart of an exemplary process for user identification with spoofing detection according to embodiments of this teaching. In one example, when a user identification request is received from the authorization controller, it includes attached... Figure 10 An exemplary device of the anti-spoofing identification module 1000 shown can perform attached... Figure 11The exemplary process is as follows. Starting at 1102, an object is detected placed on the surface of the device. The process then splits into two branches, which are performed separately.

[0093] The first branch is used for the collection and processing of biometric information. At 1110, a first light source is configured to collect biometric features, such as fingerprints. At 1112, the first light source emits a first ray of light according to this configuration. At 1116, a biometric image is obtained based on the sensed light. At 1118, the biometric image is processed to generate a biometric template. The process then proceeds to 1119.

[0094] The second branch involves the collection and processing of the diffuse image. At 1120, a second light source is set up for collecting the diffuse image. At 1122, the second light source emits a second ray according to this setting. At 1126, a diffuse image or diffusion-related information is obtained based on the sensed ray. At 1128, the diffuse image is processed to determine whether the object is an organic part. If at 1129 it is determined that the object is not an organic part, the process proceeds to 1130, transmitting a response regarding the object, such as a possible notification of a deception attack. If at 1129 it is determined that the object is an organic part, the process proceeds to 1119.

[0095] At step 1119, the system determines whether the current operation is for identity association or user identification. If it is determined to be for identity association, the process proceeds to step 1140, where the identity is associated with biometric and diffusion information. The associated information is then stored in the database at step 1142. At step 1144, a response regarding the stored information is transmitted.

[0096] If user identification is determined, the process proceeds to step 1150, where the identity associated with the object is determined. The identification performed at 1150 can be based on a processed fingerprint image, a processed diffuse image, or both. At 1152, a response regarding the determined identity is sent, for example, to an authorization controller interested in the person's identity.

[0097] Appendix Figure 12 An example diagram of a diffusion tester 1024 according to an embodiment of the present teachings is described. As shown in Figure 12, the diffusion tester 1024 in this example includes a diffusion-based image normalizer 1202, a diffusion-based brightness measurement unit 1204, a diffusion-related feature extractor 1206, a diffusion-related threshold selector 1208, a diffusion-based determiner 1210, a diffusion-related threshold 1207, a diffusion information generator 1220, and a deception notification generator 1222.

[0098] In this example, the diffusion-based image normalizer 1202 receives data such as... Figure 19-21The images 1905-2103, etc., are diffusion-based images, and the geometric features (shape, size, etc.) of the diffusion-based images are normalized. This helps to achieve more accurate deception detection determination based on a predetermined threshold, since geometric features may affect the diffusion value.

[0099] The diffusion-based luminance measurement unit 1204 in this example is capable of measuring the diffusion of light in an image to unlit areas. As described above, the diffusion measurement can be based on different information in the luminance distribution within the unlit areas. For example, this information can include at least one of the following (data): the distance from the illuminated area to a point in the unlit area where the light has a certain intensity; the distance from a first point where the light has a peak intensity to a second point in the unlit area where the light luminance is a certain percentage of the peak intensity; the distance from a first point where the light intensity is a first percentage of the peak intensity to a second point where the light intensity is a second percentage of the peak intensity; the rate of change of light intensity from the illuminated area to the unlit area; and the light intensity within a predetermined area in the unlit area.

[0100] The diffusion-related feature extractor 1206 in this example can extract diffusion-related features from an image. For example, the features can include some properties of the diffusion image, thereby distinguishing different diffusion images from a real finger (e.g., attached) based on their respective extracted features. Figure 19 Image 1906).

[0101] In this example, the diffusion-related threshold selector 1208 can select one or more diffusion-related thresholds for spoofing detection. For example, attached... Figure 19 Regions A and B in the diagram are two diffusion-related thresholds selected for deception detection. It is understood that the diffusion-related thresholds can be a line or regions of different shapes, such as rectangles or circles.

[0102] Based on the diffusion-related threshold and the brightness distribution of the diffusion image, the diffusion-based determiner 1210 can determine whether an object is an organic part. As mentioned above, the diffusion information of the diffusion image of non-organic materials differs from the diffusion information of the diffusion image of organic parts.

[0103] If the diffusion-based determiner 1210 determines that the object is an organic part, the diffusion information generator 1220 can generate and send diffusion-related information for identity association or user identification. If the diffusion-based determiner 1210 determines that the object is not an organic part, the deception notification generator 1222 can generate and send a deception notification, informing the user of a deception attack or that the object placed on the platform is not an organic part.

[0104] Appendix Figure 13This is a flowchart of an exemplary process for a diffusion tester according to an embodiment of this teaching. The geometric features of the diffusion-based image are normalized at 1302. The diffusion of light into unlit areas is measured at 1304. At 1306, diffusion-related features are extracted from the image. The process proceeds to 1310.

[0105] At 1308, select one or more diffusion-related thresholds. The process proceeds to 1310. At 1310, determine whether the object is an organic part based on the measured diffusion and diffusion-related thresholds. If the object is determined to be an organic part at 1311, diffusion-related information is generated and sent at 1320. If the object is determined not to be an organic part at 1311, a deception notification is generated and sent at 1330.

[0106] Appendix Figure 14 This is an example diagram of an identification / verification module 1020 in a user identification system according to an embodiment of this teaching. In one embodiment, the identification / verification module 1020 may be located in an attached... Figure 10 The anti-spoofing identification module 1000 is included in this example. The identification / confirmation module 1020 in this example includes a biometric template retrieval unit 1402, a biometric matching unit 1404, a diffusion image retrieval unit 1412, a diffusion-based matching unit 1414, a matching model 1421, and an identity determiner 1420.

[0107] In this example, the biometric matching unit 1404 receives a biometric template, such as a fingerprint template, and some related information from the pattern-based controller 1006. The related information may include whether the operation is for user identification without a known identity or for user confirmation with a provided identity. The biometric matching unit 1404 may then instruct the biometric template retrieval unit 1402 to retrieve one or more fingerprint templates from the biometric database 1050.

[0108] Based on instructions received from the biometric matching unit 1404, the biometric template retriever 1402 in this example retrieves one or more fingerprint templates from the biometric database 1050. In one example, the identification / verification module 1020 is used for user identification. In another example, the identification / verification module 1020 is used for user verification using an identity provided by the user.

[0109] The biometric matching unit 1404 compares the fingerprint templates received from the pattern-based controller 1006 with each retrieved fingerprint template, generating a comparison result with a confidence value. This confidence value displays the similarity between the fingerprint template and the retrieved identity-associated fingerprint template. In one instance, the confidence value is generated based on a matching score representing the similarity between two templates. The confidence value can be any real number or percentage representing the degree of matching between the two fingerprint templates. When an identity-associated fingerprint template matches a received fingerprint template with a confidence value greater than a predetermined threshold, the identity can be determined. The biometric matching unit 1404 sends the comparison result to the identity determiner 1420 for identity verification.

[0110] In this example, the identity determiner 1420 determines identity based on a comparison result according to one of the matching models 1421 stored in the recognition / verification module 1020. Each matching model 1421 can determine one way in which identity is determined. According to one matching model, when the finger is identified as a genuine finger, the identity determiner 1420 can determine identity based on the fingerprint template. According to another matching model, when the finger is identified as a genuine finger, the identity determiner 1420 can determine identity based on the diffusion features of the fingerprint template and the diffusion image of the same finger. In this case, the identity determiner 1420 can notify the diffusion image retrieval unit 1412 at 1414 to retrieve the diffusion image matching expansion image.

[0111] In this example, the diffusion image-based matching unit 1414 receives a processed diffusion image and some relevant information from the pattern-based controller 1006. This relevant information may include whether the operation is for user identification without a known identity or for user verification with a provided identity. The diffusion image-based matching unit 1414 can then instruct the diffusion image retrieval unit 1412 to retrieve one or more diffusion images from the biometric database 1050.

[0112] Based on instructions received from the diffusion image-based matching unit 1414, the diffusion image retrieval unit 1412 in this example retrieves one or more diffusion images from the biometric database 1050. The diffusion image-based matching unit 1414 compares each retrieved diffusion image with the processed diffusion image received from the pattern-based controller 1006, generating a comparison result with a confidence value. This confidence value displays the similarity between the processed diffusion image and the retrieved, identity-associated diffusion image. The confidence value can represent any real number or percentage representing the match degree between two diffusion images. The diffusion image-based matching unit 1414 sends the comparison result to the identity determiner 1420 for identity verification.

[0113] In one embodiment, the biometric template retriever 1402 and the diffusion image retriever 1412 can communicate and cooperate with each other to retrieve a pair of fingerprint templates and diffusion images associated with an identity, respectively.

[0114] Based on a matching model 1421 stored in the identification / verification module 1020, the identity determiner 1420 in this example determines identity based on the comparison results of the biometric matching unit 1404 and the diffusion image-based matching unit 1414.

[0115] According to the first embodiment, if the processed diffusion image matches the diffusion image associated with a known identity in the database, and the fingerprint template matches the fingerprint template associated with the same known identity in the database, the individual's identity is determined to be a known identity.

[0116] According to the second embodiment, if the processed diffusion image matches a diffusion image associated with a known identity in the database, or if the fingerprint template matches a fingerprint template associated with the same known identity in the database, the individual's identity is determined to be a known identity.

[0117] According to the third embodiment, an individual is first identified as having the identity with the highest fingerprint confidence value. If multiple identities with the same highest fingerprint confidence value exist, the individual is then identified as having the identity with the highest diffusion image confidence value among the multiple identities.

[0118] According to the fourth embodiment, an individual is first identified as the one with the highest confidence value in the diffused image. If multiple identities have the same highest confidence value in the diffused image, the individual is identified as the one with the highest fingerprint confidence value among the multiple identities.

[0119] For any matching model in any embodiment, if multiple identities exist with the same two confidence values, the identity determiner 1420 may report multiple identities together. In this case, the system will instruct the user to place their finger again or place another finger for identification.

[0120] Next, the identity determiner 1420 sends the matching result to the authorization controller. This matching result may include the confirmed identity and associated confidence value. In one embodiment, the matching result may include a decision on whether the individual can be authorized.

[0121] Appendix Figure 15 Examples of embodiments based on this teaching are attached. Figure 14The flowchart illustrates an exemplary process for the identification / verification execution of the identification / verification module 1020. At 1502, detected biometric information, such as a fingerprint template, is received. At 1504, a biometric template is retrieved from a database. At 1506, the detected biometric (information) is matched against the retrieved biometric template. At 1508, the identification / verification module 1020 attempts to determine one or more identities based on a biometric match confidence value. At 1509, if no identity is found based on the biometric match, the process proceeds to 1530 to determine that the individual's identity cannot be identified. At 1509, if an identity is found based on the biometric match, the process proceeds to 1511 to determine whether a diffusion-based match is necessary.

[0122] If it is determined at step 1511 that diffusion-based matching is not required, the process proceeds to step 1520, where biometric matching is used to identify the person using the discovered identity. If it is determined at step 1511 that diffusion-based matching is required, the process proceeds to step 1512. This may occur when the system requires a higher level of security.

[0123] At step 1512, retrieve diffusion-related features, such as diffusion degree, from the database for the discovered identity. At step 1514, receive diffusion-related information from the same object, such as acquiring a diffusion image of the same finger when the deception detection light source is on and the main illumination light source is off. At step 1516, generate diffusion features, such as diffusion degree, from the received diffusion image. At step 1518, compare the generated features with the retrieved diffusion features. At step 1519, determine if there is a diffusion feature match. If so, the process proceeds to step 1520, where the individual is identified using the discovered identity based on biometric matching and diffusion-based matching. If no diffusion feature match is determined at step 1519, the process proceeds to step 1530, where it is determined that the individual's identity cannot be identified.

[0124] Appendix Figure 16 A general mobile device architecture for implementing this teaching is depicted. In one example, an authorization controller 810-4 controls access to a mobile device 1600, which includes, but is not limited to, smartphones, tablets, music players, game consoles with controllers, and GPS receivers. The mobile device 1600 in this example includes one or more central processing units (CPUs) 1602, one or more graphics processing units (GPUs) 1604, a display 1606, memory 1608, and a communication platform 1610 such as a wireless communication module, memory 1612, and one or more input / output (I / O) devices 1614. Any other suitable components, such as, but not limited to, a system bus or controller (not shown), may also be included in the mobile device 1600. See attached... Figure 16As shown, a mobile operating system 1616 (such as iOS, Android, Windows Phone, etc.) and one or more applications 1618 can be loaded from storage 1612 into memory 1608 for execution by CPU 1602. Application 1618 may include a web browser or any other suitable mobile search application. The execution of application 1618 enables mobile device 1400 to perform some of the processes described above.

[0125] In another example, the anti-spoofing identity verification device 1640 according to several embodiments of this teaching can be integrated into the mobile device 1600. The anti-spoofing identity verification device 1640 may include an accessory... Figure 10 The anti-spoofing identity recognition module 1000 shown performs spoofing detection. In this example, by placing a finger on the identity recognition device 1640 on the mobile device 1600, the user's identity can be determined or confirmed. The user identification in this example can be used for a user to gain access to the mobile device 1600 or other devices that can communicate with the mobile device 1600 (such as a car or door controller).

[0126] To implement this teaching, a computer hardware platform may be used as the hardware platform for one or more elements described herein. The hardware elements, operating system, and programming language of this computer are conventional in nature, and it is assumed that those skilled in the art will be adept at using these techniques to implement the processes described herein. A computer with user interface elements may be used to run a personal computer (PC) or other type of workstation or terminal device, but with proper programming, the computer may also be used as a server. It is assured that those skilled in the art are familiar with the structure, programs, and general operation of this computer device, and therefore the accompanying drawings should be self-evident.

[0127] Appendix Figure 17 A general-purpose computer architecture for implementing this teaching is depicted, including a functional block diagram of a computer hardware platform incorporating the user interface elements. The computer can be a general-purpose computer or a special-purpose computer. Computer 1700 can be used to implement any component of the user identification architecture described herein. (See attached diagram) Figure 2-15 Different components of the described system can be implemented on one or more computers, such as computer 1700, through their hardware, software programs, firmware, or a combination thereof. Although only one computer is shown in the accompanying drawings, for convenience, the computer functions related to user identification can be implemented in a distributed manner on multiple similar platforms to distribute the processing load.

[0128] For example, computer 1700 includes a COM port 1702 connected to and from a connected network for facilitating data communication. Computer 1700 also includes one or more CPUs 1704 in the form of processors for executing program instructions. An exemplary computer platform includes an internal communication bus 1706, various forms of program and data memory, such as a disk 1708, read-only memory (ROM) 1710, or random access memory (RAM) 1712, for the computer to process and / or communicate various data files, and for the CPU 1704 to execute possible program instructions. Computer 1700 also includes an I / O component 1714 that supports data input / output between the computer and other components, such as user interface elements 1716. Computer 1700 can also receive programming and data via network communication.

[0129] Therefore, the various aspects of the user identification methods listed above, as described above, can be embodied in programming. The programmatic aspect of this technology can be considered a "product" or "artifact," typically in the form of executable code and / or associated data, which is stored or embodied in a machine-readable medium. Tangible, non-transient "storage" media include any or all memory or other storage of a computer, processor, or similar or related modules (such as various semiconductor memories, tape drives, hard disk drives, etc.), which can provide storage for software programming at any time.

[0130] Software, in whole or in part, can sometimes communicate via networks such as the Internet or various other telecommunications networks. For example, this communication can load software from one computer or processor to another. Therefore, other types of media that can carry software elements include light waves, radio waves, and electromagnetic waves, such as across physical interfaces between local devices, through wired and optical fixed-line networks, and over various air links. Physical elements carrying these waves, such as wired or wireless links, optical links, etc., can also be considered as media carrying the software. As used herein, terms such as "readable medium" for a computer or machine, unless limited to tangible "storage" media, refer to any medium that participates in providing instructions to a processor for execution.

[0131] Therefore, machine-readable media can take many forms, including but not limited to tangible storage media, carrier wave media, or physical transmission media. For example, non-volatile storage media include optical discs or disks, such as any storage device in a computer or similar device that can be used to run the system shown in the attached diagram or any of its components. Volatile storage media include dynamic memory, such as the main memory of the computer platform. Tangible transmission media include coaxial cables, copper wires, and optical fibers (including wires forming a bus within a computer system). Carrier transmission media can be in the form of electrical or electromagnetic signals, or sound or light waves generated in radio frequency (RF) and infrared (IR) data communications. Therefore, for example, general forms of computer-readable media may include: a hard disk, a CD-ROM, DVD, or DVD-ROM, any other optical media, flash memory or other memory chips, a carrier wave for transmitting data or instructions, a cable or link for transmitting that carrier wave, or any other medium from which a computer can read programming code and / or data. Many of these forms of computer-readable media may involve carrying one or more sequences of instructions to a processor for execution.

[0132] Appendix Figure 18 An exemplary manner of implementing one of the present teachings on a general-purpose computer is described. In this example, an anti-spoofing identity verification device 1840 according to several embodiments of the present teachings can be integrated into a laptop computer 1800. In this example, placing a finger on the anti-spoofing identity verification device 1840 in the laptop computer 1800 with spoofing detection capabilities can determine or verify the user's identity. User identification in this example can be used for a user to obtain access to the laptop computer 1800 or other devices capable of communicating with the laptop computer 1800 (such as a car or door controller).

[0133] Those skilled in the art will recognize that this teaching can be modified and / or improved in various ways. For example, while the implementation of the various components described above can be embodied in a hardware device, it can also be implemented simply as a software solution, such as being installed on an existing server. Furthermore, the host unit and client node disclosed herein can be implemented as firmware, a firmware / software combination, a firmware / hardware combination, or a hardware / firmware / software combination.

[0134] While the foregoing has described what is considered the best model and / or other examples, it is understood that various modifications can be made and the subject matter disclosed herein can be implemented in many forms and examples, and this teaching is applicable to many applications, of which only a portion are illustrated herein. The applicant claims rights against any and all applications, modifications, and variations falling within the true scope of this teaching through the following claims.

Claims

1. An apparatus for verifying a person based on biometric recognition, characterized by, include: Surface in which the object is not in contact with the device; A light source is configured to provide light to illuminate an illuminated area of ​​the surface, wherein the object diffuses the light illuminating the illuminated area to a non-illuminated area of ​​the surface; A brightness measurement unit, which is not in contact with the object, is configured to measure the degree of light diffusion into the non-illuminated area; as well as A determiner is configured to determine whether the object is an organic part based on the degree of diffusion.

2. The device according to claim 1, characterized in that, The object includes one of the fingers, face, or palm.

3. The device according to claim 1, characterized in that, The light illuminating the illuminated area includes at least one of infrared light, laser light, visible light, and white light.

4. The device according to claim 1, characterized in that, The light illuminating the illuminated area comprises one or more small illumination points.

5. The device according to claim 1, characterized in that, The device further includes a threshold selector configured to select one or more thresholds based on a predetermined brightness distribution caused by an organism part, wherein the organism part diffuses light illuminating the illuminated area into the unilluminated area, and wherein the determiner is configured to determine whether the object is an organism part by comparing information associated with the degree of diffusion to the one or more thresholds.

6. The device of claim 5, wherein the degree of diffusion includes at least one of the following: The distance from the illuminated area to a point in the unilluminated area, at which the light has a specific intensity; The distance from a first point where the light has peak intensity to a second point in a non-illuminated region where the light intensity is a certain percentage of the peak intensity; The distance from a first point where the light intensity is a first percentage of the peak intensity, to a second point where the light intensity is a second percentage of the peak intensity: The ratio of the change in light intensity to the distance between the illuminated area and the unilluminated area; as well as The intensity of light within a predetermined area in the non-illuminated region.

7. The device according to claim 1, characterized in that, It further includes a second light source configured to provide light to aid in forming a biometric image of the object, wherein the light provided by the second light source has a wavelength different from that provided by the light source.

8. The device according to claim 1, characterized in that, It further includes a sensor configured to capture a first image and a second image. The first image is formed by light diffused from the illuminated area of ​​the object to the unilluminated area of ​​the object; The second image is formed by the remaining light in the unlit areas of the object when the light source is set to different intensities, including zero intensity. The brightness measurement unit is configured to measure the brightness distribution in the non-illuminated area of ​​the object based on the first image and the second image.

9. The device according to claim 8, characterized in that, It further includes a feature extractor for extracting at least one feature from the first image and / or the second image, wherein the at least one feature includes the light intensity, shape, size, or position of the image.

10. The device according to claim 1, characterized in that, The brightness measurement unit is further configured to measure the brightness distribution in the non-illuminated area of ​​the object at different time points.

11. The device according to claim 1, characterized in that, Further includes: A biometric image processing unit is configured to acquire a biometric image of the object; as well as An identity determiner is configured to identify a person based on the biometric image of the object and the determination result.

12. A method for verifying a person based on biometrics, characterized in that, include: When the presence of an object is sensed on the surface of a device that verifies a person based on biometrics, wherein the object is not in contact with the device; Provides an illuminated area on a surface, wherein the object diffuses light illuminating the illuminated area to non-illuminated areas of the surface; Measure the extent to which light diffuses into unlit areas; as well as Based on the degree of diffusion, it is determined whether the object is a part of an organism.

13. The method according to claim 12, characterized in that, The object includes one of the fingers, face, or palm.

14. The method according to claim 12, characterized in that, The light illuminating the illuminated area includes at least one of infrared light, laser light, visible light, and white light.

15. The method according to claim 12, characterized in that, The light illuminating the illuminated area comprises one or more small illumination points.

16. The method according to claim 12, characterized in that, Further, it includes selecting one or more thresholds based on a predetermined brightness distribution caused by an organism part, wherein the organism part diffuses light illuminating the illuminated area into the unilluminated area, wherein determining whether an object is an organism part is done by comparing information associated with the degree of diffusion to the one or more thresholds.

17. The method of claim 16, wherein the degree of diffusion comprises at least one of the following: The distance from the illuminated area to a point in the unilluminated area, at which the light has a specific intensity; The distance from a first point where the light has peak intensity to a second point in a non-illuminated region where the light intensity is a certain percentage of the peak intensity; The distance from a first point where the light intensity is a first percentage of the peak intensity, to a second point where the light intensity is a second percentage of the peak intensity: The ratio of the change in light intensity to the distance between the illuminated area and the unilluminated area; as well as The intensity of light within a predetermined area in the non-illuminated region.

18. The method according to claim 12, characterized in that, The method further includes providing light via a second light source to aid in forming a biometric image of the object, wherein the light provided by the second light source has a different wavelength than the light provided by the light source.

19. The method according to claim 12, characterized in that, Further includes: Capture the first and second images. The first image is formed by light diffused from the illuminated area of ​​the object to the unilluminated area of ​​the object; The second image is formed by the remaining light in the unlit areas of the object when the light source is set to different intensities, including zero intensity. Based on the first image and the second image, the brightness distribution in the non-illuminated area of ​​the object is measured.

20. The method according to claim 12, characterized in that, The brightness distribution in the non-illuminated area of ​​the object was measured at different time points.

21. The method according to claim 12, characterized in that, Further includes: Acquire a biometric image of the object; as well as A person is identified based on the biometric image of the object and the determination result.

22. The method according to claim 21, characterized in that, Further includes extracting at least one feature from the first image and / or the second image, wherein the at least one feature includes the light intensity, shape, size, or position of the image.