Biometric enrollment process.
The biometric enrollment method streamlines the account creation process by allowing initial setup on a mobile device and finalizing at a biometric terminal, reducing in-store time and ensuring secure dual authentication.
Patent Information
- Authority / Receiving Office
- FR · FR
- Patent Type
- Applications
- Current Assignee / Owner
- BANKS & ACQUIRERS INT HLDG SAS
- Filing Date
- 2024-12-18
- Publication Date
- 2026-06-19
AI Technical Summary
Existing biometric enrollment methods require users to spend time creating accounts and registering multiple biometric data points in-store, which is cumbersome and time-consuming.
A biometric enrollment method that allows users to create a provisional account on their mobile device using personal data and a first biometric trait, followed by finalizing the account at a biometric terminal using proximity communication and biometric authentication, with the option to enroll a second, more secure biometric trait later.
Significantly reduces in-store enrollment time while maintaining security by allowing initial account creation on a mobile device and finalizing with secure biometric verification, enabling dual biometric authentication for maximum security.
Smart Images

Figure 00000000_0000_ABST
Abstract
Description
Title of the invention: Biometric enrollment method.
[0001] GENERAL TECHNICAL FIELD
[0002] The present invention relates to the field of authentication / identification. In particular, it concerns a biometric enrollment method, notably for the identification of an individual, particularly for the implementation of a transaction.
[0003] STATE OF THE ART
[0004] Traditionally, merchants have an electronic payment terminal (POS) on which payment can be made using a bank card, where appropriate after entering a PIN code.
[0005] Recently, fully biometric POS terminals have been proposed on which there is no longer any need to present a bank card: the user is identified by presenting their biometric feature directly on the POS terminal (equipped with a suitable sensor), and a dematerialized (tokenized) card is associated with their identity, which is used for payment.
[0006] To achieve maximum security, it was specifically chosen to use palm venous biometry, i.e., mapping the vascular patterns of the palm of the hand. The principle is as follows: 1. Enrollment: Customers register their palm veins and link them to their in-store payment methods. 2. Acquisition: During checkout, customers place their hand over a sensor integrated into the payment terminal. This sensor uses near-infrared light to capture the unique patterns of veins under the skin. 3. Verification: The captured vein pattern (candidate biometric data) is compared to reference biometric data associated with each already enrolled user. 4. Payment processing: In the event of a successful match, the payment is processed using the linked card information.
[0007] Generally, in biometric authentication, several biometrics, called "modalities," are used in order to increase security and, above all, to still allow the user to pay in case of technical difficulties with a biometric. Modalities can be ranked according to their level of security.
[0008] Thus, venous biometrics is typically rank 1, and a "visual" palm biometric, based simply on the shape of the palm and the lines of the hand, i.e., without the venous network, is generally added as rank 2, in a manner similar to facial recognition. This is referred to as a "palmar print." the image of the palm under visible light and a "vein print" to designate the venous pattern of the palm under infrared light.
[0009] Indeed, it is possible in a single acquisition of the palm of the hand to obtain the palmar impression and the venous impression by simply increasing the width of the spectrum.
[0010] And if the system fails to identify the user on the basis of his vein pattern for any reason, it attempts to do so on the basis of the palm print so as not to block the payment.
[0011] This method is entirely satisfactory, but enrollment could be improved, particularly if there are multiple options. Indeed, in-store, the user must spend time creating an account, entering the associated information, and registering a reference biometric data point for each option.
[0012] The present invention improves the situation. PRESENTATION OF THE INVENTION
[0013] The present invention therefore relates, in a first aspect, to a method for the biometric enrollment of an individual for the purpose of identifying said individual in a system, characterized in that it comprises the implementation of the following steps: a. Creation of an account of said individual on a mobile terminal of said individual, comprising a sub-step (a1) of recording at least one personal data, and a sub-step (a2) of recording a first biometric reference data acquired on a first biometric trait of the individual with a first sensor of said mobile terminal; b. Transmission of a request to finalize said account containing a unique identifier of said account from the mobile terminal to a biometric terminal of said system; c. Authentication of said individual by comparing a first candidate biometric data acquired on said first biometric trait of the individual with a first sensor of the biometric terminal, with the first reference biometric data of the account associated with said unique identifier transmitted; d. Validation of said individual's account.
[0014] According to advantageous and non-limiting features:
[0015] Said system further includes at least one server comprising data storage means storing an account database, the server being connected to the mobile terminal by a network, said at least one personal data and first biometric reference data being transmitted to said server for registration in the account database.
[0016] Step (c) includes obtaining said first biometric reference data in said account database based on said unique identifier transmitted.
[0017] Said request to finalize said account is transmitted to step (b) via a proximity communication channel, in particular an optical channel or a near field radio channel.
[0018] The method includes a step (e) of recording a second biometric reference data acquired on a second biometric trait of the individual, different from the first biometric trait, with a second sensor of the biometric terminal.
[0019] Step (c) includes the simultaneous acquisition of said first candidate biometric data and the second reference biometric data, on the biometric terminal.
[0020] Said first sensor and second sensor of the biometric terminal are confused.
[0021] Said mobile terminal does not include a sensor capable of acquiring biometric data on said second biometric trait of the individual.
[0022] Said first biometric feature is a palm print and second biometric feature is a vein print.
[0023] Said substep (al) further includes the registration of a means of payment of said individual, said account being for biometric payment in said system by means of said means of payment; said biometric terminal being preferably an electronic payment terminal.
[0024] According to a second aspect, the invention proposes a method for identifying an individual in a system, characterized in that it comprises, following the implementation of the method according to the first aspect of biometric enrollment of said individual, a step (f) of identifying said individual by comparing a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor of the biometric terminal with a plurality of first biometric reference data of accounts; and / or by comparing a second candidate biometric data acquired on a second biometric trait of the individual, different from the first biometric trait, with a second sensor of the biometric terminal, with a plurality of second biometric reference data of accounts.
[0025] According to advantageous and non-limiting features:
[0026] Step (f) of identifying said individual includes comparing the second candidate biometric data acquired on said second biometric trait of the individual with the second sensor of the biometric terminal with the plurality of second reference biometric data from accounts, and then if no second reference biometric data coincides with the second candidate biometric data, comparing the first candidate biometric data acquired on said first biometric trait of the individual with the first sensor of the biometric terminal with a plurality of first biometric reference data of accounts.
[0027] Step (e) is implemented in step (f) using the second candidate biometric data as the second reference biometric data.
[0028] Step (f) includes the simultaneous acquisition of said first candidate biometric data and the second candidate data, on the biometric terminal.
[0029] According to a third aspect, the invention proposes a method for carrying out a transaction by an individual, on a biometric terminal of a system, said biometric terminal being an electronic payment terminal, characterized in that it comprises, following the implementation of the method according to the second aspect of identifying said individual in the system, the implementation of a step (g) of using said biometric terminal the data of a means of payment of the individual associated with the individual's account for the implementation of the transaction.
[0030] According to a fourth aspect, the invention relates to a biometric terminal of a system, comprising a first sensor, characterized in that it comprises data processing means configured to, when an individual's account is created on a mobile terminal of said individual, with recording of at least one personal data and a first reference biometric data acquired on a first biometric trait of the individual with a first sensor of said mobile terminal: - Receive a request to finalize said account containing a unique identifier of said account from the mobile terminal; - Authenticate said individual by comparing a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor, with the first reference biometric data of the account associated with said unique identifier transmitted; - Validate the said individual's account.
[0031] According to a fifth aspect, the invention relates to an assembly of the biometric terminal according to the fourth aspect and said mobile terminal comprising a sensor, the mobile terminal comprising data processing means configured to, when creating the account of said individual on the mobile terminal: - Acquire initial biometric reference data on a first biometric trait of the individual with the first sensor; - record at least the said personal data and the first biometric reference data.
[0032] According to a sixth and a seventh aspect, the invention relates to a computer program product comprising code instructions for executing a method according to the first aspect of biometric enrollment of an individual, a method according to the second aspect of identifying said individual in a system, or a method according to the third aspect for carrying out a transaction by the individual, on a biometric terminal of the system; and a computer-readable storage means on which is recorded a computer program product comprising code instructions for carrying out a method according to the first aspect of biometric enrollment of an individual, a method according to the second aspect of identifying said individual in a system, or a method according to the third aspect for carrying out a transaction by the individual, on a biometric terminal of the system. PRESENTATION OF THE FIGURES
[0033] Other features and advantages of the present invention will become apparent from the following description of a preferred embodiment. This description will be given with reference to the accompanying drawings in which:
[0034] [Fig.1] [Fig.1] is a diagram of a system for implementing the process according to the invention;
[0035] [Fig.2a] [Fig.2a] is a flowchart illustrating the steps of a first mode of implementation of the process according to the invention;
[0036] [Fig.2b] [Fig.2b] is a flowchart illustrating the steps of a second embodiment of the process according to the invention. DETAILED DESCRIPTION
[0037] Architecture
[0038] The present invention relates to methods: • biometric enrollment of an individual for identification of said individual in a system 1, • identification of said individual (following enrollment), and • for the implementation of a particular transaction on an electronic payment terminal (POS) of system 1 following the identification of the individual.
[0039] System 1 is thus typically the computer system of a store or, more generally, of a merchant, but the notion of transaction may be in a broad sense, beyond payment: for example, system 1 may be that of a secure building or of a company, and identification for the purpose of access control.
[0040] System 1 generally has a local network 30, i.e. a private network interconnecting the equipment that is part of this system 1, where appropriate through a VPN (the local network 30 may itself be composed of several subnets connected via a public wide area network 20 such as the internet - through said VPN).
[0041] In all cases, the processes are preferably implemented in an environment such as that shown in [Fig.1].
[0042] Biometric enrollment means the construction of an individual's account (also called a profile) allowing the subsequent identification of that user in the system in a purely biometric manner.
[0043] Thus, in practical terms, each user account in system 1 is defined by a unique identifier and is associated with at least one piece of personal data (surname, first name, address, etc.) and at least one initial biometric reference data for the user. As will be seen, each account is preferably also associated with at least one piece of technical data defining a use of the account, in particular the data of a means of payment for said user (in the case of identification for the implementation of a transaction, for example, the data of a dematerialized bank card) or access rights (in the case of identification for secure access), etc.
[0044] In a preferred embodiment which will be described in detail later, each account is preferentially also associated with at least one second biometric reference data of the user.
[0045] The first biometric data is acquired on a first biometric trait of the individual (or simply "biometrics" of the individual) and the second biometric data is acquired on a second biometric trait of the individual, different from the first biometric trait.
[0046] The first and second biometric traits may be any known biometric trait used in authentication / identification, for example the face, a fingerprint, an iris, a palm print, a vein pattern, etc. The first biometric trait is preferably of rank 2 and the second biometric trait of rank 1.
[0047] Thus, preferably, the first biometric feature is the palm print and the second biometric feature is the vein pattern. It should be noted that both are palm biometrics, but the palm print is a simple visual biometric (similar to facial biometrics), whereas the vein pattern is a biometric of the venous network of the palm, i.e., under the skin, which is not visible in a simple image of the palm and requires a specific sensor. Furthermore, the enrollment of this latter biometric is more complex.
[0048] System 1 includes at least one biometric terminal 10 which is typically an enrollment and, where appropriate, identification terminal, for example a terminal at the store reception.
[0049] Alternatively, it could be directly an electronic payment terminal (EPT) in the store, i.e., at the checkout, or even a mobile terminal. In all cases, system 1 can include a large number of terminals, 10 if necessary, of various natures. It is also possible that various terminals 10 of the same system 1 may be involved in turn (for example a first biometric terminal 10 for enrollment, a second biometric terminal 10 for a first identification, a third biometric terminal 10 for a second identification, etc.).
[0050] By biometric terminal 10, we mean any terminal suitable for identification / authentication within system 1 and forming part of that system 1, i.e., a secure terminal and not an external terminal. It can be operated by a trusted person such as an employee to prevent fraud.
[0051] In the remainder of this description, we will refer to it as an enrollment terminal or an identification terminal, as appropriate, but again, either one or both of these roles can be assigned to any terminal 10 according to the invention. This terminal can be an existing terminal already adapted for traditional enrollment as described in the introduction to this application (in addition to the present method(s) that are the subject of the invention).
[0052] As will be seen, each terminal 10 comprises at least one first sensor 14 for acquiring the first biometric data on the first biometric feature, and potentially a second sensor 15 for acquiring the second biometric data on the second biometric feature (i.e., biometric sensors). Preferably, and as shown in [Fig. 1], the first and second sensors can in practice be combined, i.e., the same sensor 14, 15 can acquire both the first and second biometric data, either because this sensor "sees" both features simultaneously, or because it has an extended acquisition range.
[0053] Thus, preferably the sensor 14 is an optical sensor such as a camera, in particular with an extended spectrum, i.e. in visible light + Infrared.
[0054] This is particularly suitable in the case where the first and second biometric traits are respectively the palm print and the vein print: a single sensor 14 can observe the palm of the hand (for example, placed on the upper surface of the terminal 10 or just next to it, pointing upwards) and produce the two biometric data on the basis of the two parts of the spectrum.
[0055] It will nevertheless be understood that the present method is not limited to any choice of biometrics or sensors, the latter even being, in practice, connected peripherals. For example, one can easily imagine that the first biometric feature is the palm print and the second biometric feature is the face, the two corresponding biometric data being acquired respectively by two distinct sensors (but of the same type – simple cameras) and positioned differently (for example, on the upper surface of terminal 10 to observe the palm, and on the ceiling to observe the face).
[0056] The terminal 10 may also conventionally include data processing means 11 (such as a processor), data storage means 12 (a memory), an interface 13 for entering account data (e.g. a touch screen), means of wireless proximity communication (e.g. NFC, see below), etc.
[0057] The system 1 advantageously includes a central server 3 for managing user accounts (particularly those created via terminal 10). It can be connected via the local network 30 of system 1 to the terminal(s) 10 and to any non-biometric POS terminals (it is entirely possible that the system includes "ordinary" POS terminals that are not capable of implementing enrollment). Alternatively, it can be used as a terminal 10, for example, in a case where there is a single secure terminal dedicated to enrollment at the store's reception desk. Generally, the server 3 also includes data processing means 31 and data storage means 32, the latter preferentially storing a database of user accounts, particularly in a secure manner (specifically encrypted for the protection of personal data).
[0058] With reference to [Fig. 1], there is also a mobile terminal 2 belonging to the individual wishing to enroll (i.e., create and activate their account to be able to identify themselves biometrically with system 1). This is typically a personal terminal such as a smartphone. Mobile terminal 2, like terminal 10, is itself a biometric terminal, but it is not part of system 1 (i.e., it is outside the local network 30).
[0059] Terminal 2 is only connected to system 1 via network 20 (a public wide area network such as intermet), in particular to server 3, and where appropriate indirectly to terminal 10.
[0060] It itself has at least one first sensor 24 for acquiring the first biometric data on the first biometric trait (typically a camera), but preferably said first biometric sensor 24 of the mobile terminal 2 is not capable of acquiring biometric data on said second biometric trait of the individual (i.e., second biometric data). In general, said mobile terminal 2 preferably does not include any sensor capable of acquiring biometric data on said second biometric trait of the individual. Put another way, it can be said that preferably the first and second biometric traits are chosen such that the terminal 2 (and generally ordinary mobile terminals) only have sensors for acquiring the first biometric data on the first trait, i.e., rank 2 but not rank 1.
[0061] It should be noted that this is the case with smartphones and palm biometrics: every smartphone has a 24-camera type sensor capable of acquiring a visible image of the palm (palmar print), but not of observing the vein network. (vein impression). This configuration offers a maximum level of security, as we will see later.
[0062] Furthermore, it remains entirely possible that terminal 2 may have at least one other sensor, possibly a biometric sensor, particularly for acquiring other biometric data on a different biometric trait (different from the first and second traits), but not used by the present method. For example, many smartphones may have a fingerprint sensor, which will not be used in the case of palm biometrics. In all cases, sensor 24 is referred to here as the first sensor (even if there is no other sensor) by analogy with the first sensor 14 of the biometric terminal 10, since they both target the first biometric trait.
[0063] In a conventional manner, the terminal 2 also most often has data processing means 21 (typically a processor), data storage means 22 (memory, for example flash), an interface 23 (for example a touch screen), wireless proximity communication means (for example NFC), etc., which are common for any mobile terminal such as a smartphone.
[0064] Progressive enrollment method 1
[0065] The present method proposes to significantly limit the time spent in store in front of terminal 10 for enrollment, by allowing the individual to proceed on their own mobile terminal 2, for example from home, without sacrificing security.
[0066] With reference to Figures 2a and 2b, which represent two embodiments thereof, the invention relates, in a first aspect, to a biometric enrollment method for the identification of said individual in system 1, beginning with a step (a) of creating an account for said individual on the mobile terminal 2. It will be understood that while this step (a) allows for the creation of the account, it is not yet finalized and, in particular, not yet usable for identification. To rephrase, step (a) can be seen as a step for creating a "provisional" account, subject to confirmation. This is referred to as "progressive" enrollment insofar as it is carried out in several phases.
[0067] In particular, step (a) may begin by obtaining a unique identifier for the individual, for example either by generating it directly, in particular randomly, or by transforming that of an existing ordinary customer account but devoid of any biometrics.
[0068] Step (a) includes substeps (a1) of recording at least one personal data item, and advantageously any other technical data such as the data of a means of payment of said individual, for example the data of a dematerialized bank card of the individual; and (a2) of recording a first biometric reference data item acquired on the first biometric trait of the individual with the first sensor 24 of said mobile terminal 2. This data is associated with said individual's account.
[0069] It should be noted that steps (a1a) and (a2a) can be performed in any order and in any known manner. For example, (a1a) may include entering at least one piece of personal data on interface 23 or obtaining it automatically from an identity document. Similarly, any payment data may be entered manually (bank card numbers) or obtained directly from a bank server.
[0070] With regard to (a2), in practice, several initial reference biometric data sets can be acquired and, where appropriate, recorded to increase robustness. The objective is to create a biometric "template" that will be used in future identifications, as opposed to what is called a candidate biometric data set, i.e., a fresh data set. For example, in the case of a palm print, the individual can be asked to photograph their palm several times while moving it slightly. In addition, terminal 2 can be configured to ask the individual to restart the acquisition of an initial biometric data set if it is of insufficient quality.
[0071] Where system 1 further comprises a central server 3 storing an account database, said at least one personal data item and first biometric reference data item (and where applicable, said payment method data item and / or second biometric reference data item) are transmitted to said server 3 for registration in the account database (so as to be associated with said individual's account being created). A marker may be associated with said account in the database to indicate that it is being created and is not yet usable for identification.
[0072] In all cases, it is assumed that at the end of step (a) there is a "provisional" account for the individual comprising a unique identifier, at least one personal data item, and a reference biometric data item. Up to this point, the individual has been able to do everything on their terminal 2, without needing to go to a store.
[0073] To finalize account creation, it is still necessary to use the biometric terminal 10 of system 1, but in a particularly streamlined manner. In other words, the level of security afforded by the requirement for an in-store procedure on a secure terminal is maintained, but most of the cumbersome actions (manual data entry, recording of the reference biometric data) can be performed beforehand, in a more convenient way for the individual. The time spent at terminal 10 can be very brief.
[0074] Indeed, it is sufficient, in a step (b), to transmit a finalization request for said account containing said unique identifier of said account from the mobile terminal 2 to the enrollment terminal 10.
[0075] Preferably, this step (b) is implemented via a proximity communication channel, in particular an optical channel or a near-field radio channel, which ensures that the individual is nearby (in the store) and has terminal 2: this is a first authentication factor.
[0076] Advantageously, the request is in the form of a QR code displayed by interface 23 of terminal 2, encoding the identifier. Any existing cryptographic technique may be used for this step.
[0077] The said QR code is then read by the terminal 10, advantageously directly by the first biometric sensor 14 (which, it should be recalled, is advantageously a camera).
[0078] It should be noted that terminal 10 can be a payment terminal, i.e., the individual can implement step (b) and finalize the creation of their account simply by going through the checkout. Subsequent checkout transactions can be made simply by presenting biometrics, without even needing the mobile terminal 2 beforehand (since the account will then be operational, see below).
[0079] The remainder of the enrollment process can be implemented automatically without further intervention from the individual. Thus, in a main step (c), said individual is authenticated by comparing a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor 14 of the terminal 10, with the first reference biometric data of the account associated with said unique identifier transmitted.
[0080] Biometrics is thus a second authentication factor, which allows for total security for this enrollment.
[0081] This typically involves accessing server 3 to obtain the first reference biometric data based on the transmitted unique identifier. For example, terminal 10 sends an authentication request to server 3, including the identifier and the first candidate biometric data. Server 3 accesses the first reference biometric data corresponding to the "provisional" account identified by the transmitted unique identifier and checks whether it matches the received candidate biometric data (according to a known metric, for example, Euclidean distance), and returns the result: If the said unique identifier does not exist, or is not that of an account currently being created, the comparison cannot be made. The individual will be offered the option to create a new account directly on terminal 10. with no possibility of fraud because it will be necessary to present an identity document • if the unique identifier is correct but the individual has for example stolen terminal 2 from a third party, biometric authentication will be rejected and an alert will be issued.
[0082] If authentication is successful, in step (d) the individual's account is validated, i.e., the account creation is considered finalized, for example by changing a marker in the database from "provisional" to "validated". Note that step (d) may include, if necessary, obtaining any missing personal (or other) data.
[0083] This validation allows at least the use of the first biometric for user identification (and generally only that one). The optional marker can reflect whether the account is valid only for the first biometric, or also for the second.
[0084] Progressive enrollment method 2
[0085] Once the account creation is finalized, it can be used for individual identification, and in particular for payment.
[0086] Preferably, and especially if the first biometric is of rank two (this is the case of the palm print), it is desirable to continue the enrollment to add a second biometric of rank 1, if the user wishes.
[0087] To rephrase, the account is validated with respect to the first biometric, but it is not validated with respect to the second biometric.
[0088] Thus, the process can further include a subsequent step (e) (which can be confused with step (d) or later - see below) of recording a second biometric reference data acquired on a second biometric trait of the individual, different from the first biometric trait, with the second sensor 15 of the biometric terminal 10 (which can be confused with the first sensor 14 - this is the case of [Fig.1]).
[0089] Indeed, as explained, said mobile terminal 2 does not generally include a sensor capable of acquiring biometric data on said second biometric trait of the individual, unlike the enrollment terminal 10, hence the fact that the second reference biometric data cannot be recorded in advance, unlike the first reference biometric data. This is what makes the second biometric much more secure.
[0090] Again, this is a progressive enrollment insofar as the two biometrics are enrolled separately, although it remains entirely possible alternatively for the two reference biometric data to be directly recorded during step (a) if the sensor(s) 24 of the mobile terminal 2 are capable of doing so. If applicable We could already have double biometric authentication during step (c), i.e. up to three factors with the possession of terminal 2 (comparison of a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor 14 of the biometric terminal 10 with the first reference biometric data of the account associated with said unique identifier transmitted; and / or comparison of a second candidate biometric data acquired on said first biometric trait of the individual with the second sensor 15 of the biometric terminal 10 with the second reference biometric data of the account associated with said unique identifier transmitted - see the identification process for more details).
[0091] We will now consider only the preferred case in which we have so far only enrolled the first biometric and we now want to enroll the second biometric (by choice or because the sensors 24 of terminal 2 do not allow it).
[0092] In the first mode, the user is informed that their account has been activated (step (d)), and is then offered the option to add the second biometric data to their account, i.e., to re-validate their account with respect to the second biometric. At this stage, the user may simply be asked to present their second biometric feature (for example, to look at a camera in the case of facial biometrics), and to provide biometric data if the individual consents.
[0093] In other words, step (e) includes the acquisition of the second reference biometric data on the second biometric trait of the individual with the second sensor 15 of the biometric terminal 10.
[0094] Again, in practice, several second sets of reference biometric data can be acquired if necessary, and if necessary, he can be asked to repeat the process.
[0095] The registration can be done as in step (a2), where appropriate by transmission to server 3 so as to complete the account database.
[0096] The latter is in the first mode advantageously at the same time as step (d), so that the enrollment is completely completed upon activation of the account.
[0097] According to a second mode, the individual announced from the outset (during step (a) in particular) that he consented to the dual biometric level and therefore to the acquisition of biometric data on his second trait, but it was not possible to do so at step (a).
[0098] Thus, and in a particularly preferred manner and in accordance with [Fig.2a], step (c) may include the simultaneous acquisition of said first candidate biometric data and the second reference biometric data, on the enrollment terminal 10, particularly when the same sensor 14, 15 of the terminal 10 allows the acquisition of both biometric data at the same time (first and second sensors combined).
[0099] Thus, even while the first candidate data for individual authentication is being acquired (step (c)), the second reference data is acquired in advance, so that the individual is contacted minimally. This is an original step because it performs both authentication and enrollment (and of course, the same biometric terminal 10 performs both tasks).
[0100] If the individual is successfully authenticated and their account validated, the recording of this second biometric data is implemented. Otherwise, if the account is not validated, the second reference biometric data is destroyed.
[0101] It remains possible that several second sets of reference biometric data may be acquired (rapidly in succession), and where possible, enrollment is attempted to be completed at step (d), but it is entirely possible that further acquisitions may still be necessary, particularly in cases of insufficient quality. In such cases, the process can be reverted to the first mode (explicitly requesting the individual to provide their second biometric trait again).
[0102] According to a third mode, which is in practice a special case of the first mode and which corresponds to what is represented by [Fig. 2b], step (e) is implemented during a (subsequent) identification step (f) of the individual, for example, a checkout. Indeed, it is reiterated that the account is already validated and therefore usable (at least provisionally in a "degraded" security level since there is only one biometric level, see below). In this mode, there is thus an overlap of enrollment and identification (and of course, it is then the same biometric terminal 10 that performs both tasks).
[0103] So it is step (e) which includes the simultaneous acquisition of said first candidate biometric data and the second reference biometric data, on the enrollment terminal 10, particularly when the same sensor 14, 15 of the terminal 10 allows the acquisition of both biometric data at the same time (first and second sensors combined).
[0104] Compared to step (c), this is an identification insofar as we do not have the unique identifier of the individual, and therefore we find a first biometric reference data coinciding with said first candidate data to determine in which account we will record the second data as reference data to complete the enrollment.
[0105] These second and third modes are particularly interesting in the case where terminal 10 is an electronic payment terminal, for two reasons: - we can achieve the dual biometric level (maximum security) without even going through reception; - we repeatedly pass over an electronic payment terminal, which in practice allows the acquisition of several second reference data points if necessary, as explained.
[0106] Note that the second and third modes can in practice be combined: - There is a first simultaneous acquisition of said first candidate biometric data and the second reference biometric data, during step (c) - Either this is sufficient and enrollment is completed at step (d), or more second reference data is needed and the third mode is implemented (rather than the first mode, to maintain the best user experience) in order to acquire the missing biometric data during subsequent identifications.
[0107] Identification method
[0108] According to a second aspect, the invention relates to an identification method following the enrollment method according to the first aspect.
[0109] The method includes a step (f) of identifying said individual by comparing a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor 14 of the biometric terminal 10 with a plurality of first reference biometric data of accounts (validated, themselves obtained by the enrollment process according to the first aspect); and / or by comparing a second candidate biometric data acquired on said first biometric trait of the individual with the second sensor 15 of the biometric terminal 10 with a plurality of second reference biometric data of accounts (validated).
[0110] The objective is to determine the unique identifier of the individual's account, as being that of the account associated with the first reference biometric data coinciding with the first candidate biometric data acquired on said first biometric trait of the individual with the first sensor 14 of the biometric terminal 10, and / or that of the account associated with the second reference biometric data coinciding with the second candidate biometric data acquired on said second biometric trait of the individual with the second sensor 15 of the biometric terminal 10.
[0111] Naturally step (f) can be repeated as many times as the individual needs to be identified, for example to implement various transactions (checkouts in the store).
[0112] Note that at each occurrence of step (f) the terminal 10 may be a different terminal from system 1, and where appropriate itself a different terminal from the one on which the enrollment was carried out, except in the case where step (e) is implemented during step (f), see above.
[0113] In an embodiment with only the first biometric, step (f) only includes the comparison of a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor 14 of the biometric terminal 10 with a plurality of first reference biometric data of accounts.
[0114] If no first biometric reference data coinciding with the first candidate biometric data can be found in the account database, the individual may be offered the acquisition of a new first candidate data, and then, if necessary, the identification may be considered to have failed and either another means of identification (for example, identity card) or proceed differently (classic payment, for example, with a bank card).
[0115] In an embodiment with the two biometrics, considering that the first biometric is rank 2 (secondary biometric) and the second biometric is rank 1 (primary biometric), preferably, step (f) can start by comparing a second candidate biometric data acquired on said second biometric trait of the individual with the second sensor 14 of the biometric terminal 10 with a plurality of second reference biometric data of accounts, which works if the second biometric has already been enrolled as in the case of [Fig.2a].
[0116] Otherwise, if no second biometric reference data is found coinciding with the second candidate biometric data, one can proceed to the comparison of a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor 14 of the biometric terminal 10 with a plurality of first biometric reference data of accounts (as in the first embodiment above).
[0117] The idea is to use the first biometric method as a fallback (second-tier), so as to still allow for identification. It should be noted that since security is lower, the rights associated with this "degraded" identification may be more limited (for example, a transaction may only be authorized below a threshold amount such as €50). Alternatively, or in addition, fees may be imposed to account for the risk of a less secure transaction.
[0118] This fallback to the first biometric occurs either in the event of insufficient quality of the second candidate data acquired, or if the second biometric data has not been acquired (no second reference biometric data associated with the individual's account). In the second case, the second candidate biometric data can be recorded as the second reference biometric data in accordance with the third mode of the progressive enrollment process part 2, represented by [Fig. 2b].
[0119] In this respect, preferably step (f) directly includes the simultaneous acquisition of the first candidate biometric data and the second candidate biometric data on the biometric terminal 10, again particularly when the same sensor 14, 15 of the terminal 10 allows the acquisition of both biometric data at the same time (first and second sensors combined), in a manner similar to what is preferably done in step (c), the only difference being that the second acquired biometric data is initially considered as potentially candidate data.
[0120] And as explained, if the individual is successfully authenticated only on the basis of the first candidate biometric data due to the lack of a second reference biometric data, then step (e) can be implemented within step (f), using said second candidate biometric data already acquired as the second reference biometric data, and this until enough second reference biometric data is available to be able to identify the individual directly on the basis of the second biometric.
[0121] Indeed, due to the simultaneous acquisition of the first candidate biometric data and the second candidate biometric data on the biometric terminal 10, we already have both biometric data, and we are sure that they are from the same individual.
[0122] Terminal 10 simply acquires the second candidate biometric data by default, and its role varies: • either the second biometric is validated, and then the second candidate biometric data is used for identification; • either the second biometric is not validated, and then the second candidate biometric data is used for enrollment.
[0123] The registration (e) of the second candidate biometric data is advantageously implemented only if none of a plurality of second reference biometric data from accounts coincides with the second candidate biometric data. In other words, this is the mode in which an automatic attempt is made to begin with identification based on the second biometric, and if the second biometric fails but the first biometric succeeds, the system infers that the second biometric is not enrolled for the individual (or at least there are not enough second reference biometric data), and proceeds with the registration.
[0124] Note that alternatively, as explained, one can have an account marker indicating that the individual's account is not enrolled for the second biometric, so as to avoid recording the second candidate data if there was already at least one second reference biometric data that should have coincided with the second candidate biometric data, and that we adjust for an error, for example, due to the quality of the acquisition.
[0125] Note that in all cases it can be provided that even if we manage to identify the individual by comparing the second candidate biometric data acquired on said second biometric trait of the individual with the second sensor 14 of the biometric terminal 10 with the plurality of second reference biometric data of accounts, we will still implement the comparison of the first candidate biometric data acquired on said first biometric trait of the individual with the first sensor 14 of the biometric terminal 10 with the plurality of first reference biometric data of accounts.
[0126] This allows for "strong" identification (2 factors) which may be desirable, for example, in a situation where maximum security is required (for example, for a transaction exceeding a threshold amount such as €500).
[0127] Method for implementing a transaction
[0128] According to a third aspect, the invention relates to a method for implementing a transaction on the biometric terminal 10, the latter being an electronic payment terminal (EPT), following the identification process according to the second aspect, i.e., it is assumed that the individual has been identified, that is, that the unique identifier of that individual's account has been determined at the end of step (f). This third aspect further implies that the data of an individual's means of payment, for example, the data of an individual's dematerialized bank card, have been associated with said individual's account, i.e., that substep (a1a) of the enrollment process typically also included the registration of said individual's means of payment. In other words, the account created is for biometric payment in said system 1 by means of said means of payment.
[0129] The method then comprises a step (g) in which said terminal 10 uses the individual's payment method data associated with the individual's account (recorded in their account) to carry out the transaction. It is understood that the biometric terminal 10 is here the same terminal on which the identification was obtained, and in practice steps (f) and (g) are linked and indistinguishable by the individual.
[0130] Thus, the transaction is implemented automatically using the dematerialized payment method associated with his account, so that he does not need to do anything and in particular does not need to present any means of payment.
[0131] Thus, preferably, step (g) does not include the use of any means of payment other than the dematerialized one (the one whose data is associated with his account).
[0132] In summary, we have an optimal user experience, while maintaining the maximum level of security and greatly streamlining the enrollment process.
[0133] Note that we will not be limited to the context of a process for implementing a transaction, and that identification can be used for any useful purpose, for example in an access control process: the individual is for example authorized to pass through a secure door or open an application if his account is associated with data representing an access authorization.
[0134] Terminals
[0135] According to a fourth aspect, the invention relates to the biometric terminal 10 of a system (1) for the implementation of one or more of the processes according to the first, second and third aspects, i.e. an enrollment, identification and / or transaction terminal.
[0136] Thus, this terminal 10 includes, as explained, at least data processing means 11 and a memory 12, at least a first biometric sensor 14 and potentially a second biometric sensor 15, possibly combined with the first sensor 14, and advantageously an interface 13 and / or near field communication means.
[0137] It is advantageously connected via network 20 and / or 30 to a server 3 of system 1.
[0138] The data processing means 31 are at least configured to, when an individual's account is created on a mobile terminal 2 of said individual, with the recording of at least one personal data item, of a first biometric reference data item acquired on a first biometric trait of the individual with a first sensor 24 of said mobile terminal 2, implement the steps consisting of: - Receive a request to finalize said account containing a unique identifier of said account from mobile terminal 2 (in particular via a proximity communication channel, in particular an optical channel or a near field radio channel, i.e. QR code or NFC); - Authenticate said individual by comparing a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor 14, with the first reference biometric data of the account associated with said unique identifier transmitted; - Validate the said individual's account; - Preferably record a second biometric reference data acquired on a second biometric trait of the individual, different from the first biometric trait, with the second sensor 15.
[0139] In the case of an identification terminal 10, the data processing means 11 can also be configured to: - identify said individual by comparing a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor 14 of the biometric terminal 10 with a plurality of first reference biometric data of accounts; and / or by comparing a second candidate biometric data acquired on a second biometric trait of the individual, different from the first biometric trait, with the second sensor 15 of the biometric terminal 10, with a plurality of second reference biometric data of accounts.
[0140] In the case of a transaction terminal 10, i.e., an POS terminal, the data processing means 11 can be further configured to: - to use data from an individual's payment method associated with the individual's account for the implementation of the transaction.
[0141] According to a fifth aspect, the invention proposes an assembly comprising the terminal 10 according to the fourth aspect, and said mobile terminal 2. It is possible to have several terminals 10, 2.
[0142] This or these mobile terminals 2 also include, as explained, at least data processing means 21, a memory 22, and a biometric sensor 24, and advantageously an interface 23 and / or near field communication means.
[0143] The assembly may further include a server 3
[0144] The data processing means 21 of the mobile terminal 2 are configured to, when the account of said individual is created on the mobile terminal 2: - Acquire a first biometric reference data on a first biometric trait of the individual with the first sensor 24; - record at least the said personal data and the first biometric reference data
[0145] Computer program product
[0146] According to a sixth and a seventh aspect, the invention relates to a computer program product comprising code instructions for the execution (on the data processing means 11,21 of the terminals 10 and 2) of a method according to the first aspect of biometric enrollment of an individual, of a method according to the second aspect of identification of said individual in a system 1, or of a method according to the third aspect for the implementation of a transaction by the individual, on a biometric terminal 10 of the system 1; as well as computer-readable storage means (for example the data storage means 12, 22 of the terminals 10 and 2) on which this computer program product is found.
Claims
Demands
1. A method for the biometric enrollment of an individual for the purpose of identifying said individual in a system (1), characterized in that it comprises the implementation of steps of: a. Creation of an account of said individual on a mobile terminal (2) of said individual, comprising a substep (a1) of recording at least one personal data item, and a substep (a2) of recording a first biometric reference data item acquired on a first biometric trait of the individual with a first sensor (24) of said mobile terminal (2); b. Transmission of a finalization request of said account containing a unique identifier of said account from the mobile terminal (2) to a biometric terminal (10) of said system (1); c.Authentication of said individual by comparing a first candidate biometric data acquired on said first biometric trait of the individual with a first sensor (14) of the biometric terminal (10), with the first reference biometric data of the account associated with said unique identifier transmitted; d. Validation of said account of said individual.
2. Method according to claim 1, wherein said system (1) further comprises at least one server (3) comprising data storage means (32) storing an account database, the server (3) being connected to the mobile terminal (2) by a network (20), said at least one personal data and first biometric reference data being transmitted to said server for recording in the account database.
3. A method according to claim 2, wherein step (c) comprises obtaining said first biometric reference data in said account database based on said transmitted unique identifier.
4. A method according to any one of claims 1 to 3, wherein said account finalization request is transmitted to step (b) via a near-field communication channel, in particular an optical channel or a near-field radio channel.
5. A method according to any one of claims 1 to 4, comprising a step (e) of recording a second biometric reference data acquired on a second biometric trait of the individual, different from the first biometric trait, with a second sensor (15) of the biometric terminal (10).
6. A method according to claim 5, wherein step (c) comprises the simultaneous acquisition of said first candidate biometric data and the second reference biometric data, on the biometric terminal (10).
7. A method according to any one of claims 5 and 6, wherein said first sensor (14) and second sensor (15) of the biometric terminal (10) are combined.
8. A method according to any one of claims 5 to 7, wherein said mobile terminal (2) does not include a sensor capable of acquiring biometric data on said second biometric trait of the individual.
9. A method according to any one of claims 5 to 8, wherein said first biometric feature is a palm print and the second biometric feature is a vein print.
10. A method according to any one of claims 1 to 9, wherein said substep (1a) further comprises the registration of a means of payment of said individual, said account being for biometric payment in said system (1) by means of said means of payment; said biometric terminal (10) preferably being an electronic payment terminal.
11. A method for identifying an individual in a system (1), characterized in that it comprises, following the implementation of the biometric enrollment method of said individual according to any one of claims 1 to 10, a step (f) of identifying said individual by comparing a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor (14) of the biometric terminal (10) with a plurality of first biometric reference data of accounts; and / or by comparing a second candidate biometric data acquired on a second biometric trait of the individual, different from the first biometric trait, with a second sensor (15) of the biometric terminal (10), with a plurality of second biometric reference data of accounts.
12. A method according to claim 11, wherein the identification step (f) of said individual comprises comparing the second candidate biometric data acquired on said second biometric trait of the individual with the second sensor (15) of the biometric terminal (10) with the plurality of second reference biometric data from accounts, and then if no second reference biometric data coincides with the second candidate biometric data, comparing the first candidate biometric data acquired on said first biometric trait of the individual with the first sensor (14) of the biometric terminal (10) with a plurality of first reference biometric data from accounts.
13. A method according to claim 12, wherein the biometric enrollment method is according to claim 5, step (e) being implemented in step (f) using the second candidate biometric data as the second reference biometric data.
14. A method according to any one of claims 12 and 13, wherein step (f) comprises the simultaneous acquisition of said first candidate biometric data and second candidate data, on the biometric terminal (10)
15. A method for carrying out a transaction by an individual, on a biometric terminal (10) of a system (1), said biometric terminal (10) being an electronic payment terminal, characterized in that it comprises, following the implementation of the method of identifying said individual in the system (1) according to any one of claims 11 to 14, the implementation of a step (g) of using said biometric terminal (10) the data of a means of payment of the individual associated with the individual's account for the implementation of the transaction.
16. Biometric terminal (10) of a system (1), comprising a first sensor (14), characterized in that it comprises data processing means (11) configured to, when an individual's account is created on a mobile terminal (2) of said individual, record at least one personal data item and a first biometric reference data item acquired on a first biometric trait of the individual with a first sensor (24) of said mobile terminal (2): - Receive a request to finalize said account containing a unique identifier of said account from the mobile terminal (2); - Authenticate said individual by comparing a first candidate biometric data acquired on said first biometric trait of the individual with the first sensor (14), with the first reference biometric data of the account associated with said unique identifier transmitted; - Validate said account of said individual.
17. The biometric terminal (10) according to claim 16 and said mobile terminal (2) comprising the biometric sensor (24), the mobile terminal (2) comprising data processing means (21) configured to, when creating the account of said individual on the mobile terminal (2): - Acquire a first biometric reference data on a first biometric trait of the individual with the first biometric sensor; - record at least said personal data and the first biometric reference data.
18. Product computer program comprising code instructions for the execution of a method according to any one of claims 1 to 10 of biometric enrollment of an individual, of a method according to any one of claims 11 to 14 of identification of said individual in a system (1), or a method according to claim 15 for the implementation of a transaction by the individual, on a biometric terminal (10) of the system (1), when said program is executed on a computer.
19. Computer-readable storage means on which is recorded a computer program product comprising code instructions for the execution of a method according to any one of claims 1 to 10 of biometric enrollment of an individual, of a method according to any one of claims 11 to 14 of identification of said individual in a system (1), or a method according to claim 15 for the implementation of a transaction by the individual, on a biometric terminal (10) of the system (1).