METHOD AND APPARATUS FOR THE CREATION AND USE OF A DIGITAL IDENTIFICATION.

MX434532BActive Publication Date: 2026-05-19FACETEC INC

Patent Information

Authority / Receiving Office
MX · MX
Patent Type
Patents
Current Assignee / Owner
FACETEC INC
Filing Date
2022-02-10
Publication Date
2026-05-19

AI Technical Summary

Technical Problem

Existing biometric security methods, such as fingerprint and two-dimensional facial recognition, are unreliable and insecure for authenticating users on small electronic devices, making it difficult to securely access user accounts without the inconvenience of typing complex passwords, and are vulnerable to impersonation through images or video recordings.

Method used

A facial recognition authentication system using a mobile device's camera to enroll and authenticate users by capturing images from multiple angles and distances, combining motion sensors to detect the device's movement path, and comparing biometric and motion data with stored enrollment information, enhanced by features like banding and edge detection to verify a live user.

Benefits of technology

Provides secure, convenient, and cost-effective authentication by ensuring that the user is a live three-dimensional person, reducing fraud and eliminating the need for complex password entry, while allowing access to multiple accounts and devices.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure MX434532B0
    Figure MX434532B0
Patent Text Reader

Abstract

A method for generating a digital ID comprising capturing one or more user images of the user's face, transmitting one or more user images or derived data to a verification server, and determining whether one or more images represent a living person. This includes capturing an ID image from a photo ID for the user and transmitting the ID image to the verification server. It also involves comparing at least one of the one or more user images or derived data with the user's image on the photo ID to determine whether the user in one or more user images is the same person as the image on the photo ID. Upon a match from the comparison and the determination that a living person was captured in one or more user images, a digital user ID is generated and transmitted to the user.
Need to check novelty before this filing date? Find Prior Art

Description

METHOD AND APPARATUS FOR THE CREATION AND USE OF A DIGITAL IDENTIFICATION Field of Invention The modalities described refer to biometric security. More specifically, the described modalities refer to facial recognition authentication systems. Background of the Invention With the development of personal electronic devices that can be used to access many different user accounts, and the growing threat of identity theft and other security issues, there is a growing need for ways to securely access user accounts through of electronic devices. Therefore, account holders are often required to have longer passwords that meet various criteria, such as using a combination of upper and lower case letters, numbers, and other symbols. With smaller electronic devices, such as smartphones, smart watches, Internet of Things (IoT) devices, and the like, it can be difficult to try to type such long passwords into the device each time you want to access the account and if another individual learns the user's password, then the user can be impersonated without actually being present. In some cases, users may even decide to disable such complicated security measures due to inconvenience on their devices. Therefore, users of such devices may prefer other methods of secure access to their user accounts. Another method of this type is with biometrics. For example, an electronic device may have a special sensor that can scan a user's fingerprint to determine that the person requesting access to a device or account is authorized. However, such fingerprint systems on small electronic devices are often considered unreliable and insecure. Furthermore, facial recognition is generally known and can be used in a variety of contexts. Two-dimensional facial recognition is commonly used to tag people in images on social media or in photo editing software. However, facial recognition software has not been - 2 widely implemented on its own to securely authenticate users trying to gain access to an account because it is not considered secure enough. For example, two-dimensional facial recognition is considered insecure because faces can be photographed or recorded, and then the resulting printouts or video screens showing images of the user can be used to fool the system. Accordingly, there is a need for a reliable, cost-effective and convenient method of authenticating users attempting to log into, for example, a user account. Summary of the Invention The described embodiments have been developed in light of the above and aspects of the invention may include a method for enrolling and authenticating a user in an authentication system through a user's mobile computing device. The user's device includes a camera. In one embodiment, the user may enroll in the system by providing enrollment images of the user's face. Enrollment images are taken by the mobile device's camera as the user moves the mobile device to different positions relative to the user's head. The user can thus obtain inscription images that show the user's face from different angles and distances. The system may also use one or more motion sensors of a mobile device to determine a recording motion path that the phone takes during imaging. At least one image is processed to detect the user's face within the image and to obtain biometric information of the user's face in the image. Image processing can be performed on the user's mobile device or on a remote device, such as an authentication server or user account server. Enrollment information (enrollment biometrics, movement, and other information) may be stored on the mobile device or the remote device or both. The system may then authenticate a user by providing the user with at least one authentication image through the camera of the mobile device while the user moves the mobile device to different positions with respect to the user's head. Authentication images are processed for face detection and facial biometric information. Path parameters can also be obtained during imaging of -3authentication (authentication move). The authentication information (biometric authentication, motion, and other information) is then compared to the enrollment information to determine whether the user should be authenticated or denied. Image processing and comparison can be done on the user's mobile device or can be done remotely. In some embodiments, a user may create multiple enrollment profiles to provide greater security. For example, a user can create an inscription using accessories such as a hat or glasses, or by making a face. In other embodiments, user registration information may be linked to a user's email address, phone number, or other unique identifier. The authentication system may include responses that are displayed on the mobile device to help a user learn and authenticate with the system. For example, an accuracy meter can provide feedback on a biometric or motion authentication match rate. A motion meter can provide feedback on motion detected by the mobile device. In some embodiments, the system may reward users who successfully use the authentication system or otherwise take steps to prevent fraud. Such rewards may include leaderboards, status levels, reward points, coupons or other offers, and the like. In some embodiments, the authentication system can be used to log into multiple accounts. In addition to biometric and motion matching, some modalities may also use banding detection, glare detection, and screen edge detection to further secure the system. In other embodiments, other user attributes may be detected and compared, including the gender, age, ethnicity, and similarity of users. The system may also provide graduated access to the user account(s) when the user first configures the authentication system. As the user successfully implements the system, the authorization can be expanded. For example, over a period of time while the user gets used to the authentication system, lower transaction limits may apply. In some embodiments, the mobile device may display a response of -4video of what the user is representing to help the user represent their face during registration or authentication. The video response may be displayed on only a portion of the mobile device's display screen. For example, the video response may be displayed on an upper portion of the display screen. The video response screen may be positioned on a portion of the display screen that corresponds to a location of a front camera of the mobile device. To facilitate low-light imaging, portions of the screen other than the video response may be displayed in a bright color, such as white. In some embodiments, LED or infrared light may be used, and near-infrared thermal imaging may be performed with an infrared camera. The mobile device used for image capture may have multiple cameras to capture visible light and infrared images. The mobile device may also have multiple cameras (two or more) that image in a single spectrum or multiple spectrum to provide stereoscopic three-dimensional images. In such a modality, close-up (zoomed-in) frames can create the greatest differentiation compared to images captured at a distance. In such a mode, frames captured at a distance may be unnecessary. In some embodiments, to provide additional security, the mobile device may generate objects, colors or patterns on the display screen to be detected during image capture. The default object or pattern can be a single one-dimensional or two-dimensional barcode. For example, a QR code (two-dimensional barcode) can be displayed on the screen and reflected to the user's eye. If the QR code is detected in the image, then the person can authenticate. In other embodiments, an object may move on the screen and the system may detect whether a user's eyes follow the movement. In some embodiments, the system may provide prompts on a video feedback screen to assist the user in moving the device relative to the user's head during registration and / or authentication. Cues may include ovals or frames displayed on the screen where the user must place her face by moving the mobile device until her face is inside the oval or frame. The indications can preferably be of different sizes and can also be centered on -5 different screen positions. When a real three-dimensional person represents themselves up close and far away, the biometric results have been found to be different due to the negative lens distortion effect at different distances. Thus, a three-dimensional person can be validated when the biometric results are different in the near and far images. This also allows the user to have multiple biometric profiles for each of the distances. In other embodiments, the biometrics of the images obtained between the close-up and distance images can be analyzed to obtain incrementally different biometric results. In this way, the transformation of the face from the distant face to the distorted face at close range is captured and tracked. Incremental frames during an authentication can then be compared to frames captured at similar locations during registration along the motion trajectory and compared to ensure that expected similarities and differences are found. This results in a motion trajectory, a captured image and biometric data that can prove that you are taking an image of a three-dimensional person. Therefore, not only the near and far biometric data are compared, but also the biometric data obtained between them. The biometric data obtained between them must also correspond to a correct transformation speed along the movement trajectory, which greatly improves the security of the system. The touch screen can be used in some modes. For example, the user may need to enter or swipe a code or pattern in addition to the authentication system described herein. The touch screen can also detect the size and orientation of a user's finger, and whether the right or left hand is used on the touch screen. Voice parameters can also be used as an additional layer of security. The system can detect edge sharpness or other indicators to ensure that the images obtained are of sufficient quality for the authentication system. When a camera has autofocus, the autofocus can be controlled by the system to validate the presence of the actual three-dimensional person. Autofocus can verify that different features of the user or environment come into focus at different focal lengths. In other embodiments, the authentication images can be saved for review at the time. -6 person who tried to authenticate with the system. In some embodiments, the required match thresholds can be adapted over time. Therefore, the system can take into account biometric changes due to age, weight gain or loss, environment, user experience, security level or other factors. In additional embodiments, the system may use image distortion before obtaining biometric information to further protect against fraudulent access. The system may use any number or combination of security features as security layers, as described herein. When authentication fails, the system can be configured so that it is not obvious which security layer triggered the failure to preserve the integrity of the security system. Also described is a method of authenticating the identity of a customer as part of a commercial transaction comprising presenting questions to a customer, the customer's questions having corresponding responses from the customer, and then receiving responses from the customer in response to the presentation of questions. the client's. The client responses are then processed to create processed client responses and the processed client responses are transmitted to a remote computing device. This method also compares the client's processed responses to data stored on the remote computing device and, in response to the comparison, determines that a match has not occurred, denying further authentication. In response to the comparison, it determines that a match has occurred, allowing further authentication by capturing and processing one or more facial images of the customer to verify the customer's identity and the customer's life. In one embodiment, processed responses from the client are encrypted, subjected to a verification operation, or both. In one embodiment, the method further comprises inverting the one or more facial images into captured authentication data and comparing the captured authentication data to the stored authentication data to determine whether a match occurs. In one configuration, the stored authentication data is stored on a blockchain and the comparison, for a match, of the client's reverse processed responses with the stored data of the client's responses controls access to the blockchain that stores authentication data - 7stored. It is also contemplated that the result of the verification of the client's identity and life is communicated to a company to thereby verify the identity of the client before the company. The company may be a credit reporting agency or a lender. It is contemplated that the authentication may further comprise verifying the life of the customer by processing a first image of the customer's face, captured at a first distance from the customer, and capturing a second image of the customer's face, captured at a second distance from the customer. In one configuration, authentication further comprises comparing at least one image of the client's face with a previously captured image of the client's face that is part of the stored authentication data. Also described is an authentication system for verifying the identity of a user comprising a data collection device having a processor and a memory that stores non-transitory machine-executable code that is executable by the processor. The machine-executable code of the data collection device may be configured to present the user with user-related questions and receive responses to the user-related questions. Responses are entered by the user into the data collection device. It is also configured to process responses to create secure response data, transmit secure response data, and respond to instructions from a remote server, to collect and transmit authentication data collected from the user. Also part of the system is the remote server that has a processor and a memory that stores non-transitory machine-executable code that is executable by the processor, such that the machine-executable code is configured to receive secure response data from the data collection device and process the secure response to determine whether the received secure response data matches the stored secure response data. In response to received secure response data that does not match the stored secure response data, access to the stored authentication data for the user is denied. In response to the received secure response data matching the stored secure response data, an authentication session is then initiated by communicating with the data collection device to collect and transmit the collected authentication data, and then receive the authentication data. authentication -8Collected from data collection device. The machine-executable code is further configured to compare the collected authentication data received from the data collection device with the user's authentication data stored on the remote server to determine whether a match occurs, such that a match verifies the user identity. In one embodiment, the secure response data comprises encrypted responses or verified responses. The authentication data collected may comprise one or more images of the user captured by a camera on the data collection device. The user authentication data may comprise a first image of the user's face captured by the camera at a first distance separating the user from the camera and a second image of the user's face captured by the camera at a second distance separating the user. and to the camera, in such a way that the first distance is different from the second distance. In one configuration, this system further comprises transmitting a verified identity notice to a third-party server and, in response thereto, receiving data from the third-party server as part of a commercial transaction. It is also contemplated that the stored user authentication data is stored in a blockchain and the blockchain that stores the stored user authentication data is only accessed when the received secure response data matches the secure response data. stored. An authentication system is used by a company to verify the identity of a user. In one embodiment, the authentication system comprises a data collection device having a display and a user interface. The data collection device is configured to receive responses from the user to questions presented to the user, process the responses to create secure response data, and transmit the secure response data to a verification server. Also part of this embodiment is a verification server configured to receive the secure response data from the data collection device and compare the secure response data, or the processed secure response data, with the stored response data. In response to the comparison, determine that the secure response data or the processed secure response data does not match the stored response data, terminating the identity verification. In M A / t / ZUZZ / UÓ+OUO -9response comparison, determine the secure response data or processed secure response data that matches the stored response data, then initiate an authentication session that includes capturing one or more images of the customer's face with a camera associated with the data collection device or other device. The data collection device may be an electronic device owned by the user. The data collection device may be a company-owned electronic device. In one embodiment, the stored response data is created by performing the same processing on the responses as that performed by the data collection device to form the secure response data. In one configuration, the questions presented to the user are based on the user's personal information. In one embodiment, the step of initiating an authentication session comprises providing a prompt, from the verification server, to initiate the authentication session by sending a message from the verification server to the data collection device or another device, and then capturing at least one image of the user with a camera associated with the data collection device or another device. This step also includes processing the at least one image to generate captured image data and transmitting the captured image data to the verification server. At the verification server, the captured image data is processed to verify the three-dimensionality of the user and compare the captured image data with stored image data derived from at least one previously captured image of the user to determine whether the match occurs. within a threshold range. Then, the user's three-dimensionality verification is responded to and the match within the threshold range is obtained, then the user's identity is verified for the company. The system of claim 15, wherein the stored authentication data, such as biometric data, is stored in a blockchain. In one embodiment, the one or more images of the user's face comprise a first image captured with the camera at a first distance from the user and a second image captured with the camera at a second distance from the user, the first distance being different from the second. distance. Also described is a method for verifying the identity of a customer by a business that comprises initiating an identity verification session for the customer. In the company, they present questions to the customer who have - 10 stored responses that are stored in a remote location and also in the company, receive customer responses to questions. Then transmit the client responses or a processed version of the client responses to an authentication system. In the authentication system, which may be remote from the user, receive the responses from the client or the processed version of the responses from the client in the authentication system. The authentication system compares the client responses or the processed version of the client responses with the stored client responses or a stored processed version of the client responses to determine whether a match occurs. If a match does not occur, notify the company of the mismatch and complete the identity verification processes. If a match occurs, initiate an authentication process by obtaining one or more images of the customer's face with a camera and processing one or more of the images of the customer's face to generate captured facial image data. Then, transmit the captured facial image data to the authentication system and process the captured facial image data to determine the three-dimensionality and life of the customer generated by the captured facial image data. This method of operation then compares the captured facial image data with the stored facial image data and confirms that the stored facial image data matches the captured facial image data, the stored facial image data is based on previously captured images of the client's face. This method of operation may further comprise, in response to stored facial image data matching the captured facial image data, sending an identity verification success message to the company, to a credit reporting agency so that the agency The credit reporting agency may submit a credit report to the business, to a lender for the lender to provide a loan or financing to the customer, or any combination of the two. The step of capturing one or more images of the user may comprise a first image capture with the camera at a first distance from the client's face and a second image captured with the camera at a second distance from the user's face such that the first distance is different from the second distance. Client responses can be encrypted or verified before being transmitted to the authentication system. In one configuration, the - 11 step of comparing client responses or the processed version of client responses with stored client responses or a stored processed version of client responses controls access to authentication data stored on a blockchain. Other systems, methods, features and advantages of the invention will or will become apparent to one skilled in the art upon examination of the following figures and the detailed description. All of these additional systems, methods, features and advantages are intended to be included within this description, to be within the scope of the invention and to be protected by the appended claims. Brief Description of the Figures of the Invention The components of the Figures are not necessarily to scale, but emphasis is placed on illustrating the principles of the invention. In the Figures, like reference numerals designate corresponding parts throughout the different views. Figure 1 illustrates an exemplary use environment of the facial recognition authentication system, according to an exemplary embodiment. Figure 2 illustrates an exemplary embodiment of a mobile device. Figure 3 illustrates exemplary software modules that are part of the mobile device and the server. Figure 4 shows a method for performing facial recognition authentication according to one embodiment. Figure 5 shows a method for enrolling a user in a facial recognition authentication system, according to an exemplary embodiment. Figures 6A and 6B show an example of movement of a mobile device around a user's face according to an exemplary embodiment. Figures 7A and 7B show an example of movement of a mobile device around a user's face according to an exemplary embodiment. Figure 8 shows a method for providing authentication information in a facial recognition authentication system, according to an exemplary embodiment. Figure 9 shows a method for verifying the authentication credential in a facial recognition authentication system, according to an exemplary embodiment. - 12 Figure 10 illustrates an exemplary screen showing a graphical and numerical response in a facial recognition authentication system. Figures 11A, 11B and 11C illustrate examples of video response screens corresponding to front camera positions in a facial recognition authentication system. Figure 12Ά shows an exemplary video screen response of a facial recognition authentication system where the border pixels on the sides of the screen extend horizontally. Figure 12B shows a method for verifying the life or three-dimensionality of a user using pixel velocity analysis detection. Figures 13A and 13B illustrate exemplary display screens with face alignment indicators displayed as an oval to serve as a guide when the user moves the mobile device toward or away from their face. Figure 14 illustrates an exemplary mobile device screen showing a graphical code entry interface with an image capture area. Figure 15 illustrates an exemplary mobile device screen showing a numerical and graphical code entry interface with an image capture area. Figure 16 shows a biometric identification system using root identity information, according to an exemplary embodiment. Figure 17 shows a method for authenticating using a root identification system, according to an exemplary embodiment. Figure 18 shows a method for remotely establishing a biometric identity, according to an exemplary embodiment. Figure 19 shows a biometric authentication system using a blockchain, according to an exemplary embodiment. Figure 20 is a schematic of a computing or mobile device such as one of the devices described above, according to an exemplary embodiment. Figure 21 illustrates a block diagram of an exemplary system and the usage environment. Figure 22 illustrates a flow chart providing an exemplary method of operation. Figure 23 illustrates an exemplary photo identification card. - 13 Figure 24 illustrates an authentication method that uses biometric identification and a photo identification card. Figure 25 shows examples of validation of a photo identification card, according to an exemplary embodiment. Figure 26 shows an example of validation of a photo identification card, according to an exemplary embodiment. Figure 27 is an operational flow chart of an exemplary method for creating the digital ID. Figure 28 illustrates an exemplary display screen for the software used to capture the first image. Figure 29 illustrates an exemplary ID. Figure 30 illustrates an exemplary display screen for photo ID type selection. Figure 31 illustrates an exemplary photo ID image capture display screen. Figure 32 illustrates an exemplary photo ID image acceptance screen. Figure 33 is an operational flowchart of an exemplary method for a third party to verify the digital ID on the verification server. Figure 34 illustrates a loading screen of the exemplary digital ID presented by the verification server to a third party. Figure 35 illustrates an exemplary notification screen that may be provided to a third party. Detailed Description of the Representative Modalities of the Invention A system and method for providing secure and convenient facial recognition authentication will now be described. The system and method can be achieved without the need for expensive readers or additional biometric systems while offering improved security over conventional facial recognition systems. Facial Recognition Authentication Environment Figure 1 illustrates an exemplary usage environment of the facial recognition authentication system described herein. This is only one possible environment of use and system. It is contemplated that, after reading the specification - 14 provided below in relation to the Figures, a person skilled in the art can arrive at different usage environments and configurations. In this environment, a user 108 may have a mobile device 112 that can be used to access one or more of the user accounts through authentication systems. A user 108 may have a mobile device 112 that may capture an image of the user 108, such as an image of the user's face. The user may use a camera 114 on or connected to the mobile device 112 to capture an image or multiple images or video of himself or herself. The mobile device 112 may comprise any type of mobile device capable of capturing an image, whether still or video, and performing image processing or communication over a network. In this embodiment, the user 108 can carry and hold the mobile device 112 to capture the image. The user may also use or hold any number of other devices. For example, the user may wear a watch 130 containing one or more cameras 134 or biosensors disposed on the watch. Camera 134 can be configured to create an image of visible light as well as infrared light. Camera 134 may additionally or alternatively employ image intensification, active illumination, or thermal vision to obtain images in dark environments. When pointed at a user 108, the camera 134 may capture an image of the user's face. The camera 134 may be part of a module that may include communication capability that communicates with a mobile device 112, such as via Bluetooth®, NFC or other format, or communication directly with a network 116 through a wired or wireless link 154. The watch 130 may include a display on its front to allow the user to view information. If the camera module 134 communicates with the mobile device 112, the mobile device 134 can transmit communications to the network 116. The mobile device 134 can be configured with more than one front camera 114 to provide a 3D or stereoscopic view, or to obtain images in different spectral ranges, such as near-infrared and visible light. The mobile device 112 is configured to communicate wirelessly over a network 116 with a remote server 120. The server 120 may communicate with one or more databases 124. The network 116 may be any type of network capable of communicating to and from the mobile device, including, but - 15 without limitation, a LAN, WAN, PAN or Internet. The mobile device 112 may communicate with the network through a wired or wireless connection, such as through Ethernet, Wi-Fi, NFC, and the like. The server 120 may include any type of computing device capable of communicating with the mobile device 112. The server 120 and the mobile device 112 are configured with a processor and memory and are configured to execute machine-readable code or machine instructions stored on the memory. The database 124, stored on the mobile device or remote location as shown, may contain facial biometric information and authentication information of the users 108 to identify the users 108 to allow access to the associated user data based on one or more images or biometric information received from the mobile device 112 or watch 134. The data may be, for example, information related to a user account or instructions to allow access to a separate account information server 120B. The term biometric data may include, among other information, biometric information about facial characteristics and route parameters. Examples of path parameters may include the acceleration and speed of the mobile device, the angle of the mobile device during image capture, the distance of the mobile device from the user, the direction of the trajectory relative to the position of the user's face in relation to the user, or any other type of parameter associated with the movement of the mobile device or the user's face in relation to a camera. Other data may also be included, such as GPS data, device identification information, and the like. In this embodiment, the server 120 processes identification requests from the mobile device 112 or the user 108. In one configuration, the image captured by the mobile device 112, using facial detection, comprises one or more images of the face of the user 108 during the movement of the mobile device relative to the user's face, such as in a side-to-side or horizontal arc or line, vertical arc or line, forward and backward from the user's face, or in any other direction of movement. In another configuration, the mobile device 112 calculates the biometric information from the obtained images and sends the biometric information to the server 120. In yet another embodiment, the mobile device 112 compares the biometric information with the biometric information stored in the mobile device 112 and sends a result - 16 authentication comparison with 120 server. Data including the image(s), biometric information, or both, is sent over network 116 to server 120. Using image processing and image recognition algorithms, server 120 processes the biometric information. of the person, such as facial data, and compares the biometric information with the biometric data stored in the database 124 to determine the probability of a match. In other embodiments, image processing and comparison are performed on the mobile device 112, and data sent to the server indicates the result of the comparison. In additional embodiments, image processing and comparison are performed on the mobile device 112 without accessing the server, for example, to gain access to the same mobile device 112. By using facial recognition processing, an accurate identity match can be established. Based on this and, optionally, one or more factors, access may be granted or denied to an unauthorized user. Facial recognition processing is known in the art (or is an established process) and, as a result, is not described in detail herein. Also shown are a second server 12 0B with an associated second database 124B and a third server 120C with an associated third database 124C. The second and third databases may be provided to contain additional information that is not available in server 120 and database 124. For example, one of the additional servers can only be accessed based on user authentication. 108 performed by server 120. Executing on the mobile device 112 is one or more software applications. This software is defined herein as an identification application (ID App). The ID App can be configured with either facial detection or facial recognition, or both, and one or more software modules that monitor route parameters and / or biometric data. Face detection as used herein refers to a process that detects a face in an image. Facial recognition as used herein refers to a process that can analyze a face using an algorithm, represent its facial features and convert them into biometric data, such as numerical data. Biometric data can be compared with data derived from one or more images - 17different people looking for similarities or differences. If a high percentage of similarity is found in the biometric data, the individual shown in the images can be considered a match. With the ultimate goal of matching a user's face to an identity or image stored in a database 124, to authenticate the user, the ID App may first process the image captured by the camera 114, 134 to identify and locate the user. face found in the image. As shown in Figure 1, there may be a face 108. Authentication may be used to log into an online account or for many other access control functions. The portion of the photo containing the detected face can then be cropped, sliced, and stored for processing by one or more facial recognition algorithms. By first detecting the face in the image and cropping out only that part of the face, the face recognition algorithm does not need to process the entire image. Additionally, in embodiments where facial recognition processing occurs remotely from the mobile device 112, such as on a server 120, much less image data is required to be sent over the network to the remote location. It is contemplated that the entire image, a cropped face, or just the biometric data may be sent to the remote server 120 for processing. Face detection software can detect a face from a variety of angles. However, facial recognition algorithms are more accurate in straight-line images in well-lit situations. In one embodiment, the highest quality face image for facial recognition that is captured is processed first, then face images that are of lower quality or at different angles other than directly toward the face are processed. Processing may occur on the mobile device or on a remote server that has access to large databases of image data or facial identification data. It is preferred that facial detection occurs on the mobile device and is performed by mobile device software, such as App ID. This reduces the number or size of images (data) that are sent to the server for processing where no faces are found and minimizes the total amount of data that must be sent over the network. This reduces bandwidth needs and network speed requirements are reduced. - 18 In another preferred embodiment, facial detection, facial recognition and biometric comparison all occur on the mobile device. However, it is contemplated that facial recognition processing may occur on the mobile device, the remote server, or both. Figure 2 illustrates an exemplary embodiment of a mobile device. This is just one possible mobile device configuration and, as such, it is contemplated that one skilled in the art could configure the mobile device differently. The mobile device 200 may comprise any type of mobile communication device capable of functioning as described below. The mobile device may comprise a PDA, a cell phone, a smartphone, a tablet PC, a wireless electronic tablet, an IoT device, a portable electronic device or any other computing device. In this exemplary embodiment, the mobile device 200 is configured with an outer casing 204 configured to protect and contain the components described below. Within the housing 204 there is a processor 208 and a first and a second bus 212A, 212B (collectively 212). The processor 208 communicates via buses 212 with the other components of the mobile device 200. The processor 208 may comprise any type of processor or controller capable of functioning as described herein. The processor 208 may comprise a general purpose processor, ASIC, ARM, DSP, controller, or any other type of processing device. The processor 208 and other elements of the mobile device 200 are powered by a battery 220 or other power source. An electrical interface 224 provides one or more electrical ports for electrically interacting with the mobile device, such as with a second electronic device, computer, medical device, or power supply / charging device. The interface 224 may comprise any type of electrical interface or connector format. One or more memories 210 are part of the mobile device 200 for storing machine-readable code for execution on the processor 208 and for storing data, such as image data, audio data, user data, medical data, location data, accelerometer data, or any other type of data. The memory 210 may comprise RAM, ROM, flash memory, optical memory or micro-drive memory. The machine readable code as described herein is not transient. - 19 As part of this embodiment, the processor 208 is connected to a user interface 216. The user interface 216 may comprise any system or device configured to accept user input to control the mobile device. The user interface 216 may comprise one or more of the following: keyboard, roller ball, buttons, wheels, pointer key, touch panel, and touch screen. A touch screen controller 230 is also provided that interacts via bus 212 and connects to a display 228. The display comprises any type of display screen configured to display visual information to the user. The display may comprise an LED, LCD, thin film transistor display, OEL CSTN (Color Super-Twisted Nematic), TFT (Thin Film Transistor), TFD (Thin Film Diode), OLED (Organic Light Emitting Diode) , AMOLED (Active Matrix Organic Light Emitting Diodes) display, capacitive touchscreen, resistive touchscreen or any combination of these technologies. Display 228 receives signals from processor 208 and these signals are translated by the display into text and images as is understood in the art. The display 228 may further comprise a display processor (not shown) or a controller that interacts with the processor 208. The touch screen controller 230 may comprise a module configured to receive signals from a touch screen that overlays the display 228. Also part of this exemplary mobile device is a speaker 234 and a microphone 238. The speaker 234 and the microphone 238 can be controlled by the processor 208. The microphone 238 is configured to receive and convert audio signals into electrical signals based on the control of the processor 208. Additionally, processor 208 may drive speaker 234 to generate audio signals. These devices operate as understood in the art and, as such, are not described in detail herein. Also connected to one or more of the buses 212 is a first wireless transceiver 240 and a second wireless transceiver 244, each of which connects to respective antennas 248, 252. The first and second transceivers 240, 244 are configured to receive signals inputs from a remote transmitter and perform analog front-end processing on the signals to generate analog baseband signals. The incoming signal may be further processed by conversion to a digital format, such as by an analog-to-digital converter, for further processing by processor 208. Likewise, -20The first and second transceiver 240, 244 are configured to receive outgoing signals from the processor 208, or other component of the mobile device 208, and convert these baseband signals to RF frequency for transmission through the respective antenna 248, 252 Although shown with a first wireless transceiver 240 and a second wireless transceiver 244, it is contemplated that the mobile device 200 may have only one such system or two or more transceivers. For example, some devices have tri-band or quad-band capability, or have Bluetooth®, NFC, or other communication capabilities. It is contemplated that the mobile device and therefore the first wireless transceiver 240 and a second wireless transceiver 244 may be configured to operate in accordance with any wireless standard currently existing or developed in the future including, but not limited to, Bluetooth. , WI-FI such as IEEE 802.11 a,b,g,n, wireless LAN, WMAN, fixed broadband access, WiMAX, any cellular technology including CDMA, GSM, EDGE, 3G, 4G, 5G, TDMA, AMPS, FRS, GMRS, Citizen band radio, VHF, AM, FM and wireless USB. Also part of the mobile device are one or more systems connected to the second bus 212B that also interact with the processor 208. These devices include a global positioning system (GPS) module 260 with an associated antenna 262. The GPS module 260 can receive and processing signals from satellites or other transponders to generate location data regarding the location, direction of travel and speed of the GPS module 260. GPS is generally understood in the art and therefore is not described in detail in the present. A gyroscope 264 connects to bus 212B to generate and provide orientation data with respect to the orientation of mobile device 204. A magnetometer 268 is provided to provide directional information to mobile device 204. An accelerometer 272 connects to bus 212B to provide information or data about shocks or forces experienced by the mobile device. In one configuration, the accelerometer 272 and gyroscope 264 generate and provide data to the processor 208 to indicate a movement and orientation trajectory of the mobile device. One or more cameras (photographic, video, or both) 276 are provided to capture image data for storage in memory 210 and / or for possible transmission over a wireless or wired link or for later display. The one or more cameras 276 may be configured to detect an image using visible light and / or near infrared light. The cameras - 21 276 can also be configured to use image intensification, active illumination or thermal vision for imaging in dark environments. The processor 208 may process image data to perform image recognition, such as face detection, item detection, facial recognition, item recognition, or barcode / box reading. A flasher and / or flashing light 280, such as an LED light, is provided and is controllable by the processor. The flasher 280 may serve as a strobe or traditional flasher. The flasher 280 may also be configured to emit near-infrared light. A power management module 284 interacts with or monitors the battery 220 to manage power consumption, control battery charging, and provide supply voltages to various devices that may require different power requirements. Figure 3 illustrates exemplary software modules that are part of the mobile device and the server. Other software modules may be provided to provide the functionality described below. It is anticipated that for the functionality described herein there will be comparison software (non-transitory machine readable code, instructions or machine executable code) configured to execute the functionality. The software would be stored in memory and executable by a processor. In this confirmation example, the mobile device 304 includes a receiving module 320 and a transmitting module 322. These software modules are configured to receive and transmit data to remote devices, such as cameras, glasses, servers, cell towers or system WIFI, such as a router or access points. Also part of the mobile device 304 is a location detection module 324 configured to determine the location of the mobile device, such as with triangulation or GPS. An account settings module 326 is provided to establish, store and allow a user to adjust account settings. A login module 328 is also provided to allow a user to log in, such as with password protection, to the mobile device 304. A facial detection module 308 is provided to execute facial detection algorithms while a facial recognition 321 includes software code that recognizes the face or features M A / IZ / ¿U¿¿ / U¿403ü - 22 facial features of a user, such as to create numerical values ​​that represent one or more facial features (facial biometric information) that are unique to the user. An information display module 314 controls the display of information to the user of the mobile device. The display can occur on the screen of the mobile device or watch. A user input / output module 316 is configured to accept data and display data to the user. A local interface 318 is configured to interact with other local devices, such as using Bluetooth® or other shorter range communication, or wired links using connectors for connected cameras, batteries, data storage elements. All software (with associated hardware) displayed on mobile device 304 functions to provide the functionality described herein. Also shown in Figure 3 is the server software module 350. These modules are located remotely from the mobile device, but can be located on any server or remote processing element. As understood in the art, networks and network data use a distributed processing approach with multiple servers and databases working together to provide a unified server. As a result, it is contemplated that the module shown in server block 350 may not be located on the same server or at the same physical location. As shown in Figure 3, the server 350 includes a receiving module 352 and a transmitting module 354. These software modules are configured to receive and transmit data to remote devices, such as cameras, watches, glasses, servers, towers. cell phones, or WIFI systems, such as routers or access points. An information display module 356 controls the display of information on the server 350. A user input / output module 358 controls a user interface in connection with the local interface module 360. Also located on the server side of the system There is a facial recognition module 366 that is configured to process the image data from the mobile device. The facial recognition module 366 may process the image data to generate facial data (biometric information) and perform a comparison function relative to other facial data to determine a facial match as part of an identification determination. A database interface 368 allows communication with one or more databases that contain information used by the server modules. -23A location detection module 370 may use the location data of the mobile device 304 for processing and increasing accuracy. Additionally, an account configuration module 372 controls user accounts and can interact with the account configuration module 326 of the mobile device 304. A secondary server interface 374 is provided to interact and communicate with one or more servers. One or more databases or database interfaces are provided to facilitate communication and database searching. In this exemplary embodiment, the system includes an image database containing images or image data for one or more persons. This database interface 362 may be used to access image data users as part of the identity matching process. Also part of this embodiment is a personal data database interface 376 and a privacy settings data module 364. These two modules 376, 364 function to set privacy settings for individuals and access a database. which may contain privacy settings. Authentication System An authentication system with route parameters operating in the environment and system described above will now be described as shown in Figure 4. Figure 4 shows a method for performing facial recognition authentication with route parameters according to with a modality of the invention. As will be described in more detail below, the system uses the characteristics of the mobile device 112 and the server 120 defined above to generate a secure and convenient login system as an example of an authentication system. This reduces the burden of the user having to type complex passwords on a small screen of a mobile device, prevents fraud through means such as key logging or screenshots, and increases security by combining various path parameters and / or device parameters that must be met before the user is authenticated. In step 410, the system enrolls a user in the facial recognition authentication system. In one embodiment, an authentication server, such as server 120 (Figure 1), may be configured to authenticate a user to allow access to a user's account, such as - 24 such as a bank account or other account, through the mobile device 112. The authentication server 120 may be included as part of a server of the institution or entity that provides the user accounts (hereinafter, account server), or the authentication server may be provided separately. For example, in the environment shown in Figure 1, servers 120B and 120C may represent account servers. In other embodiments, the account server and the authentication server are the same. In one embodiment, the authentication server 120 may provide an authentication application to the user for installation on the mobile device 112. An enrollment process according to one embodiment will be described with reference to Figure 5. In this embodiment, a user through a mobile device 112 establishes a connection between the mobile device 112 and the account server 120B in step 510. As just one example, the user may establish a connection to a server at a financial institution such as a bank, or this connection may occur later in the process after authentication. The user then provides typical login information to authenticate the user, such as a username and password for a financial account at step 512. At step 514, the user may receive a prompt on the mobile device 112. to enroll in the facial recognition authentication system. The user then, through the user interface, indicates that they would like to configure the authentication system in response to the request. Next, at step 516, the mobile device 112 may send device information to the authentication server 120. The device information may include, among other information, a device identifier that uniquely identifies the user's mobile device. Such information may include the device manufacturer, model number, serial number, and mobile network information. At step 518, when the authentication server 120 is incorporated with the account server 120B, the authentication server 120 associates and stores the device information with the user account information. When the authentication server 120 is separate from the account server 120B, the account server 120B may generate a unique identifier related to the account information and send the unique identifier to the authentication server 120. The authentication server 120 may associate device information and identifier -25unique from each other and can store the information in a database 124. The user is then requested to provide a plurality of images of his or her face using a camera 114 on the mobile device 112 (hereinafter referred to as enrollment images) in step 510. The enrollment images of the user's face are taken according to The user holds the mobile device and moves the mobile device to different positions relative to his or her head and face. Therefore, inscription images of the user's face are taken from many different angles or positions. Additionally, the path parameters of the mobile device are monitored and recorded for future comparisons at step 522. Some non-limiting examples of how a user can hold a mobile device and take a plurality of images of its mobile device are shown in Figures 6A-7B. face. In Figures 6A and 6B, the user holds the mobile device 112 on one side of his face, and moves the mobile device 112 in an arc-like path horizontally around his face until the mobile device 112 is on the other. side of his face. In Figures 7A and 7B, the user holds the mobile device 112 away from his face and then brings the mobile device 112 closer to his face. Of course, any number of other trajectories can be used in addition to those shown in Figures 6A-7B. Additionally, the user can move their head while keeping the camera stationary. The user can also hold the camera steady and move their head in relation to the camera. Therefore, this method can be implemented with a webcam on a laptop or desktop computer, or on any other device, such as a loT device where a camera is installed at a location or similar stationary object. Inscription images can be obtained as follows. The user holds and orients a mobile device 112 with a camera 114 so that the camera 114 is positioned to capture the image of the user's face. For example, the user can use a front camera 114 on a mobile device 112 with a display screen and can confirm on the display screen that her face is in position to capture the image by the camera 114. Once the user has oriented the device, the device can begin to obtain the user's enrollment images. In one embodiment, the user can press a button on the device 112 such as on a touch screen or another button on the device to initiate obtaining the images of M A / t / ZUZZ / UÓ+OUO -26registration. The user then moves the mobile device to different positions relative to his or her head as the device takes images of the user's face from a plurality of angles or positions, as described above. When using the front camera mentioned above, the user can continuously confirm that his or her face is being photographed by viewing the image on the display screen. The user can press the button again to indicate that image capture is complete. Alternatively, the user can press and hold the button during imaging and then release the button to indicate that imaging is complete. As described above, mobile device 112 may include face detection. In this embodiment at step 524, the mobile device can detect the user's face in each of the enrollment images, crop the images to include only the user's face and send, over a network, the images to the registration server. authentication 120. At step 526, upon receiving the enrollment images, the authentication server 120 performs facial recognition of the images to determine biometric information (enrollment biometrics) for the user. The authentication server 120 may then associate the enrollment biometrics with the device information and the unique identifier (or account information) and store the biometric information in the database 124 at step 528. For added security, in the Step 530, the mobile device 112 and the authentication server 120 may be configured to delete the enrollment images after the user's enrollment biometric data is obtained. In another embodiment, the mobile device 112 may send the images to the authentication server 120 without performing face detection. The authentication server 120 may then perform face detection, facial recognition, and biometric information processing. In another embodiment, the mobile device 112 may be configured to perform facial detection, facial recognition, and biometric processing, and then send the results or data resulting from the processing to the authentication server 120 to associate with the unique identifier or account. user. This prevents sensitive personal data (images) from leaving the user's device. In yet another embodiment, the mobile device 112 can perform each of the aforementioned steps, and the mobile device 112 - 27 can store the enrollment information without sending any of the enrollment images or biometric data to the server. In one embodiment, the gyroscope, magnetometer, and accelerometer of the mobile device are configured to generate and store data while the user moves the mobile device overhead to obtain enrollment images (route parameters). The mobile device may process this data at step 532 to determine a trajectory or arc where the mobile device moved while the user took images of the user's face (enrollment motion). Using data from the accelerometer, magnetometer and gyroscope, the system can verify when a user is ready to start scanning, as well as determine the scanning path. Therefore, the data is used to determine when to start and stop the scan interval. The data may also include the time elapsed during the scan. This time can be measured from when the user presses the button to start and stop imaging, or can be measured from the duration the button is held during imaging, or during further movement or to complete the scan. The enrollment motion of the mobile device 112 (which is data that defined the motion of the mobile device during image capture) may be sent to the authentication server 120. The authentication server 120 associates and stores the enrollment motion, enrollment biometrics. , device information and unique identifier or account information. Alternatively, data generated by the gyroscope, magnetometer, and accelerometer may be sent to server 120, and server 120 may process the data to determine enrollment motion. Therefore, in the embodiment described above, the enrollment information may thus comprise device information, enrollment biometrics, and enrollment movement (based on the movement of the mobile device 112). Returning to Figure 4, once registration is completed, the authentication server 120 may later receive the credentials of a user attempting to authenticate with the system as shown in step 420. For example, a user may attempt to login session in a user account. When a user attempts to log in, instead of or in addition to providing typical account credentials, such as username and password, -28the user can retake a plurality of images or videos of his or her face while the mobile device 112 is held in the hand and moved to different positions relative to the head (authentication images) in the same way as was done during registration (as shown in Figures 6A-7B). In this way, the user can provide the necessary images (the term images includes video since video is a succession of images) from many different angles and / or positions, and can provide path parameters of the device while obtaining the images (motion authentication) to confirm both the identity of the user and the life and reality of that person to ensure that it is not a video, screenshot or other representation of the person. In an embodiment described in Figure 8, the user through the mobile device 112 obtains several authentication images in step 810 while moving the mobile device 112 to different positions with respect to the user's head. Using facial detection in step 812, the mobile device 112 detects the user's face in each of the authentication images, crops the images and sends the images to the authentication server 120. In another embodiment, the mobile device 112 sends the images to server 124, and server 124 performs facial detection. At step 814, the authentication routing 120 may perform facial recognition on the authentication images to obtain biometric information (authentication biometrics). In another embodiment, the mobile device 112 performs facial recognition to obtain the biometric authentication data and sends the biometric authentication data to the server 120. In step 816, the mobile device 112 sends the device information that identifies the device and sends route parameters such as gyroscope, magnetometer and accelerometer information that defines the trajectory of the mobile device taken during image capture, as well as the time elapsed during image capture (authentication movement) to server 120. The credentials received by the authentication server 120 for a login to the facial recognition system may thus comprise device information, authentication images or data biometric authentication, and movement authentication (path parameters). Returning to Figure 4, at step 430, the authentication server 120 -29verifies that the credentials received from mobile device 112 sufficiently correspond to the information obtained during registration. For example, as shown in step 910 of Figure 9, by using algorithms to process the features of the face and the light incident on the face between the different images, the authentication server 120 can determine that the face in authentication images are three-dimensional, i.e., not a representation on a printed image or video screen. When the mobile device 120 sends only the biometric authentication data 120 to the server, the server 120 can validate the reality or three-dimensional aspects of the captured user by comparing the biometric results of the different images. At step 920, the authentication server 120 may compare the login credentials with the stored registration process information. At step 920, server 120 compares the device identification obtained during the login process with that stored during registration. At step 930, the authentication biometric data may be compared to the enrollment biometric data to determine whether it sufficiently corresponds to the enrollment biometric data. At step 940, the authentication move can be compared with the enrollment move to determine whether it sufficiently corresponds to the enrollment move. In some embodiments, a copy of the enrollment information may be stored on the mobile device 112, and the mobile device 112 may verify that the credentials received on the mobile device 112 sufficiently correspond to the enrollment information. This would allow a user to protect documents, files or applications on the same mobile device 112, in addition to protecting a user's account hosted on a remote device, such as authentication server 120, even when a connection can be established to the authentication server 120. authentication 120 temporarily unavailable, such as when a user does not have access to the Internet. Additionally, this would allow the user to secure access to the same mobile device 112. Or the registration information may be stored on the server. Accordingly, at step 950, if the authentication server 120 or the mobile device 112 determines that the registration information sufficiently corresponds to the received credentials, then the server or mobile device can verify that the identification of the user attempting to log in -30 corresponds to the account holder. This avoids the complicated process of the user having to manually type a complex password using the small screen of the mobile device. Many passwords now require uppercase letters, plain letters, lowercase letters, and numbers. The level of matching required to determine that the enrollment information sufficiently matches the authentication information in the login attempt can be set in advance. For example, the match level may be a 99.9% match rate between the enrollment biometric and the authentication biometric data and a 90% match rate between the enrollment motion and the authentication motion. The required match level can be static or flexible based on established thresholds. For example, the required level of matching may be based on the GPS information of the mobile device 112. In one embodiment, the authentication server 120 may require a match rate of 99.9% as a match level when the GPS information of the mobile device is corresponds to the location of the user's home or other authorized locations. Conversely, if the GPS information shows that the device is located in a foreign country far from the user's home, the authentication server may require a 99.99% match rate as a match level or may be denied entirely. Therefore, the required match between previously stored authentication data (enrollment information) and currently received authentication data (authentication information) is flexible in the sense that the required percentage of match between the route parameters or the Images may change depending on several factors, such as time of day, location, frequency of login attempts, date or any other factor. The required level of correspondence may also depend on time. For example, if a second authentication attempt is made shortly after a first authentication attempt at a location remote from the first authentication location based on the GPS information of the mobile device 112, the matching threshold level may be set higher. high. For example, a user cannot travel from Seattle to New York in 1 hour. Similarly, login attempts between midnight and three in the morning may be a sign of fraud for some users based on user usage patterns. -31 users. The level of match between the enrollment information and the authentication information may be the result of combining the various parameters of the enrollment information and the authentication information. For example, when the button timeout in the authentication information is within 5% of the button timeout in the enrollment information, the button timeout match may constitute 20% of the total match. . Similarly, when the motion path path of the authentication information is within 10% of the enrollment information, the motion path path may constitute 20% of the total match. Other parameter match rates such as face size and facial recognition matching on authentication information compared to enrollment information may constitute the remaining 10% and 50% of the total match level. In this way, the total complete level of matching can be adjusted (for example, the total of all parameters being more than 75%), or the matching rate of individual parameters can be adjusted. For example, on a second login attempt, the threshold match rate for one parameter may be increased, or the full match level for all parameters may be increased. Threshold match rates can also be adjusted based on the account being authenticated or other different desired security levels. Returning to Figure 4, at step 440, the authentication server 120 may grant or deny access based on the verification at step 430. For example, if the authentication server 120 verifies that the credentials match the information of registration, then the server 120 can authenticate the user to allow access to the user's account. In the case where the authentication server 120 is separated from the account server 120B (such as a bank server), the authentication server 120 may transmit the unique identifier to the account server along with an indication that the identity of the user associated with the unique identifier has been verified. The account server 120B may then authorize the user's mobile device 112 to transmit and receive data from the account server 120B. Of course, all of this can occur only on the account server 120B or on the mobile device 112 itself. M A / IZ / ¿U¿¿ / U¿403ü -32Alternatively, if the credentials provided by the user are not verified, the authentication server may transmit a message to be displayed on the screen of the mobile device 112 indicating that the login attempt failed. The authentication server 120 may then allow the user to attempt to log in again through the facial recognition login system, or the authentication server 120 may require the user to enter typical account credentials, such as a login name. username and password. In one embodiment, server 120 may allow three consecutive failed login attempts before prompting for a username and password. If one of the attempts reaches the required match level, then the user can be verified and access granted. According to one embodiment, the authentication server 120 may retain the information from each successive authentication attempt and combine the data from the multiple authentication attempts to achieve more accurate facial biometric information of the person attempting to authenticate. Additionally, the match level may increase with each successive authentication attempt. Additionally, by averaging the trajectory data (authentication movement) and / or image data (authentication images / biometrics) from multiple login attempts, the login data (enrollment information) is refined and improved. Accordingly, the authentication system described above allows authentication to a remote server 120 or to the mobile device 112 itself. This can be achieved as described above by the mobile device 112 capturing the authentication credentials, and the authentication server 120 processing and analyzing credentials against enrollment information (cloud processing and analysis); capturing the mobile device 112 authentication credentials and processing the credentials, and analyzing the authentication server 120 the credentials against the enrollment information (mobile device processing, cloud analysis); or by capturing the mobile device 112 authentication credentials, and processing and analyzing the credentials against the enrollment information (mobile device processing and analysis). -33Advantages and Characteristics of the Modalities The system described above provides several advantages. As a bonus, the facial recognition authentication system provides secure login. For example, if during a login attempt, the mobile device's camera captures a digital display showing a person turning their head while the phone is not moving, the accelerometer, magnetometer, and gyroscope data will not detect any movement. . Therefore, the enrollment motion and the authentication motion will not correspond and the login attempt will be denied. Additionally, because a plurality of images such as registration images and authentication images are used, histograms or other photo manipulation techniques can be used to determine whether a digital screen is present instead of a human face in the images. For example, the system can check for changes in light frequency in captured images, or for banding in an image that would indicate that an electronic display generated the image, backlighting, suspicious changes in lighting, or perform other analyzes on images by comparing them. to determine that the actual live user is actually alive, present, and requesting authorization to log in. As a further advantage, as explained above, not only must the enrollment biometrics sufficiently match the authentication biometrics, but also the enrollment motion must match the authentication motion, and the device information must match the enrollment device information. For example, an application can be downloaded to a mobile device that has a digital camera. The application may be a login application or may be an application from a financial institution or other entity with which the user has an account. The user can then log in to the application using typical login credentials, such as the website username and password. Additionally, the user can have a device code when logging in on another device or can use the camera to scan the QR code or other similar code to pair the device with their user account. The user then holds the mobile device to move the mobile phone to different positions relative to their head while holding their face. -34visible to the camera while moving. As the mobile device moves, the camera takes enrollment images of the face. During image capture, the speed and angle of movement of the current user's mobile device are measured by the accelerometer, magnetometer and gyroscope to generate the inscription movement. Continuous imaging and face detection throughout the process have been shown to prevent fraud. This is because a fraud attempt cannot be made by rotating images in and out of the front of the camera. For example, a user can initiate movement from right to left or left to right as shown in Figures 6A and 6B. The movement may also be in a front and rear direction as shown in Figures 7A and 7B. Any other movement can be used, such as starting in the center, then going to the right, and then returning to the center. Vertical and diagonal movements can also be used to further complicate the complexity of the inscription movement. When the user later attempts to log in, the user must repeat the motion pattern in the authentication motion to match the enrollment motion in addition to matching biometric data and device information. Therefore, the security of the system is greatly improved. Therefore, the system provides enhanced security to authenticate a user who has a mobile device. As explained above, the system may use at least one or more of the following in any number of combinations to securely authenticate the user: physical device verification, mobile network verification, facial recognition including device size face in the image, a face detected in each frame during motion, accelerometer information, gyroscope information, magnetometer information, pixels per square inch, color bits per pixel, image type, code or pattern entered by the user and GPS information. As another advantage, the facial recognition login system provides a convenient way for a user to log into an account with a mobile device. For example, once enrolled, a user does not need to enter a username and password on the small mobile device each time they want to access the account. Instead, the user simply needs to create an image of themselves while imitating the enrollment movement. -35with the mobile device. This is especially advantageous with smaller mobile devices, such as cell phones, smart watches and the like. The system can further be configured to allow a user to securely log in to multiple devices, or to allow users to securely share devices. In one embodiment, the enrollment information may be stored on an authentication server (or in the cloud) and is therefore not associated only with the user's original device. This allows the user to use any number of suitable devices to authenticate with the authentication server. This way, a user can use a friend's phone (third-party device) or other device to access their information, such as account information, address book information, email or other messages, etc. performing the authentication operation on any device. For example, the user may provide an email address, username code, or similar identifier on a friend's phone in such a way that the authentication server compares the login information with the user's registration information. the user's account. This would tell the authentication server which authentication profile to use, but by itself it does not allow access to the user's data, accounts, or tasks. Signing out of a friend's phone cancels access to user information on the friend's phone. Provides the benefit of allowing a user to securely access account or other information or tasks accessible for authentication using any device without having to type the user's password on the third-party device, where it could be logged or copied. In a sense, the username is the password. Through cloud-based enrollment information, a single user can also securely transfer data between authenticated devices. In one embodiment, a user may possess a first device, such as a mobile phone, and authenticate to the first device through the authentication system. The user can then purchase a new device, such as a new phone, tablet, or other device. Using the cloud-based authentication system, the user can authenticate on the new device and transfer data from the first device to the new device. Data transfer can be completed over the Internet, a network connection -36local, a Bluetooth connection, a wired connection or a near field communication. The authentication process can also be part of a security check to resend or restore a system after the phone is lost or stolen. Thus, the authentication system can be used to activate or authenticate a new device, with authentication being used to verify the user of the new device. Similarly, the system can facilitate secure access to a single shared device by multiple people to control content or other functions on the device. In many cases, passwords can be viewed, copied, guessed, or otherwise detected, especially when multiple users share a device. Users may be, for example, family members, including parents and children, coworkers, or other relationships, such as students. The authentication system may allow each family member to log in based on their own unique registration information associated with a user account. The device may restrict access to certain content or features for one or more of certain users' accounts, such as children's user accounts, while allowing access to content and features for others, such as parental accounts. . When using the authentication system for the shared device, users, such as children, cannot use a password to attempt to access restricted content because the authentication system requires the presence of parents for authentication, as shown. explained in the above. Therefore, device sharing between users with different privileges is further secured and improved. Likewise, in a classroom, a single device can be securely shared among multiple people for testing, research, and report cards. Adaptations and Modifications Numerous modifications can be made to the above system and method without departing from the scope of the invention. For example, images can be processed by a facial recognition algorithm on the device and can also be converted to biometric data on the device which is then compared to biometric data previously created for an authorized user. Alternatively, images from a device can be sent via a -37wired or wireless network where facial recognition algorithms running on a separate server can process the images, create biometric data, and compare that data to previously stored data that was assigned to that device. Multiple Profiles for a Single User Additionally, the photo enrollment process can be performed multiple times for a user to create multiple user profiles. For example, the user can register with profiles with and without glasses, with and without other wearable devices, in different lighting conditions, wearing hats, with different hairstyles, with or without jewelry on the face or ears, or making different faces. and unique, such as eyes closed, winks or tongue out to establish another level of uniqueness for each user profile. Such user-made faces would not be available on the user's social media pages and therefore would not be available to copy, manipulate and use during a fraud attempt. Each set of enrollment images, enrollment biometrics, or both can be saved along with a separate enrollment motion. In one embodiment, at least three images are captured as the mobile device completes the route. It is contemplated that any number of images can be captured. Linking Registration Information It is also contemplated that the registration process may be linked to an email address, telephone number or other identifier. For example, a user may register with an email address, complete one or more registrations as described above, and confirm registrations through the same email address. The email address can further improve system security. For example, if a user unsuccessfully attempts to log in through the authentication system a predetermined number of times, such as three times, then the authentication system locks the account and sends an email to the email address informing the user of failed login attempts. The email may also include one or more images of the person who was unable to log in and GPS or other data from the login attempt. The user can then confirm whether it is -38de a valid login attempt and reset the system, or you can report the login attempt as fraudulent. If a fraudulent login is reported or there are too many lockouts, the system may delete the account associated with the email address to protect user security. Therefore, future fraudulent attempts could not be possible. Response Meters To further facilitate image capture, the mobile device may include various response meters, such as a motion meter or a precision meter, as shown in Figure 10. In one embodiment, the mobile device 1012 may display a motion meter 1024 indicating the amount of movement of the mobile device 1012 that causes the user to move the mobile device 1012 to different positions with respect to their head. For example, the motion meter 1024 may be represented as a line sliding from one side of the screen. In this way, the enrollment process may require a certain threshold of device movement to register a user with the multi-dimensional authentication system. For example, the system may require the mobile device 1012 to move in an arc or in a straight line and be rotated at least 45 degrees to create the enrollment information. In another example, the system may require an acceleration experienced by the device that exceeds a threshold amount. The motion meter can also help the user learn to capture images of themselves using the authentication system. The mobile device 1012 may also display an accuracy meter 1026 or any other visual representation of authenticated frames to help the user authenticate using the authentication system and learn how to improve authentication. The precision meter 1026 may display to a user a match rate (graphical, alpha, or numerical) of a predetermined number of images obtained during the authentication process. The precision meter can be represented on the screen in various ways, including numerical percentages, color representation, graphs, and the like. A combination of representations can also be used. For example, as shown in Figure 10, the match rates for a predetermined number of images taken during authentication are -39represent on the precision meter. In the embodiment shown in Figure 10, each of the images can be represented by a column in a graph, and the precision can be displayed for each image in each column. For example, the column with a longer bar represents a higher precision and a column with a shorter bar represents a lower precision. In addition to image match rates, path parameter match rates can also be displayed. Over time the user can improve. In another embodiment, each of the images can be represented in a table as a color corresponding to the match rate. Dark green can represent a very high match rate, light green can represent a good match rate, yellow can represent a satisfactory match rate, red can represent a medium match rate, and gray can represent a good match rate. poor match. Other color schemes can also be used. The height of the bars or the colors used may correspond to predetermined match rates. For example, a full or dark green bar may be a match rate greater than 99.9%, a three-quarter or light green bar may be a match rate between 90% and 99.9%, half a bar or yellow may be a match rate between 90% and 99.9%. match rate of 50-90%, red can be a match rate of 20%-50%, and a single line to a quarter bar or gray can be a match rate of 0-20%. A pie chart, line graph, or any other type of representation or any other numerical or graphical display can also be used. An overall score or a score per image can be presented. The accuracy meter may also include a message 1028 indicating an overall match score. For example, the accuracy meter can indicate an average overall match score or the number of images that achieved a 99.9% match rate and display the message to a user. With the motion meter 1024 and the precision meter 1026 as described above, the user can quickly learn how to use the authentication system due to the response presented by the meters 1024, 1026. M A / IZ / ¿U¿¿ / U¿403ü Carnification and Rewards The motion and precision meters 1024, 1026 may also be configured to incorporate game features, aspects or techniques into the -40authentication system to encourage a user to try to get the best possible match (such as a high number score or a high frame rate), increasing the user's skill in using the authentication system. This also generates user adoption rates of the technology. For example, the user may compete with itself to imitate or improve previous authentication scores to encourage or train the user to achieve a high score. Additional modifications to the authentication meter may also be incorporated, such as the ability to share precision match results with others to demonstrate one's skill in using the system or to compete against others. In other cases, the user may receive a reward, such as a gift or coupon, for high accuracy scores. Although this may slightly increase costs, the reduction in fraud losses would far outweigh the additional cost. Other gamification techniques can be incorporated into the authentication system to encourage users to take actions that will prevent unauthorized or fraudulent authentication. In one embodiment, the authentication system may reward users who participate in fraud prevention activities. One such activity is to use the facial recognition authentication system described herein. For example, based on the accuracy meter described above, the system may reward a user who successfully authenticates with the system above a certain match rate. The system may award reward points, cash or other prizes based on successful authentication or a predetermined number of successful authentications. When using reward points, the points can be redeemed for predetermined rewards. Other game features may involve reward levels for users who earn a predetermined amount of experience using the authentication feature. For example, different reward levels can be based on users successfully authenticating 100, 500, 1000 times, etc. Because each case of fraud loss can be significant and can damage the good name of the company or organization, the benefits to fraud prevention are significant. In one embodiment, the user may be notified that he or she has achieved various levels of proficiency, such as a silver level upon achieving 100 authentications. - 41 successful authentications, a gold level for achieving 500 successful authentications or a platinum level for achieving 1000 successful authentications. The number of points awarded for each authentication above a given match rate may increase based on the user's experience level. Of course, the names of the levels and the number of authentications for each level, as described above, are only examples and can vary as desired. In one embodiment, an authentication only counts toward reward levels when commerce is transacted on the website, while in other embodiments, repeated attempts may be made, all of which count toward rewards. Another feature may incorporate a leaderboard where a user may be notified of a user rating that compares his or her skill or willingness to use the authentication system in comparison to other users. Successful use of the authentication system benefits companies and organizations that use the system by reducing the costs of fraudulent activities and the costs of preventing fraudulent activities. Those cost savings can be used to fund the in-game features of the authentication system described above. Other activities that correspond to the authentication system and contribute to the reduction of fraud can also be incorporated to allow a user to earn points or receive rewards. Such activities may include a user creating a sufficiently long and strong password that uses a certain number and combination of characters. This encourages and rewards users to set passwords that are not easily compromised. Other examples may include rewarding users for taking the time to complete verification steps in addition to an initial authentication, such as a mobile phone or email authentication check, answering one or more personal questions, or other secondary verifications as described above. currently known or will be developed later. This rewards users for putting in extra time and trouble to reduce the risk of fraud for a business or organization. As another example, if the authentication service is used to log in to websites or apps that offer affiliate programs, then the reward or giveaway may be subsidized by affiliate commissions on purchases made on those sites. For example, if a M A / t / ZUZZ / UÓ+OUO - 42 commerce website (products or services) uses the method and apparatus described herein to prevent fraud and therefore increase profits, then a percentage of each purchase made by a user using the service authentication will be provided to the authentication service. By reducing fraud, consumer purchases are more likely and additional users will be willing to enter financial and personal information. An affiliate link, referral code or source or identifier may be used to credit the authentication system by directing the consumer to the merchant website (products or services). Multiple Account Login It is also contemplated that the authentication system may be configured to allow a user to access several different websites using a single authentication. Because the authentication process and outcome are unique to the user, the user may first designate which participating websites he or she chooses to log into and then, after selecting which or more websites to log in to, the user performs the authentication described. at the moment. If secure authentication is successful, the user logs in to the selected websites. In this way, the authentication process is a universal access control for multiple different websites and prevents the user from having to remember multiple different usernames and passwords, while reducing fraud and password overload for each user. . Automatic Image Start / Stop It is also contemplated that the system can be configured to have the video camera running on the phone. The mobile device would take frames and route parameter data when the phone moves (using the camera, gyroscope, magnetometer and accelerometer), but would only process biometric data on the device or send the frames to the server if they have a face on them. they. In this mode, the application running on the mobile device could trigger the software application to start saving frames once the phone moves and then if the phone continues moving in the correct path (a semicircle, for example) and The system detects a face in the frame, the mobile device would begin to send images, a portion of the image or biometric data to the server for processing. When -43The system detects movement, it can activate image capture at certain intervals. The application can then process the frames to determine whether the images contain a face. If the images include a face, the application crops it and then checks whether the mobile device's motion path is similar to the one used during registration. If the motion path is similar enough, then the application can send the frames one at a time to the server for scanning or processing as described above. Banding and Edge Detection When a fraudulent attempt is made using a display screen, such as an LED, LCD, or other display, the system may detect the fraudulent login attempt based on the expected attributes of the display. In one embodiment, the authentication system will perform band checks produced by digital displays. When banding is detected, the system can recognize a fraudulent login attempt. In another embodiment, the system will perform digital display edge detection checks. As the mobile device moves to obtain the authentication motion during a login attempt, the system checks the captured images for edges of a screen to recognize a fraudulent login attempt. The system can also check for other image artifacts resulting from a display, such as reflection detection. Any algorithm now known or later developed can be used for banding and screen edge detection. Once fraud is detected, it will prevent authentication and access to the website or prevent the transaction or access to the account. Estimation of Other Attributes The authentication system can also perform an analysis of the registration images to estimate at least one of a gender, an approximate age, and an ethnicity. In an alternative embodiment, the user may manually enter one or more of her gender, approximate age, and ethnicity, or this information may be taken or obtained from existing records known to be accurate. The authentication system may then further store the user's estimated gender, age, and ethnicity as enrollment credentials or - 44 user data. Therefore, when the user subsequently attempts to authenticate with the system, the system will compare the derived gender, age and ethnicity obtained from the authentication images (using biometric analysis to determine such data or estimates thereof based on the processing ) with the stored gender, age, and ethnicity to determine whether to authenticate the user. For example, if the data derived from gender, age, and ethnicity matches the stored enrollment credentials, then the authentication is successful or this aspect of the authentication is successful. The authentication system can perform gender, age, and ethnicity estimates based on a single image during the authentication process or based on multiple images. For example, the authentication system may use an image of the plurality of images that has an optimal viewing angle of the user's face for analysis. In other embodiments, a different image may be used for each age, gender, and ethnicity analysis when different images reveal the best data for the analysis. Authentication can also estimate gender, age, and ethnicity across a plurality of images and average the results to obtain overall scores for gender, age, and ethnicity. As an alternative to obtaining gender, age, and ethnicity as enrollment information, estimated gender, age, and ethnicity estimates as authentication credentials may be established in the course of repeated use of the authentication system. For example, if in previous successful authentications that used biometric and motion information, the authentication system always estimates a user's age to be between 40 and 50 years old, then authentication can establish credentials for that user that requires login information. session to include images of a face estimated to be between 40 and 50. Alternatively, estimates of gender, age, and ethnicity can be implemented as one of many factors contributing to an overall authentication score to determine whether to authenticate or not to the user. For example, if the authentication process has a gender estimate of + or - 0.2 out of 1.9 male classification, then if the actual results are not within that range, the system may deny access to the user. Likewise, if the user's age range is always found -45between 40 and 50 years during previous authentication attempts or registration, and an authentication attempt falls outside that range, the system may deny access or use the result as a composite factor to deny access. In a further embodiment, when using a bracelet or watch capable of obtaining an EKG signature, a certain EKG signature may be required upon login. EKG signing can also be paired with facial recognition rotation to provide multi-stage login for critical security and identification applications. Additionally, credentials may also include GPS information where login is only permitted within certain geographic locations defined during enrollment. In one configuration, the GPS coordinates of the mobile device are recorded and logged for a login attempt or an actual login. This is additional information about the user's location. For example, if the GPS coordinates are located in a foreign country known for fraud, then the attempt was likely fraudulent, but if the GPS coordinates indicate that the attempt or login was made at the user's home, then fraud is less likely. Additionally, some apps may only allow a user to log in when they are in a specific location, such as a secure government facility or hospital. Registration information may also include distance information. Because the arc of motion (speed, angle, duration...) is unique for each user, the face detection software on the device can process the images and determine if the device is too close or too far from the subject . Or in other words, the enrollment information can consider the size of the face in the images. Therefore, potential enrollment information may also vary based on the user's arm length, head and face size, and the camera optics on the user's particular mobile device. The user may also be located at a fixed computer or camera, such as a laptop, desktop computer, or ATM. The user can then move the face back and forth, side to side, or up and down (or a combination) to create the images. Therefore, this method of operation is not limited to a mobile device. In one embodiment, the camera is arranged in a car, such as in a mirror, and the person moves their head or body. -46face to authenticate. Graduated Authentication Access In one embodiment, the system is configured to limit what the user can do when registering and authenticating for the first time. Then, after further authentications or after a predetermined period of time and number of authentications, additional capabilities may be granted. For example, for the first 20 authentications during the first 3 months, a maximum transaction of $100 may be allowed. This builds a database of known authentication data related to transactions not challenged by the user. Afterwards, for the next 20 authentications a transaction limit of $3000 can be set. This limits the total loss in case of fraud when authentication data is limited and the user is new to the system. For example, if an unauthorized user manages to fraudulently enroll in the authentication system. Video Screen for Image Capture When the user photographs himself using a front camera, the user can confirm that he is photographing his face by viewing the image on the screen, as described above. The image displayed on the screen can be configured to have an area smaller than the entire screen and can be placed on a higher portion of the screen towards the top of the device. When the user's image is displayed only on the top portion of the user's display screen, the user's eyes tend to look more closely at the front camera. When the user's eyes follow a path, the accuracy of facial recognition can improve. Additionally, tracking eye movement from frame to frame can allow the system to validate that the images are of a live person and not a photograph or video recording of the person. The image displayed on the screen can also be positioned to correspond with the location of a camera on the user's device, as shown in Figures 11A-11C. Mobile devices available today can include front-facing cameras arranged in several different positions. For example, a mobile device 1112a, 1112b may have a front camera 1114a, 1114b that is arranged above the screen and - 47 offset to one side or the other, as shown in Figures 11A and 11B. Accordingly, the user's response image 1116a, 1116b displayed on the screen can be positioned to correspond with the location of the camera 1114a, 1114b as shown. In Figure 11A, where a camera 1114a is located above the screen and is offset in a position left of center, then the image 1116a can be displayed in the upper left corner of the screen. In Figure 11B, where a camera 1114b is located above the screen and is offset in a position to the right of the center, then the image 1116b can be displayed in the upper right corner of the screen. As shown in Figure 11C, a mobile device 1112c may have a camera 1114c that is arranged centered directly above the screen. There, image 1116c may be displayed centered on the top portion of the screen. In this way, a user's eyes are directed and / or tracked as close to the camera as possible, which helps with eye tracking and motion verification. The user can also better see the response image and other responses or information on the screen, as they move the mobile device. The image displayed on the screen by the user can further be modified such that the border pixels on the sides of the screen are stretched horizontally as shown in Figure 12A. That is, a predetermined area 1206, 1208 on the right and left sides is distorted to stretch toward the right and left edges, respectively, of the screen. This allows a larger vertical portion of the displayed image to be displayed on the screen. Simultaneously, this enables a user to use the system correctly by keeping her face in the center of the screen, since her face would warp on the screen if it were distorted and part of the face enters one of the distorted areas. An example of this process is described with reference to Figure 12B. When the device or server receives a first image, feature recognition is performed on the image to detect predetermined objects within the image at step 1201. In this case, facial or feature detection is used to confirm the presence of the face. and / or facial features of the user on the user's face, such as the user's nose, eyes, cheekbones, chin, etc. The system then analyzes the location of the pixels in one or more -48 subsequent frames to determine whether the pixels representing the detected features correspond to the features located in the foreground or background of the scene in step 1204. In one embodiment, when the user moves the device to fit his or her face within the ovals, such as those shown in Figures 13A and 13B, the user's face is identified as the foreground of the image, or the features within of ovals 1320, 1330. The area around the face that shows the person's room or environment is identified as the background of the image, or the features within the area 1315. Additionally, facial features can be verified to behave with characteristics of relatively different distances and locations in the frame. For example, the nose, mouth, and chin can be considered foreground features, while the cheeks, ears, and jawline can be considered background features. At step 1205, the various features are tracked through successive images to obtain two-dimensional vectors characterizing the flow or movement of the features. The movement of the features in this example occurs when the user moves the device to fit his or her face within the oval shown on the exemplary display screens of Figures 13A and 13B. Such movement may include the nose shift pixels on the upper lip and inside of the cheeks and then the cheek shift pixels representing the ears and the chin shift pixels representing the neck. The device (processor that executes machine-readable code stored in memory) then compares image frames (made up of a series of pixels) as the device approaches the user's face. Pixels representing objects in the image are tracked to determine the velocity characteristics of the objects represented by the pixels in the foreground and background. The system detects these changes in the position of elements based on pixel data, or two-dimensional pixel velocity vectors, by comparing successive images taken by the device. When the live three-dimensional user is authenticated, the speed characteristics of the foreground (face) features and the background features differ significantly compared to the speed characteristics of a two-dimensional fake image capture. That is, the M A / IZ / ¿U¿¿ / U¿403ü -49speed characteristics of facial features are different for a living three-dimensional person and are different compared to a two-dimensional simulation when the user moves the device to fill his face in the oval shown in Figures 13A and 13B. Therefore, in step 1207, the system checks whether the two-dimensional foreground feature vectors match the expected values ​​of a living three-dimensional person. The expected values ​​or expected rate of change of an element in an image, defined by location or pixel values, can be based on evidence over time, such as expected location, expected displacement, expected rate of change of the item or even expected differences in the rate of change that would indicate three-dimensionality (as opposed to a 2D photograph or video screen of a person). In this example, the test may establish an expected value of movement or velocities of the ears, cheekbones, nose, etc. When the two-dimensional vectors match the expected values, the method advances to step 1210 to increase the probability that the images are of a live, three-dimensional person. If the two-dimensional vectors do not match the expected values ​​(or match the values ​​expected when using a two-dimensional simulation), the method reduces the probability that the images are of a three-dimensional living person, as shown in step 1212 . When a three-dimensional image of a living person is formed, the two-dimensional vectors or pixel displacement between successive images are different in the foreground and background of the image. Thus, in step 1214, the system also analyzes the two-dimensional vectors of the background objects to determine whether they match the expected values. The probability that the images are of a living three-dimensional person is updated again in steps 1210 or 1212. As explained above, some pixels representing certain background objects may appear or disappear completely. For example, as the user moves the device from arm's length to closer to their face, the pixels, edges, and / or features of the user's face will have a higher motion rate than the background features, such as a photo frame on a wall, a clock, etc. Additionally, some pixels that are visible on or around the user's face when the -50 device located further away from the user will no longer be visible when the user moves the device closer to her face. The pixels around a person's face can be defined as the facial halo and the elements of these pixels (facial halo) will no longer be captured by the camera in the image because the person's face takes up more of the image and is 'expands' due to the camera moving closer to the person's face. As mentioned above, this verification can be called edge detection. In step 1216, the system checks whether the background images around the edges of the foreground images match the expected values. The system also ensures that pixels representing the edge of the foreground object (such as a face) replace pixels of background objects near the edges of the foreground object. The probability that the images are of a live three-dimensional user is adjusted in steps 1210 and 1212 based on the result of the edge detection in step 1216. Therefore, by tracking these pixels and the displacement, the system can verify whether the pixel velocity analysis is consistent with three-dimensional objects that have a foreground and a background. At step 1218, the life or three-dimensionality of the imaged and authenticated user is validated based on the various checks described above. Determining that the user attempting to authenticate is a living person is an element that must be met as part of authentication. Thus, fraudulent access attempts to an account or device can be more reliably prevented using views or photographs of the person. This prevents attempts to fool the authentication system with a two-dimensional image, such as a printed image, a digital projection, or a digital screen image of a person. Additional improvements can also be achieved using pixel velocity analysis for life or three-dimensionality. When the user brings the device (camera) closer to the user's face, the facial features will be distorted differently due to the large relative distances between the various features and the camera and the location of the features in the camera's field of view. as the camera gets closer to the face. This effect can be called perspective distortion. When this distortion begins to occur, the pixels in the center of the frame that represent features in the center of the face, such as the nose, will have the least amount of distortion in the frame, while the pixels that represent the outer portions of the - 51 face such as the cheeks, chin and forehead will show the most relative pixel movement (more pixels in the center of the frame) and the highest acceleration. Therefore, three-dimensionality can also be shown by comparing the features of the face itself. This is because being very close to the device, facial features closer to the device can be considered foreground features, and facial features further away from the device are background features. For example, pixels representing the nose will show less motion between frames than pixels representing the cheekbone due to the shorter relative distance between the nose and the camera when the device is held at eye level. Pixel rate analysis can also be used to track liveness characteristics that are very difficult to recreate during a fraudulent authentication event. For example, human eyes are never completely still, even when focused on an object. There is always rapid involuntary movement of the eyes when scanning an object, moving to locate interesting parts of the object and developing a three-dimensional mental map corresponding to the scene. These movements are called saccades and are involuntary. Saccades last 20 ms to 200 ms and serve as an eye fixation mechanism. Two-dimensional velocity vectors, based on eye movement based on pixel values, can thus be generated by saccadic eye movement across frames. The presence of these vectors, the hertz of eye jitter, and the acceleration of pixel movement between frames can be compared to measurements from verified sessions and can be used to increase confidence that the user in front of the camera is not an inanimate simulation such as a photograph, a wax sculpture or a doll. In another example, when a bright light is presented to human eyes, the pupil will constrict to mitigate the light's path toward the retina. Cameras in typical mobile devices, such as smartphones, generally operate at high enough resolutions that two-dimensional velocity vectors follow the contraction of pupils when compared over a series of frames where the amount of light increases. that enters the eyes, such as when the user moves the device and screen closer to their face, or when a front flash from a mobile device is activated. - 52 Another feature that can be detected by analyzing pixel speed is the reflection of the user's eye. The surface of the eye reflects a greater amount of light falling on it when the pupil contracts, providing a brighter reflection of the light-emitting object. In the event that the device with an illuminated screen is brought closer to the user's face, the size and brightness of the device's screen reflection will increase while the pupil size will contract. It is possible to observe and document these two-dimensional vectors in a constant motion trajectory and then provide a liveness assessment in video frame sessions based on the expected two-dimensional vectors that are observed or absent. Facial recognition algorithms use points marked on the face to measure the distance and angles between facial features. This creates the unique appearance of the people and the corresponding unique biometric data. In some embodiments, pixel velocity analysis may be used not only to verify the three-dimensionality of the person, but also as an additional or alternative facial recognition algorithm. Authentication in Low Light Environments To facilitate image capture, the screen of the mobile device can also be displayed with a white background, and the screen brightness can be increased to illuminate the user's face in a dark environment. For example, a portion of the screen may provide video feedback for the user to ensure that he is taking images of himself, while the remaining portion of the screen is configured to display a bright white color. Referring to the example shown in Figure 11C, this can be done by displaying the video response 1116c in the center of the screen, with the surrounding areas showing as bright white bars around the video response 1116c. In very dark situations, an LED flash on the back of the mobile device and the rear camera can be used. Alternatively, the camera can be set to create an image using infrared light or other night vision techniques. When infrared imaging is used as thermal imaging, additional safety improvements are possible. In particular, thermal image capture can be analyzed to indicate whether the images obtained are of a real user or are fraudulent images of a display or other device. When a person stands in front of an infrared thermal imaging camera, the heat radiation detected should have a fairly oval shape that designates the person's head. In contrast, the heat radiated by a screen is typically rectangular. Additionally, the heat patterns detected on the person's real face, as well as the movement of the heat patterns in the images, can be compared to the heat patterns expected of a human face to distinguish the images from fraudulent authorization attempts. using a screen. Exit Detection from Mobile Device The screen or other light source on the mobile device can also be used to provide additional security measures. During the authentication process described above, light from the screen or other light source is projected onto the user's face and eyes. This projected light can then be detected by the mobile device's camera during image capture. For example, the color tone detected in the skin, or a reflection of light from the cornea of ​​a user's eye can be photographed by the mobile phone camera. Because of this, random light patterns, colors, and designs can be used to provide added security and ensure that there is a live person trying to authenticate and not just an image or video of a person being photographed by a scammer. As an example, when a user initiates authentication, the authentication server may generate and send instructions to the user's device to display a random sequence of colors at random intervals. The authentication server stores the randomly generated sequence for later comparison with the authentication information received from the mobile device. During authentication imaging, the colors displayed by the device are projected onto the user's face and reflected in the user's eyes (the cornea of ​​the eyes) or any other surface that receives and reflects light from the screen. . The camera on the user's mobile device detects colors that reflect off the user's skin or eyes (or other surface) and generates color data indicating the detected colors based on the screen projection. This data can be returned to the authentication server to determine whether the color sequence or pattern sent to the mobile device matches the known sequence or pattern projected by the mobile device's screen. -54user device. According to this comparison on the authentication server, authentication is either successful or denied. Comparison to the random sequence of colors in the instructions may alternatively occur exclusively on the user's device to determine that a live user is being authenticated. As another example, when a user initiates authentication, the authentication server may send instructions to the user's device to display a randomly generated pattern that is then stored on the authentication server. This pattern may include graphics, text, lines or bars, flashing light patterns, colors, a QR code, or the like. The randomly generated pattern is displayed during image authentication and the pattern is reflected in the user's eyes (cornea). The camera on the user's device detects the pattern reflected in the user's eye and processes the reflected image of the displayed pattern. The processed pattern (such as conversion to a numeric value) is transmitted to the authentication server and compared with the pattern that was randomly generated and stored on the authentication server to verify whether the pattern displayed on the screen and is sample after reflecting on the user's face establishes a pattern match. If a match occurs, this establishes or increases the probability that the device is forming an image of a living person. If the pattern does not match or does not reach a threshold match level, then the authentication process may fail (access denied) or access to the account or transaction amount may be limited. It should be noted that this example can also be incorporated into a desktop computer with a webcam that does not incorporate the enrollment motion and authentication motion described above. Additionally, this example can not only be incorporated with facial recognition, but can also serve as an additional layer of security for iris recognition or any other type of recognition of the blood vessels of the eye, or any facial features that are unique to an user. When the above example is implemented on a desktop computer, eye tracking can also be used to further demonstrate the presence of a live user. For example, the screen could show a ball or other random object or symbol that moves in a random pattern that the user observes with his or her eyes. The camera can detect this movement in real time to - 55 verify that the user is live, and not an image or screen, and verify that eye or head movements correspond and match the expected movement of the object or words on the screen, which are known to the user authentication system. Eye tracking can also be performed by setting an anchor point, such as by clicking the mouse at a location on the screen (if the user is looking at the location where the mouse click is made), and then estimating where the The user is looking at the screen in relation to the anchor position. Using a moving object on the screen can also be beneficial during enrollment on a mobile or stationary device. For example, while capturing enrollment images, the device may display a moving digital object (such as a circle or word(s)) that moves around the screen so that the user is encouraged to follow it with their head and fingers. eyes. This movement may be involuntary on the part of the user, or the device may be configured to instruct the user to follow the object. This results in head and / or eye movement creating small changes in the orientation of the user's head and face with the device's camera, providing more complete enrollment information. With more complete enrollment information, the system can better ensure that the user will subsequently authenticate at a high rate even at slightly different angles during future authentication attempts. Intuitive User Training and Enhanced Security Through Zooming In one embodiment, the system is configured to help the user easily learn to authenticate with the system. As shown in Figure 13A, once registration or authentication is initiated as described above, the system causes the user's mobile device 1310 to display a small oval 1320 on the screen 1315 while the mobile device 1310 takes user images. Instructions 1325 displayed on screen 1315 instruct the user to hold the mobile device 1310 in such a way that their face or head appears inside the oval 1320. Because the oval 1320 is small, the user is required to hold the mobile device 1310. away from your body, such as extending your arm while holding the mobile device 1310. Maximum arm length and face size are unique to the user. In other - 56 mode, the arm may not fully extend to accommodate operation when space is not available, such as in a car or in a crowded place. It is noted that while the small oval 1320 is shown centered on the screen, it can be placed anywhere on the screen 1315. Next, as shown in Figure 13B, the system causes the user's mobile device 1310 to display a larger oval 1330 on the screen 1315. The screen 1315 may also display corresponding instructions 1335 directing the user to zoom in on their face. to fill the oval 1330 with his face. The user does this by bringing the mobile device 1310 closer to her face in a generally straight line to the user's face (as shown in Figures 7A and 7B) until the user's face fills the oval 1330 or exceeds the oval. In other embodiments, the large oval 1330 may simply be a prompt for the user to bring the mobile device 1310 closer to the user's face. Therefore, the system provides and teaches the user a simple method of providing enrollment and authentication images along with the enrollment and authentication motion as explained above. The system may also teach variation of the enrollment and authentication movement by varying the location of the small oval 1320 on the screen 1315, and changing the order and size of the ovals displayed. For example, the user can zoom in by moving the mobile device. The system can be configured to monitor that the camera's zoom function (when equipped) is not in use, which typically requires the user to touch the screen. In one embodiment, the enrollment motion may be skipped and the authentication motion may be compared to the expected motion based on the indications on the screen. For example, the authentication device or server generates a series of ovals of different sizes within which the user must place his or her face by moving the mobile device held in the hand. In this way, the authentication movement may be different during each login depending on the order, size and location of the ovals displayed on the screen. The system may also incorporate other safety features when using approach motion as shown in Figures -5713Α and 13B. Typical cameras on a mobile device or any other device include a curved lens. This results in a negative distortion effect on the resulting images taken by the camera. In some cases, this curvature may not be visible to the human eye or may only be noticeable at certain focal lengths. The effect of negative curvature or distortion may vary with the length or focal distance between the user and the lens. The degree of the negative distortion effect therefore depends on the type of optics used in the camera lens and other factors. The negative distortion effect becomes more pronounced in an image of a person's face when the person captures an image of their face close to the lens. The effect results in the relative dimensions of the person's face appearing different than when the image is captured with the person's face furthest from the lens. For example, a person's nose may appear up to 30% wider and 15% higher relative to a person's face when the image is taken up close compared to when the image is taken from afar. The differences in relative dimensions are caused by the relatively greater differences between the camera and the various facial features when the person is photographed close to the lens compared to the relatively equal distances when the person is photographed at a further distance from the lens. the lens. Such differences have been found to be significant in many facial recognition algorithms. That is, a facial recognition algorithm may not recognize a live person photographed in close proximity and far proximity as the same person. In contrast, if the camera takes a two-dimensional photograph of a person at both close proximity and farther proximity, the relative focal lengths between the lens and the two-dimensional image do not change as significantly. Therefore, a facial recognition algorithm would recognize the two-dimensional photograph as the same person when the image is taken both at close proximity and at a farther distance from the lens. This effect can be used to increase the security of the authentication system. For example, during enrollment, the user can provide enrollment images in both the near and far proximity of the lens, as well as other positions through movement. Subsequently, during authentication, authentication images can be obtained at both distances - 58 near and far from the lens to determine if they match the registration information obtained from the registration images. Furthermore, because the negative distortion effect is expected when a real three-dimensional person is present, the absence of the relative change in facial feature dimensions alerts the system to a fraudulent authentication attempt. This effect cannot be easily recreated with a two-dimensional image (printed photograph or screen) and therefore this stage can serve as a safe test to prevent a two-dimensional image (instead of a live face) from being used for authentication. . In other words, using this zooming movement (variation of focus) zooming in and out on the user's face, two or more biometric profiles can be created for the same person. One of the multiple profiles for the person may be photographed furthest from the camera, and one of the multiple profiles may be for the person photographed closest to the camera. For the system to authenticate the person, the authentication images and biometrics must match the two or more profiles in the enrollment images and biometrics. Additionally, the system can detect the presence of a real person versus a fraudulent photograph of a person by comparing the background of images obtained in near and far proximity. When the mobile device 1310 is held such that the person's face fits within the oval 1320, objects in the background that are located almost directly behind the person may be visible. However, when the mobile device 1310 is held in such a way that the person's face fits within the larger oval 1330, the person's face blocks the camera's ability to view the same objects that are located almost directly behind it. of the person. Therefore, the system can compare the backgrounds of images obtained in near and far proximity to determine if the real person is attempting to authenticate with the system. Of course, in Figures 13A and 13B, shapes or guides other than ovals 1320 and 1330 may be used to guide the user to hold the mobile device 1310 at the appropriate distance from their face. For example, mobile device 1310 may display a full or partial square or rectangular frame. Additionally, the system can vary the size and location of the frame, such as 1320, 1330 ovals to add more security. For example, the system - 59 may require a medium size frame, a small frame and then a large frame. As another example, the system may require a small frame at a first location and a second location, and then a large frame. This can be done randomly to teach different users different enrollment and authentication moves. The number of frame sizes presented to the user may also vary for a single user based on the results of other security features described herein. For example, if the mobile device's GPS coordinates show that the device is in an unexpected location, more frames at different distances may be required for authentication. One or more indicators, such as lights, words or symbols, may be presented on the screen so that they are visible to the user to direct the user to the desired distance at which the user's mobile device should be. In Figures 13A and 13B, the system can predict the expected negative distortion of the images based on the mobile device used for enrollment and authentication, and based on known and trusted enrollment data. Additionally, or alternatively, the known specifications of a mobile phone camera for a given model can be used to predict the expected distortion of the person's facial features at different distances from the lens. Therefore, authentication may depend on the device. Additionally, no user registration information is required at all possible distances from the camera. For example, as described above, enrollment images and biometric data may be obtained for a user at two distances from the user. During authentication, multiple images are captured in addition to the images corresponding to the near and far distances of the enrollment and biometric images. Based on the expected distortion of these intermediate images according to the distance traveled by the device, the system can validate that the change in distortion of the images occurs at the correct rate, even if only two enrollment profiles are obtained. The capture of these images can be still images or video, such that frames or images are extracted from the video that is taken during movement from the first far position of the user and the second near position of the user. Therefore, it is contemplated that the operation can capture M A / t / ZUZZ / UÓ+OUO - 60 numerous frames during zoom movement and ensure that distortion occurs at the correct rate for the head size and movement distance of the mobile device based on data from accelerometers, magnetometers, etc. Over time, based on accumulated data or data calculated during the design phase, the system will have data indicating that if a phone is moved a certain distance toward a user's face, then the distortion effect should fall within a known percentage of the final distortion level or the initial distortion level. Therefore, to fool or confuse the authentication system set forth herein, the fraud attempt would not only need to distort the fraudulent two-dimensional image, but would also have to cut out the background and then make a video of the face, the distortion and the background doing all of this incrementally and at the correct speed, all without banding the video screen or having visible borders on the screen, which is highly unlikely. Many currently known face detection and face recognition algorithms are configured to search for a small face within an image. Therefore, to ensure that the facial detection and recognition algorithms detect and recognize the user's face in the magnified image (Figure 13B), the system can add a large buffer zone around the image taken at close proximity. This creates a larger overall image and allows current facial detection and recognition algorithms to detect and recognize the face, even when the user's face is large in the original image. When using the enrollment and authentication motion resulting from the process described with Figures 13A and 13B, the eye tracking security features described above can also be improved. For example, when the user is instructed to bring the mobile device 1310 closer to his or her face to fill the oval 1330, the QR code, a random shape, a barcode, color, text, numbers, or any other visual indicator may be displayed on the screen. At this close distance, the camera can more easily capture the reflection of the displayed indicator in the user's eye or face. Additionally, eye movement, blinking, and the like to determine the life of the person being imaged can also be more easily obtained in close proximity. M A / IZ / ¿U¿¿ / U¿403ü - 61 In one embodiment, at least one blink is required to demonstrate that it is live for authentication. In another embodiment, blinks may be counted and the number of blinks may be averaged over time during authentications. This allows an additional factor in authentication to be the number of blinks observed during movement. If a pattern of when the user blinks during movement is observed, the system can verify that the user blinks at the expected time and the location of the device during movement during future authentication attempts. In other embodiments, the size or location of the oval or frame may change to sizes or locations other than those shown in Figures 13A, 13B, such that the user must position and / or tilt the phone to position its face inside the oval. This establishes yet another method of ensuring that the user is live. In an exemplary method, the mobile device is placed at a first distance from the user and a first image is captured for processing. This distance may be linearly distant from the user and, in this embodiment, not in an arc or orbit. This can occur if the user moves the mobile device, either by hand, or if the mobile device is on a mobile device or rail system. Or, the lens system can be adjusted if it is a fixed system to change the size of the user's face in relation to the size of the frame. Alternatively, the user can remain stationary, multiple cameras can be used, or the camera can move without the user moving. Once some type of movement (of a device, camera, lens or the user) has occurred to set the camera at a second distance, a second image is captured for processing. The movement from the first position to the second position can be direct towards the user. Processing occurs on both images. The processing may include calculations to verify the difference between the two images, or a difference in the biometric data obtained from the two images, which indicates that it is forming an image of a real person. Processing may occur to compare the first authentication image with a first enrollment image (corresponding to the first distance) to determine if a match exists and then compare the second authentication image with a second enrollment image (corresponding to the second distance). ) to determine if a match is present. Whether - 62 produces a match, authentication can continue. Variations on these methods are also possible with the system requiring a match at the first distance, but a failure to match at the second distance, indicating that the second image is not a two-dimensional image. The processing that results in a match or a failure to match can be any type of image processing or facial recognition algorithm. As with other processing described herein, processing may occur on the mobile device, one or more remote servers, or any combination of such devices. All processing described herein may occur only on the mobile device, only on a remote server, or a combination thereof. Biometric data can be stored on the mobile device or the server, or split between the two for security purposes. For example, images may be processed on the mobile device, but compared to enrollment data in the cloud or on a remote server. Or images can be sent to the cloud (remote server) for processing and comparison. Touch Screen Improvements Additional added security modifications may include information about a user's finger. Many mobile devices with touch screens can detect the location and approximate size of a user's touch on the screen. Accordingly, the system can measure an approximate size of a user's finger or thumb. In addition to the size of a finger, an orientation angle of the finger or whether the fingers or thumbs of the right or left hand are used can be detected. In one embodiment, a user selects an account to open, initiates the creation of enrollment images, or initiates the creation of authentication images by touching the touch screen of the user device. Therefore, the authentication system can detect whether a user's touch during authentication corresponds to previously stored enrollment information, including the size of the user's finger or thumb, the amount of pressure applied to the screen, and whether the user is right or left handed. This adds an additional layer of security to the authentication system. Additionally, the authentication system may require the user to initiate a - 63 authentication by touching a fingerprint reader or the touch screen in one or more predetermined ways. In one embodiment, as shown in Figure 14, a touch screen 1410 may be divided into predetermined regions 1420. For example, there may be nine equal, circular, square or other shaped regions 1420 on the touch screen 1410 of the mobile device. During enrollment, the user selects one of the regions 1420 of the screen 1410 to touch to initiate authentication. During authentication, if the preselected region 1420 is not touched to initiate authentication or during the entire authentication process, then authentication is denied. This is only one possible design possibility and other design options are considered. The regions 1420 on the touch screen may be represented visually by a grid, or may not be displayed at all on the touch screen 1410. As shown in Figure 15, in addition to or instead of the regions 1420, the buttons 1520 may be displayed in a touch screen 1510. Here, the user can initiate authentication by pressing one or more of the buttons 1520 in a predetermined pattern. The user can also initiate authentication via a default swipe pattern. The user's touch position may change with each authentication attempt and may be transmitted to the user via any instruction from the authentication server, such as a code, number, letter, color, captcha, or other indicator. Voice Parameters It is also contemplated that the user can record their voice saying a phrase while recording their images during the registration process when using the system for the first time. Then, to authenticate, the user would also have to say the phrase while also moving the mobile device to capture the image of her face. Therefore, an additional path parameter may be the user's spoken voice and the use of speech recognition as another layer or element of the authentication process. Image Quality Assurance The authentication system may also process the images received from the mobile device to determine whether the images are of sufficient quality. For example, the system can check if images are blurred because the images are out of focus or because the lens is blurred. -64the camera is obscured by fingerprints, oils, etc. The system can alert the user that image quality is insufficient (or too bright or too dark) and instruct the user to adjust the focus, exposure or other parameter, or to clean the camera lens. Auto Focus The authentication system may also use an autofocus function when the mobile device's camera is equipped with such. For example, when a three-dimensional image is taken of a real person, the system checks to see if the sharpness of the image changes as the camera autofocuses. In another embodiment, the system may control autofocus so that the camera focuses on a first location or distance to check the sharpness (in focus) of a portion of the image containing a face. The system then controls the camera to focus on a second location or distance where the presence of a face is not detected and verifies the sharpness (in focus) of a portion of the image. If you are forming an image of a three-dimensional person in a real environment, the focal length settings are expected to be different at the first and second locations, suggesting that you are forming an image of a real person at that moment. However, if the focal lengths of both locations are the same, this indicates that you are taking an image of a two-dimensional photograph or screen, indicating a fraudulent login attempt. The system can also control the device's autofocus to check different focal lengths of different features in the image. For example, when taking an image of a person's face from the front, a person's ear is expected to have a different focal length (more distant) than the tip of a person's nose. M A / IZ / ¿U¿¿ / U¿403ü Login Attempt Images The authentication server can also be configured to store authentication images for a predetermined period of time. Images can provide additional security benefits as proof that a person is trying to log into a user's account. For example, the system may store a predetermined number of previous login attempts, such as twenty login attempts, or store images of - 65 login attempts during a predetermined time period, such as the last seven days or weeks. Any fraud or attempted fraud will result in images of the person attempting to log in being stored or sent to the account server's authentication server. Just the knowledge that photographs will be taken and sent is a significant deterrent to anyone potentially dishonest because they know their photographs will be taken and stored, and is a guarantee of security for the user. Likewise, any attempt and failed attempt may have the photograph stored and an indicator of who is trying to access the account. It is also contemplated that an email or text message can be sent along with the image of the person who unsuccessfully tries to log in, to the authorized user, so that they know who is trying to access their account. This establishes the first line of security for the account since the user with the photo or image is also owned by the authentication server. Adaptive Matching Thresholds Additionally, the level or percentage of correspondence between enrollment information and authentication information to authenticate the user may change over time. In. In other words, the system may comprise an adaptive threshold. After a user regularly uses the authentication system described above, the user will have logged into the system by moving the mobile device in the predetermined path relative to her head many times. Therefore, it can be expected that as the user gains experience in using the authentication system, the user will gradually adapt to a comfortable and standardized movement path. In contrast, a user's initial enrollment motion will likely be the most awkward and clumsy motion, since the user has little experience with the authentication system. To make the authentication system more convenient for the user without losing security, the adaptive threshold system allows the enrollment movement to adapt so that the user is not trapped in the awkward and awkward initial movement such as the enrollment movement. . To facilitate this, after each successful authorization, the movement of - 66 successful authorization is stored and the motion trajectory is added to a list of acceptable motion trajectories. The list of acceptable motion trajectories may be limited to a predetermined number of trajectories. When a new authorization is successfully completed and the list of acceptable motion paths is full, the oldest enrollment motion path is deleted and the newest one is stored in its place. Alternatively, the motion path that least resembles the other motion paths stored in the list can be deleted. Therefore, by storing the closest or newest motion trajectories, the enrollment motion can slowly adapt over time as the user becomes familiar with the system and settles into a comfortable motion path for authentication. Additionally, other registration information may adaptively change in a manner similar to user information. For example, successful authentication photographs or biometric information may be stored as part of the enrollment information and previous enrollment information may be discarded over time. In this way, the authentication system can be convenient for a user even over a long period of time when the user experiences aging, facial hair growth, different makeup styles, new glasses, or other subtle facial alterations. The determination of how much variation is allowed over time in the movement trajectory or biometric information, or both, may be established by the entity requiring authentication to meet the entity's security requirements. The time or number of scans after initial enrollment can be used to modify the adaptive threshold. For example, during the first few days after enrollment, the threshold may be lower while the security threat is low and differences in trajectories are likely to be higher. After multiple authentications or several days, the threshold may increase. Additionally, the threshold can be set based on motion trajectory trend data or biometric information. For example, the threshold may be more lenient in a direction where the data is trending, while having a stricter tolerance for data against the trend. A time aspect can also be added along with the information of -67location. For example, if the user makes and authenticates a transaction near her home and then later attempts another transaction in a foreign country, the transaction may be denied. 0 may be denied if the distance between the previous authentication location and the next authentication location cannot be traversed or is unlikely to have been traversed in the amount of time between login or authentication attempts. For example, if the user authenticates in Denver, but an hour later an attempt is made in New York, Russia, or Africa, then the first or second attempt is fraudulent because the user likely cannot travel between these locations in 1 hour. Additionally, if the next transaction is attempted at a more reasonable time and distance from the first transaction, the matching threshold level may be raised to provide additional security, without automatically denying the transaction. Additionally, an altimeter can be used such that if the altitude determined by the mobile device is different from the altitude of the city where the user is reported to be located, this may indicate a fraud attempt. Therefore, altitude or barometric readings from the mobile device can be used to verify location and can be compared to GPS data, IP address or router location data, or the location identified by the user. Random Image Distortion To provide an additional layer of security to the facial recognition authentication system, the system may use random image distortion. For example, a user may be assigned a random warping algorithm upon enrollment in the system. The distortion algorithm may include such distortions in the image as enlarging or reducing the person's face by a predetermined amount, adding or superimposing a predetermined shape at a predetermined position on the user's face. As an example of this, the distortion can be a circle superimposed 100 pixels above the user's left eye. With distortion uniquely assigned to the user's images, the biometric data for that user will be unique to the account or device used by the user. That is, the enrollment biometric data stored on the authentication server or mobile device will reflect - 68 not only the user's facial features, but will also reflect the distortion of the uniquely assigned image. Therefore, even if a fraudulent and accurate representation of a person were used on a different device or through a different account, the biometric authentication data offered would not sufficiently correspond due to a different unique distortion or lack thereof. Therefore, overall security can be improved. Security Layers It should be noted that each of the above embodiments, modifications and enhancements may be combined in any combination as necessary to create multiple layers of security for authentication. For example, facial recognition can be combined with motion detection or trajectory detection, or work independently of these features for authentication. Additionally, when more than one of the enhancements or modifications described above are combined, the authentication system can be configured to not provide any response or indication as to which layer authentication failed. For example, when a default touch pattern to initiate authentication is combined with authentication motion and facial authentication, the system does not indicate whether a touch pattern was incorrect, or if the authentication motion or authentication images did not match the authentication. registration information. Rather, the system provides an identical authentication denial no matter what failure occurs. This is the case when any number of the security features described above are combined. This way, it is difficult for a fraudster to detect which aspect of the fraudulent credentials needs to be fixed, further improving system security. All of the above features can be incorporated together, or only some features can be used and others omitted. For example, when the device prompts the user to move the device so that the user places his or her head within a first small frame (such as an oval) and then into a second large frame (such as in Figures 7A, 7B, 13A, and 13B), the system can be configured in such a way that facial recognition does not need to be performed on the image(s) in the first frame (remotely captured frames). System security is maintained by performing recognition - 69 facial through capturing images at some point between the first and second frame, and in the second frame. This can be especially true when another layer of security is also integrated, such as checking eye tracking by following a moving object on the screen, or reading a reflection of a QR code or random shape in the user's eye. In another embodiment, when two or more cameras are used to create three-dimensional stereoscopic images, facial recognition cannot be performed in the first far frame, but rather the live person can be validated in the closer frame only after movement of the device. In still other embodiments, other security layers may be used and motion parameters may be omitted. Such combinations may be beneficial for larger or fixed devices, such as gaming laptops, desktop personal computers, a fixed kiosk, or the like. Example Applications Additionally, although described herein as financial account authentication, authentication using path parameters and image data can be implemented in any environment that requires verification of the user's identity before allowing access, such as automatic access, room access, computer access, website or data access, telephone use, computer use, receiving packages, event access, ticketing, courtroom access, airport security, sales transactions retailers, loT access or any other type of situation. For example, an embodiment will be described where the above authentication system is used to securely conduct a retail transaction. In this embodiment, a user is enrolled in the authentication server or an authentication application on the mobile device as described above and has generated enrollment information that includes enrollment images and / or biometric data and enrollment motion. In this example, the user initiates or attempts to complete a transaction at a retail establishment using a credit card, smart card, or smartphone with NEC capabilities. The user initiates the transaction by swiping a credit card, smart card or using an app on a smartphone with NEC capabilities to pay for goods or services. The retail establishment after - 70 would authorize the card or account with the corresponding network of the financial institution (Access Port). For example, the retail establishment, through an Access Port such as that operated by VISA or AMERICAN EXPRESS, would determine if the account is available and has sufficient funds available. The Access Port would then communicate with the authorization server to authorize the transaction by verifying the user's identity. For example, the access port may send an authorization request to the authentication server, and the authentication server then sends a notification, such as a push notification, to the user's mobile device to request that the user authenticate the transaction. Upon receiving notification from the authentication server, such as through a vibration, beep, or other sound on the mobile device, the user can then authenticate their identity with the mobile device. The authentication server may also send transaction-related information to the user for the user to verify. For example, the authentication server may send information that causes the mobile device to display the merchant, the merchant's location, and the purchase total of the transaction. Next, as before, the user can hold the mobile device and obtain a plurality of authentication images as the user moves the mobile device to different positions relative to the user's head. While moving the mobile device to obtain the authentication images, the mobile phone further tracks the path parameters (authentication movement) of the mobile device through gyroscope, magnetometer and accelerometer to obtain the authentication movement of the device . The mobile device can then send the device information, authentication images, and authentication motion to the authentication server. In other embodiments, the mobile device may process the images to obtain biometric data and send the biometric data to the server. In still other embodiments, the mobile device may process the images, obtain the authentication information, compare the authentication information with the enrollment information stored on the mobile device, and send the pass / fail results of the comparison to the authentication server. - 71 The authentication server can then authenticate the user's identity and confirm that the user wishes to authorize the transaction in their account if the device information, authentication images and / or biometrics and authentication movement correspond to the information of the enrollment device, enrollment images and / or biometric data, and enrollment movement. The authentication server then transmits an authorization message to the Access Port. Once the access port has received authorization confirmation, the access port communicates with the retail establishment to allow the retail transaction. Several advantages can be obtained when a retail transaction is authorized using the above system and method. Because user identity verification and transaction confirmation is completed through the authentication system and mobile device, the user is no longer required to provide their credit card or signature, or enter a pin number. in the retailer's point-of-sale system. Additionally, the retail establishment does not need to verify a photo ID of the user. The above method and system also has the advantage that it provides secure transactions that can work with mobile and online transactions that do not have cameras, such as security cameras, on the premises. In the secure retail transaction described above, the user obtains the total amount due on their mobile device from the retail establishment through the access port and authentication server. However, in one embodiment, the mobile phone may use the camera as a barcode, QR code, or similar scanner to identify items and prices of items being purchased. The mobile device can then total the amount owed and act as a cash register to complete the transaction with the retail establishment. In another embodiment, a user of the application may wish to pay an individual or merchant anonymously. In this case, the user would designate an amount to pay in an application, and the application would create a unique identifying transaction number. This number can then be displayed to the second user, such that the second user can type the identifying transaction number into an application on a separate device. The unique identification transaction number can also be sent by the - 72 user to the second user via NEC, Bluetooth, a QR code or other suitable methods. The second user can also type the amount and request payment. Upon receiving the payment request and the unique identification transaction number, the authentication server can send a notification to the first user's mobile device to authenticate the transaction. The user would then verify her identity using the facial recognition authentication system described above. The user may alternatively or additionally verify her identity using other biometric data, such as a fingerprint or retina scan, motion and trajectory-based imaging, or the user may enter a password. Upon authentication, the user's device would send a request to the user's payment provider to request and authorize payment to the second user. This way, the payment can be made securely while the users of the transaction are anonymous. According to one embodiment, as an additional security measure, GPS information from the mobile device may also be sent to the authentication server to authenticate and enable the retail transaction. For example, the GPS coordinates of the mobile device can be compared to the coordinates of the retail establishment to confirm that the user is actually present at the retail establishment. Thus, a criminal who has stolen a credit card and attempts to use the card from a distant location (compared to the store location) cannot complete a transaction because the user's phone is not located at the store location. store. IP addresses can also be used to determine location. As explained above, the level or percentage of correspondence between the registration information and the authentication information to authenticate the user can also be adjusted based on the GPS coordinates of the mobile device. For example, if the retail establishment and the mobile device's GPS coordinates are located near a user's home, then the match level can be set to a lower threshold, such as a 99% match rate. Alternatively, if the location is very far from the user's home and is for example in a foreign country, then the match level can be set to a higher threshold, such as a 99.999% match rate. - 73 Biometric Identification Using Root Identity Information Most biometric identification systems in recent years use devices such as smartphones to capture biometric data (e.g., a digital photograph or fingerprint scan). This biometric data is compared to pre-existing biometric data on the device (in accordance with FIDO Alliance standards) or in the cloud (a remote computing device) where the biometric data is sent to servers and compared with pre-existing data. -existing. However, with the ability to convert images or other biometric data into biometric templates on the device without sending the raw data files to a server, an additional option is available. Existing raw biometric data, such as facial images, fingerprint scans, etc., or converted biometric templates, can be downloaded to the device. The downloaded biometric data can then be converted and / or compared to a biometric template that was created from data captured on that device and previously uploaded to the cloud or captured and uploaded to the cloud from a different device. This allows a third party to provide an existing root identity profile to compare with biometric information obtained on the device for authentication. For example, the root identity profile may comprise an image or other biometric reading of a customer that was captured and verified at a bank branch, from a DMV file, or from another authorized and trusted source. The root identity profile may alternatively or additionally comprise biometric templates created from the verified image or biometric reading. This way, the ID match on the device has a higher level of confidence based on the verified third-party root identity profile. Figure 16 shows a biometric identification system using root identity information, according to an exemplary embodiment. The system includes a user device 1612, such as a smartphone or tablet, that comprises one or more biometric sensors, such as a camera 1614 and a fingerprint scanner 1615. The device 1612 communicates with a network 116, such as like the Internet. A root identity server 1630 also connects to the network 116. The root identity server 1630 may be a banking server, a server - 74 government or other trusted server that stores root identity information, including biometric information and / or biometric template(s). The root identity server 1630 connects to biometric detection devices such as a camera 1632 or a fingerprint scanner 1634. An authentication server 1620 that provides an application such as facial recognition algorithms and the like also connects to the network. 116. Figure 17 shows a method for authenticating using a root identification system, according to an exemplary embodiment. Authentication using facial recognition as biometric information analyzed for a root identity profile may function as explained in the following exemplary embodiment. First, in step 1701, the biometric information is captured through a trusted device (camera 1632 or scanner 1634 in Figure 16). The device is considered trusted because the biometric information collected on the device is verified by a trusted institution, such as a bank or government agency. A root identity profile is established at step 1703 that comprises the biometric information of the trusted device and links the biometric information to a user identity. This root identity profile is stored on the server, such as server 1630. In step 1705, biometric information, such as an image containing data about the face of an individual from the root identity profile, is sent from the server 1630 to the smart device 1612 following an authentication request from the smart device 1612. The user The smart device 1612 then articulates the camera 1614 so that the user's face can be captured by the device's camera 1614, at step 1707. The image downloaded from the server 1630 and the image that has been captured on the device 1612 can now be compared in the step 1709. For example, each image is converted to a biometric template using a facial recognition algorithm for comparison. After comparison, if the templates are sufficiently similar based on, for example, thresholds set by an application publisher, the captured image of the device (device identity) and the previously captured image (root identity) can be considered a match at step 1711. Access may then be granted, or the signing / enrollment process may be completed based on the matching images at step 1713. If no match exists at step 1711, access is denied at step 1715. . - 75 The benefits of this system include, but are not limited to, the ability to match previously captured biometric data from a different device to a new device while no biometric data leaves the new device during the match. This is important in some regulatory environments and industries. For facial recognition systems with a server component, the same facial recognition algorithm can be loaded on the server that runs in an application on the smart device. This allows only the template to be transferred to the device instead of the biometric reading itself (e.g., facial images, fingerprint scans, etc.). For example, at step 1705, the biometric information may be the biometric template instead of an image of the root identity profile. Algorithms must be configured so that the templates they create are homogeneous and can be compared. That is, if the algorithms output data in different formats, the resulting biometric data templates / format are incompatible, and no match can occur because similar facial features would not be represented by similar biometric template data patterns. The term template is defined herein as biometric data points represented by a string of numbers or other data formed in a consistent format pattern so that similarities and differences can be determined through various comparison methods. In an embodiment where the template is transferred to the device, the root identity established in step 1703 may include a biometric template created from a biometric algorithm, such as a facial recognition algorithm. For example, an image including a person's face captured with a trusted device (camera 1632 at a bank branch, DMV, etc.) is sent to server 1630 where it is converted into a biometric template with a facial recognition algorithm. As mentioned above, the root identity profile biometric template is sent to the smart device 1612 after an authentication request in step 1705. This may be called the root identity biometric template. The method proceeds as previously explained with reference to Figure 17, where the biometric templates are compared at step 1709. In another example, two or more modalities of biometric data may be used together, such as fingerprint, face, and voice. Another example of - 76 method in Figure 17 that uses two or more modalities of biometric data can work as follows. First, images of a user's face, scans of the user's fingerprints, as well as a voice recording of the user are captured with trusted devices in step 1701 (e.g., devices 1632, 1634 in a bank branch, a DMV, etc., where the identity of the captured data is verified) to establish a root identity in step 1703. The images, scans and recording can be considered root identity biometric data because this information is captured from a reliable source. In step 1707, the user of the smart device (1) presses one or more of his or her fingers on a fingerprint sensor and / or takes a photograph of his or her fingers; (2) articulates the camera so that the user's face can be captured by the device's camera; and / or (3) speak words into the device's microphone to be recorded. Recorded device data may be considered biometric device identity data. The root identity biometric data and the device identity biometric data are converted into biometric templates (root identity biometric templates and device identity biometric templates) using fingerprint recognition, facial recognition and / or voice recognition algorithms. In some cases, root identity biometric data can be converted to root identity biometric templates on the server, and the templates can be sent to the device. The root identity biometric templates and the device identity biometric templates are compared in step 1709, and if the templates are sufficiently similar based on thresholds set, for example, by an application publisher, the root identity templates can be considered. root identity and device identity templates a match. Based on the match, access may be granted or a signing / enrollment process may be completed at step 1713. In another embodiment, at step 1709, the images and / or biometric templates of the user's device may be uploaded to the server where they may be stored and / or compared to the images and / or root identity biometric data templates). Then, if the user wants to replace the original device or add a second user device to the account, both the root identity image(s) and / or template(s) and the / or device identity template(s) captured on the first device - 77 can be sent to the second device during setup or enrollment for comparison and matching. This daisy-chains the root identity of the server to the identity of the first device and then back to the identity of the second device. If a root identity image or template was not previously captured and stored on the server, the image and / or template that is loaded from the first device can still provide additional security. If the user selects to add a second device to an account, the image(s) and / or template(s) from the first device can be downloaded to the second device, and the comparison described above can be repeated. occur. This allows the user to add a second device with greater security because the user identities on both devices have been deemed to match. Additionally, when the image(s) and / or template(s) are uploaded to the server, comparisons on the server between the image(s) and / or template(s) can be performed regardless of a comparison that is carried out directly on the device. This offers a significant increase in security because even if a hacker could somehow manipulate the user's device to send a Match result to the server, the server would also compare the same images and / or biometric templates. Therefore, authentication can occur on two or more devices or servers to make the system more secure. If less than all or a predetermined number of devices / servers are not authenticated, then a match is not declared. Therefore, the server would also need to determine that the image(s) and / or biometric template(s) matched using the same thresholds. Therefore, the hacker would not only need to compromise the user's device but also one or more servers to defeat the security. In addition to the biometric comparison, liveness checks may be included in the device portion of the comparison as well as the server portion, as described in detail above. For example, additional information such as device motion, skin texture, three-dimensional depth information may be used to help determine that the biometric data presented to the camera is from a live human being and not a photograph, a fake video or mask. Remote Collection of Biometric Images / Templates Verifying biometric data typically requires that a - 78 person enters a branch office, a government office such as a DMV or police station, or other trusted location to have their biometric data collected. For example, a bank may require a photograph, fingerprint, or voice recording to open certain types of accounts. The biometric data obtained is then linked to the person and the account. This in-person biometric data collection has generally been required because there was no other way to trust that a person was really who they said they were. Through in-person collection, identification is verified, for example, the person who provides documents with their name and photograph issued by a government body. However, according to an exemplary embodiment set forth herein, an individual may provide his or her own biometric data using any smart device with a biometric sensor or a camera to verify himself or herself without in-person verification. In fact, under the modalities described, financial institutions or account providers can trust with more certainty than ever that the biometric data provided comes from the correct person and not from an imposter, hacker or bad actor. Figure 18 shows a method for remotely establishing a biometric identity, according to an exemplary embodiment. In this embodiment, an individual first downloads an application to his or her smart device from an institution with which he has an account or with which he wishes to open an account in step 1801. Upon opening the application and when prompted, the person presents his face, fingerprint, etc., to the camera or sensor. The biometric data is captured and stored on the device as enrollment data in step 1803. In some embodiments, the enrollment data is sent to the server. The user then makes a payment or deposit to the institution at step 1805. For example, if a lending institution has provided a mortgage to the user, then the user would enter their payment account information into the application so that the institution can collect payment. When payment and authorization information is transmitted to the credit institution, some or all of the user's enrollment biometric data is collected and transferred to the credit institution's server with it. Because the payment is made by the user for the user's debt, causing the money to flow away from the user and therefore would not be made by a potential hacker or a person committing fraud, the resulting biometric data collected as M A / IZ / ¿U¿¿ / U¿403ü - 79 parties to the transaction are considered reliable. Subsequently, when the user reopens the application to perform another transaction, the user is again asked to present his or her biometric information to the camera or sensor, and new biometric templates can be created in step 1807. The new biometric templates are compared with The previous enrollment data on the device and / or the new templates may be sent to the server for comparison in step 1809. In some embodiments, the device may compare the templates by downloading the enrollment data templates from the server to the device for comparison. . When it is determined that the new biometric information and / or templates do not match the enrollment data, then the transaction may be denied as shown in step 1811 and the root identity will not have the non-matching biometric data added. However, when the new biometric information sufficiently matches the enrollment data, the transaction can be authorized as shown in step 1813. Additionally, when a match exists, the confidence level of the biometric data attached to the user profile increases. Because the user is sending funds to the account, for example, to pay a debt or to make a deposit, they have an incentive to later access the account that contains those funds or that has had a reduced debt. Therefore, over time, as multiple deposits and / or payments are made with matching biometric templates, confidence in the identity of the user performing the transactions increases, as shown in the cycle of steps 1807, 1809. and 1813. To limit liability, access to withdrawals may be limited to the same amount or less that has been deposited or paid in total by the user. For example, if a user pays a $3,000 mortgage payment each month for three months using their smart device and using their face to identify themselves each time, the lending institution may be willing to allow that person to transfer up to $9,000 from an account. different that the bank has for the user, such as a checking account. As banks and other credit institutions report outstanding balances, credit limits and the timeliness of payments to the credit bureaus, it is anticipated that the bank may also provide the biometric template (possibly in an encrypted format) to the credit bureau. credit agency to store M A / t / ZUZZ / UÓ+OUO -80as part of the identifying information in the user's credit file. Next, if the user wants to apply for credit from a different institution, that institution may require the user to access its version of the application with the same biometric data collection system that was used to create the template. Biometric templates can be sent to credit bureaus' servers and compared to templates on file for that person. With this process, the user can positively identify themselves and grant the financial institution access to view their credit information without providing or transmitting their social security number, date of birth or other sensitive information. If a user does not have a debt to pay with the account issuer or the issuer is not a financial institution, it is possible to simply offer a temporary deposit service to provide assurance that the biometric data provided is true and correct for the user vindicated. For example, a user can provide a credit card number with their name and address, the card can be credited for $100 and the user would provide their biometric data to the app on their smart device. The user would then correctly answer a series of authentication questions based on knowledge based on their credit report, insurance information, medical information, or other potentially sensitive information, and provide their biometric data back to the application to recover the funds. The result is a biometric identity where future transactions can be trusted up to the amount that was previously placed on escrow and successfully recovered. Decentralized Biometric Identity Ledger There are numerous security and privacy benefits to a decentralized, anonymous biometric identity network compared to biometric authentication performed on a centralized database or solely on a user device. As explained above, biometric identity information may comprise images that have biometric data, such as digital photographs of a face or a fingerprint, and / or biometric templates that are strings of numbers that represent data that has been captured by a sensor and converted into a string by a biometric recognition algorithm. -81 Decentralized ledgers such as Blockchains, Tangles, HashGraphs, etc., hereinafter referred to as Blockchains, can be used to create public or private records that provide an immutable transaction history. The blocks can store various data and, in this embodiment, the blocks can store biometric data in the form of an image or a biometric template created from a biometric sensor (camera, fingerprint scanner, etc.) and / or a algorithm that analyzes an output from the biometric sensor (photograph, fingerprint scan, etc.). Figure 19 shows a biometric authentication system using a Blockchain, according to an exemplary embodiment. In an exemplary biometric authentication method, a smart device 1912 would run an application that allows a sensor 1916 or a camera 1914 to capture biometric data and, optionally, convert the biometric data into one or more biometric templates. The biometric data and / or template(s) may be added to an encrypted block along with additional information, such as a device ID, a unique user ID, user identity information, sensor / algorithm type / version information, date and time stamp, GPS information and / or other data. The block can be added to the 1940 Blockchain where it is stored. If the user tries to open the application again, they either provide the public key or a unique user identifier that corresponds to the public key for the block in another application. The user is then again presented with the biometric data capture interface through which the user again submits his or her biometric data to the sensor 1619 or camera 1914. The newly captured biometric data may optionally be converted into a biometric template on the device. 1912. The user's previous block is then requested from the Blockchain 1940 and downloaded to the smart device 1912 where a private key can be saved in the application to decrypt the block. The data and / or biometric templates in the block can now be compared to the newly captured biometric data and / or biometric templates. If a match is found, the user is authenticated and granted access to the application, a transaction can be made, etc., and the successful block decryption and template matching can be recorded with any combination of data, can be stored in the new block the transaction, the original template, the matching template -82most recent success or both. In addition to or as an alternative to the comparison and matching that is performed on the device 1912, the comparison and matching can be completed on the Blockchain registry servers 1940. In this case, the biometric data obtained on the user device 1912 and / or the biometric template(s) generated on the user device 1912 from the biometric data are encrypted and sent to the Blockchain 1940 registry servers. The public key and the private decryption key may be sent to the Blockchain 1940 registry servers to decrypt one or more previous blocks of biometric information and / or template(s) of the user, as well as to decrypt the biometric data and / or most recently submitted template(s). The Blockchain 1940 registry servers then execute matching algorithms to determine whether the biometric information and / or template(s) stored in the block and the biometric information(s) ) most recently collected are considered a match according to the thresholds previously set in the matching algorithm. By providing template matches across all Blockchain registry servers 1940 (which may be hundreds or thousands of servers), an account provider can be confident that the device 1912 running the application has not been compromised if the results The 1912 device and all the Blockchain 1940 registry servers would have to be compromised at the same time for a hacker to change them all, which of course , it would be very unlikely, if not impossible. In yet another embodiment, a special matching server 1950 may be employed to which a copy of both the biometric information and / or template(s) recently collected from the device and the information(s) would be sent. biometric(s) and / or template(s) in the block. The device 1912 may provide the decryption key directly to the matching server 1950, or the Blockchain 1940 may be instructed to send the encrypted biometric template(s) to the matching server with a smart contract that It is a set of computer instructions encoded in the block. This is a characteristic of Blockchains with decentralized processing capabilities such as Ethereum. -83It is also anticipated that when a new device requests a block using a user's unique identification, for example, an email address, phone number, or public key, that the device is only authorized to download blocks in the string containing biometric templates of the user that are associated with that unique ID because the device contains the private keys. Therefore, the user's most recent templates can be compared to all templates that have been captured and stored on the Blockchain, allowing for multiple matches. This may provide fewer false rejections to the correct users that may result from changes in appearance due to lighting, aging, makeup, hair, beard, glasses, etc. In one configuration of the system and method described herein, a private key exists and the private key will decrypt the contents of the block, but the biometric data within the block is what is used in the comparison to determine if there is a match between new biometric data and stored biometric data. Therefore, the private key is required to gain access to the biometric data block. The private key can be created by the user, the system, or the private key can correspond to a combination of unique identifiers that are easier to remember, a phone number, a social security number, an email address, and a date. of birth, etc., and therefore also unique to the user. In this configuration, it is possible and contemplated that there are two Blockchains, one with personal data and another with anonymous storage of biometric templates only. Blocks of personal data in the first Blockchain would be decrypted by a private key or combinations of corresponding personal data that only one knows, and shared only with specific providers who want to be able to verify that identity, then in that data the number of blocks of another Block(s) with your biometric data is attached to that record and then the application can unlock that block and match / update your newly uploaded biometric data with the data in that biometric block. In addition to biometric comparison, the application that collects the biometric data may perform liveness tests on the collected biometric data, such as those described above. If the user is shown to exhibit traits that normally only exist in living humans, at the exact moment in which M A / IZ / ¿U¿¿ / U¿403ü If the identity is verified, then the biometric data can be trusted to be from a real human being, not from a non-living object such as a fake photograph or video. Figure 20 is a schematic of a computing or mobile device, or server, such as one of the devices described above, according to an exemplary embodiment. Figure 20 shows an example of a computing device 2070 and a mobile computing device 2050, which can be used with the techniques described herein. Computing device 2070 is intended to represent various forms of digital computers, such as laptops, desktop computers, workstations, personal digital assistants, servers, blade servers, central processors, and other appropriate computers. Computing device 2050 is intended to represent various forms of mobile devices, such as personal digital assistants, cell phones, smartphones, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are intended to be an example only and are not intended to limit the implementations described and / or claimed herein. The computing device 2070 includes a processor 2002, a memory 2004, a storage device 2006, a high-speed interface or controller 2008 that connects to the memory 2004 and high-speed expansion ports 2010, and a low-speed interface or controller 2012 that connects to the low-speed bus 2014 and the storage device 2006. Each of the components 2002, 2004, 2006, 2008, 2010 and 2012 are interconnected by several buses and can be installed on a common or other motherboard ways, as appropriate. The processor 2002 may process instructions for execution within the computing device 2070, including instructions stored in memory 2004 or storage device 2006 to display graphical information for a GUI on an external input / output device, such as the display. 2016 coupled to the high-speed controller 2008. In other implementations, multiple processors and / or multiple buses may be used, as appropriate, along with multiple memories and memory types. Additionally, multiple computing devices 2070 may be connected, each device providing portions of the necessary operations (e.g., such as a bank of servers, a cluster of blade servers, or a multiprocessor system). -85Memory 2004 stores information within computing device 2070. In one implementation, memory 2004 is a unit or units of volatile memory. In another implementation, memory 2004 is a unit or units of non-volatile memory. Memory 2004 may also be another form of computer-readable media, such as a magnetic or optical disk. The storage device 2006 is capable of providing mass storage for the computing device 2070. In one implementation, the storage device 2006 may be or contain a computer readable medium, such as a hard disk device, an optical disk device or a tape device, flash memory, or other similar solid-state memory device, or an array of devices, including devices in a storage area network or other configurations. A computer program product may be tangibly incorporated into an information medium. The computer program product may also contain instructions that, when executed, perform one or more methods, such as those described above. The information carrier is a computer or machine-readable medium, such as memory 2004, storage device 2006, or memory in processor 2002. The high speed controller 2008 handles bandwidth intensive operations for the computing device 2070, while the low speed controller 2012 handles lower bandwidth intensive operations. Such assignment of functions is only exemplary. In one implementation, the high-speed controller 2008 is coupled to the memory 2004, the display 2016 (e.g., through a graphics processor or accelerator), and the high-speed expansion ports 2010, which can accept various expansion cards. (not shown). In the implementation, the low speed controller 2012 is coupled to the storage device 2006 and the low speed bus 2014. The low speed bus 2014, which may include various communication ports (e.g., USB, Bluetooth, Ethernet, wireless Ethernet ) can be coupled to one or more input / output devices, such as a keyboard, a pointing device, a scanner, or a network device such as a switch or router, e.g., through a network adapter. The computing device 2070 can be implemented in several different ways, as shown in the figure. For example, it can be deployed as a standard 2020 server or multiple times across a group of such servers. Also -86 may be deployed as part of a rack server system 2024. Additionally, it may be deployed on a personal computer, such as a laptop computer 2022. Alternatively, the components of the computing device 2070 may be combined with other components in a mobile device (not shown ), such as device 2050. Each such device may contain one or more of the computing devices 2070, 2050, and an entire system may be formed by multiple computing devices 2070, 2050 that communicate with each other. The computing device 2050 includes a processor 2052, a memory 2064, an input / output device such as a display 2054, a communication interface 2066, and a transceiver 2068, among other components. The device 2050 may also be provided with a storage device, such as a micro-disk drive or other device, to provide additional storage. Each of the components 2050, 2052, 2064, 2054, 2066, and 2068 is interconnected via multiple buses, and several of the components may be installed on a common motherboard or in other ways as appropriate. The processor 2052 may execute instructions within the computing device 2050, including instructions stored in memory 2064. The processor may be implemented as a set of chips including separate and multiple analog and digital processors. The processor may provide, for example, coordination of the other components of the device 2050, such as control of user interfaces, applications executed by the device 2050, and wireless communication by the device 2050. The processor 2052 may communicate with a user through the control interface 2058 and the display interface 2056 coupled to a display 2054. The display 2054 may be, for example, a TFT LCD (Thin Film Transistor Liquid Crystal Display). ) or an OLED (organic light-emitting diode) or other suitable display technology. The display interface 2056 may comprise circuitry suitable for causing the display 2054 to present graphical and other information to a user. The control interface 2058 may receive commands from a user and convert them to send to the processor 2052. Additionally, an external interface 2062 may be provided in communication with the processor 2052, to allow near area communication of the device 2050 with other devices. The external interface 2062 may provide, for example, wired communication in some implementations, or wireless communication in other implementations, and multiple -87interfaces. Memory 2064 stores information within computing device 2050. Memory 2064 may be implemented as one or more of a computer-readable medium or media, a volatile memory unit or units, or a non-volatile memory unit or units. Expansion memory 2074 may also be provided and connected to device 2050 through expansion interface 2072, which may include, e.g., a SIMM (Single Inline Memory Module) card interface. Such expansion memory 2074 may provide additional storage space for the device 2050, or may also store applications or other information for the device 2050. Specifically, the expansion memory 2074 may include instructions for carrying out or supplementing the processes described above. above and may also include secure information. Thus, for example, expansion memory 2074 may be provided as a security module for device 2050 and may be programmed with instructions that enable secure use of device 2050. Additionally, secure applications may be provided through SIMM cards, along with with additional information, such as placing identifying information on the SIMM card in such a way that it cannot be hacked. The memory may include, for example, flash memory and / or NVRAM memory, as discussed below. In an implementation, a computer program product is tangibly incorporated into an information medium. The computer program product contains instructions that, when executed, perform one or more methods, such as those described above. The information carrier is a computer or machine readable medium, such as memory 2064, expansion memory 2074, or memory in processor 2052, which may be received, for example, through transceiver 2068 or external interface 2062. Device 2050 may communicate wirelessly via communication interface 2066, which may include digital signal processing circuitry when necessary. The communication interface 2066 can provide communications under various modes or protocols, such as GSM voice calls, SMS messages, EMS or MMS, CDMA, TDMA, PDC, WCDMA, CDMA2000 or GPRS, among others. Such communication may occur, for example, through radio frequency transceiver 2068. Additionally, short range communication may occur, such as using a Bluetooth, Wi-Fi, or other similar transceiver (not shown). Additionally, the 2070 GPS (Global Positioning System) receiver module can provide -88additional wireless data related to navigation and location to device 2050, which may be used as appropriate by applications running on device 2050. Device 2050 may also communicate audibly using audio codec 2060, which may receive spoken information from a user and convert it into usable digital information. The audio codec 2060 may also generate sound audible to a user, such as through a speaker, e.g., in a headset of the device 2050. Such sound may include sound from voice telephone calls, may include recorded sound (e.g., messages voice, music files, etc.) and may also include sound generated by applications operating on the device 2050. The computing device 2050 can be implemented in several different ways, as shown in the figure. For example, it may be implemented as a cell phone 2080. It may also be implemented as part of a smartphone 2082, a personal digital assistant, a computer tablet, or other similar mobile device. Therefore, various implementations of the systems and techniques described herein may be realized in digital electronic circuits, integrated circuits, specially designed ASICs (application specific integrated circuits), computer hardware, firmware, software, and / or combinations thereof. . These various implementations may include implementation in one or more computer programs that are executable and / or interpretable in a programmable system that includes at least one programmable processor, which may be special or general purpose, coupled to receive data and instructions and to transmit data and instructions to a storage system, at least one input device and at least one output device. These computer programs (also known as programs, software, software applications or code) include machine instructions for a programmable processor, and may be implemented in a high-level object-oriented and / or procedural programming language, and / or in assembler / machine. As used herein, the terms machine-readable medium and computer-readable medium refer to any product, apparatus and / or computer program device (e.g., magnetic disks, optical disks, memory, programmable logic devices (PLDs)) used to provide machine instructions and / or data to a programmable processor, -89including a machine-readable medium that receives machine instructions such as a machine-readable signal. The term machine-readable signal refers to any signal used to provide machine instructions and / or data to a programmable processor. To enable interaction with a user, the systems and techniques described herein may be implemented on a computer that has a display device (e.g., a CRT (cathode ray tube) monitor or LCD (liquid crystal display)) to display information to the user and a keyboard and pointing device (e.g., a mouse or trackball) by which the user can provide information to the computer. Other types of devices may also be used to enable interaction with a user; for example, the response provided to the user may be any form of sensory response (e.g., visual response, auditory response, or tactile response); and user input can be received in any form, including acoustic, voice, or touch input. The systems and techniques described herein may be implemented in a computing system (e.g., computing device 2070 and / or 2050) that includes a downstream component (e.g., such as a data server) or that includes a middleware component (e.g. , an application server), or that includes a front-end component (e.g., a client computer that has a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described in the present), or any combination of said rear, intermediate or front components. System components may be interconnected by any form or means of digital data communication (e.g., a communication network). Examples of communication networks include a local area network (LAN), a wide area network (WAN), and the Internet. The computer system may include clients and servers. A client and a server are usually located far apart and usually interact over a communication network. The client-server relationship arises by virtue of the computer programs that run on the respective computers and have a client-server relationship with each other. Biometric data templates are not suitable for use as public keys, and cannot be reliably converted to public keys because each session contains biometric data that is slightly different -90a previous sessions. Biometric matching is performed by creating a match probability and setting an acceptable threshold. In one embodiment, the configuration is such that if the comparison reveals collected biometric data that matches 100%, it may be considered not a match and instead a possible fraud attempt because the comparisons Biometric data typically never matches 100%, unless a replay attack (of the same data) is being perpetrated. Because biometrics is based on the probability of confirming a matching identity, it is important to not allow bad actors to specifically target a known identity armed with copies of that person's biometric data, such as photographs, videos, or masks. This can be achieved by limiting access to the Blockchain using data from user questions. It is also contemplated that an effective means of providing a Blockchain wherein the identity of the person whose biometric data contained in each encrypted block is not readily known to other users of the Blockchain and, therefore, cannot be identified, is desirable. be easily identified. This is usually achieved in Blockchains with a public key, however, if a bad actor knows the public key of a specific individual, they can attack a spoofing attack by reproducing that individual's biometric data. By using a question layer (which requires users to answer questions before granting access to the Blockchain) that does not require users to store, transmit, or even know their public key, the likelihood that a bad actor can match a block specific with a certain user and then cheating the system is significantly reduced. This method would allow a user to easily enter data from memory that would then be used to recreate their public key and would then be used to identify themselves to blocks in the Blockchain system that contain their encrypted biometric data for authentication, but not to use information. of personally identifiable information (PII) to do so. In one embodiment, this is accomplished through a series of questions that the person answers to generate user question data. In one embodiment, these questions are such that the person would always know the answers, such as the city of birth, parents' names, or the name of high school. In one embodiment, the questions are such that the person creates the answers as favorites, things that change, or questions based -91 in opinions. Examples of this type of user question data include favorite color, favorite food, or favorite vacation. In one embodiment, user question data is created based on system requirements, but is not related to the user. Examples of this type of user data may be data containing only numbers, data containing special symbols, data containing only letters, and / or data containing a required number of each type of characters. Some of this data can be easily recovered and therefore cannot be forgotten by the user. Other facts are less likely to be guessed by others, but are harder to remember. It is contemplated that any other type of information and questions may be used for user questions and associated user question data. For questions that are easily remembered or memorized, this user question data is always available to the user. In one embodiment, as part of an identification process, the user is asked questions or asked to provide answers (user question data) to the questions. The user question data is concatenated and then encrypted to create a public key and / or block identifier. This may be used to do one or more of the following: identify the user, identify the block associated with the user on the Blockchain, combine with personally identifiable information to identify the user, or blocks containing a user's encrypted information. For example, this concatenated and encrypted user query data can identify to the authentication system which block to compare your biometric authentication session with. This user question data can be called a public key. Examples of the type of user questions include, but are not limited to, best year of your life, number of siblings, shoe size, height, favorite color, eye color, last 4 digits of your first phone number, middle name, parent name, favorite grade in school, favorite month, favorite day of the year, best physical feature, name of school, favorite food, dietary choices, political affiliation and religious affiliation or any other type of question or data Similar. In one embodiment, the data is well known (and cannot be forgotten by the user) but is not of the type that is publicly recorded or can be obtained through typical identity theft methods. In an exemplary method of operation, this authentication system can -92used when obtaining a money loan, at a car dealership, or any other situation where it is necessary or desired to positively identify the person and allow them to grant access to their credit information from the bureau to a third party (or some other function where identity is required and important). Figure 21 illustrates a block diagram of an exemplary system and usage environment. Referring to Figure 21, at the automobile dealership (business) 2124 (an exemplary use environment), the user is presented with a computer interface 2104, such as a tablet. Using computer interface 2104, user question data can be entered into a secure application or network interface with drop-down fields or text fields that do not store or record user input. The user is presented with questions for which he selects his pre-specified answers, or provides the user's question data without being presented with questions. At this stage, a check operation or other algorithm processing may occur for one or more user question data. The verification may occur on the device 2104 or on a separate device 2108. Examples of operations that may occur on the user's query data may include, but are not limited to, verification, encryption, combining with personally identifiable information such as name or social security number. By checking or otherwise processing the user question data at this stage (before transmission or electronic storage), the user question data is protected. A biometric authentication session can also be performed on the same device before, at the same time, or after providing and processing the user's question data. The user device 2104 provides the user question data which, after verification or other processing is provided at 2150 by electronic transmission, to the remote authentication system 2018 with the associated database 2112 to identify both the user and the user. your block. Authentication system 2108 may perform the same check operation on previously captured data stored in database 2112 to determine whether the received data matches a user, account, block on a Blockchain, or other identifier. According to the operation of the Blockchain, many authentication systems 2018 may be provided in different locations, or the Blockchain data for the user may -93be stored in many different databases 2112 in different locations. Authentication system 2108 may provide communication back to the user. Therefore, submitted user response data that matches stored user response data may identify the Blockchain that stores the user authentication data, grant access to the Blockchain, or both. Once the block or blocks that are associated with that public key are identified, they can be decrypted by verification to obtain the contents of that block. In this example, the verified user question data provides access to the user's blocks and can be used to reveal the biometric data stored in the block, which is then compared to the user's newly submitted authentication attempt (face data and of movement) to determine if the user's identity matches the identity stored in the Blockchain (distributed in different locations, thus preventing unauthorized access and unauthorized changes). If a match occurs, then the credit agency, lending department, or other entity 2116 will receive notice of the authentication via communication 2160. This, in turn, may allow the loan to occur or be send a credit report to company 2124 via communication 2170. For example, if the loan or credit is approved by the third party 2116, that will be communicated to the car dealership 2124, which in turn will allow the car to be taken away only with down payment and / or a payment agreement. Matching may also be an entry requirement before the dealer can obtain a user's credit or access a user's credit report. It is contemplated that in some embodiments the lender 2116 and the company 2124 may be combined. Using this method, the user can provide user question data that would not be easily known to a third party, as it is personal to the user and is not requested by the third party. This form of data and associated method overcomes the drawbacks of the prior art by providing and associating complex data (user question data) that the user will have memorized and therefore will always have, but that others do not know, and that uniquely identifies them, or their block or account on the Blockchain. The answer to the user's question data is complex, difficult to guess, and longer and more difficult to obtain by a third party than the nine-digit social security number -94u other personal information (PII), but it is generally easy for the user to remember. If a third party knows the answers to all of the user's questions, the system would only allow them to attempt to match the biometric data presented to the data stored in the blocks for that user. Because the third party will not easily compare biometric data to a photo, video, or mask if the biometric authentication has robust depth and liveness detection systems, the authentication attempt would not be authenticated and therefore the third party could not be authenticated. go through the user. Additionally, an email address or mobile phone number may be entered into the encrypted block when the user registers and an email or text message could be sent to the registered user's email address or phone number each time the user registers. that block is unlocked and the biometric data compared for an authentication session or for each attempt. This would alert a user if a bad actor had obtained the answers to their public key generation questions and was attempting to impersonate them through various means, such as using a lookalike user for a biometric spoof. If the bad actor manages to trick the system, the actual registered user would receive an email saying that a successful authentication session had been performed, and if it wasn't them, they could initiate the steps to stop the bad actor. A notification could also be provided for failed attempts to access the block. It is contemplated that the notification may be sent by email, telephone call, text message or any combination. In one embodiment, the system may alternatively or additionally send a verification code to the user, such as by mail, telephone (voice), or text message, which must be entered with the user's question data to provide an additional level of security. . Sending and entering verification codes is known and is therefore not described in detail. It is contemplated that the data from the user's query may reach the dealership, credit agency, bank or other entity, in any way. For example, user question data may be entered by the user using the company's device, uploaded by the user to the user's own device, through the use of a third-party kiosk, provided by phone, text message, or otherwise. half. Using this innovation, the method of creating a public key that people can easily remember is well suited to the -95functioning of human memory. While not all of the user question data may be secret, it can be easily remembered and is not publicly available and has not been part of the numerous data breaches, as questions are not typical data such as the number social security number, date of birth and middle name. Any number of questions can be provided to create the public key, such as, for example, two questions or ten questions, such that the more questions you ask, the less likely it is that someone will know or guess the answers to access the data in the block to an authentication attempt. Although it is possible to use a user's name, social security number, email, or phone, this data would also identify the user and easily lead them back to the blocks on the Blockchain, but it would expose the user's identity and can known due to the use of that information in other situations. With the exposed system, using data from the user's questions, the user's identity and the block that stores their corresponding biometric data are anonymous to everyone, including the Blockchain node operators. It is still possible for a person to provide all the answers to your user questions to a dishonest third party or to have that information stolen without knowing it, but this is unlikely. For this to occur, it would still be necessary for the bad actor to trick the biometric authentication system to gain access to any credit or other information, which, due to the extreme precision of the authentication routines described herein, is extremely unlikely. . Figure 22 illustrates a flow chart providing an example method of operation. This is only one possible method of operation and it is contemplated that in other systems and environments the method may deviate from that described in Figure 22 without departing from the claims. At step 2204, the user, company, or system initiates an authentication session and, as part of this, at step 2208, the company attempting to verify the identity of the person may present the user with a computing device for data entry. . The device can be any computer, including a tablet. The device and any server described herein may include a processor with memory such that the memory stores non-transitory machine-executable instructions that are executable on the processor. Non-transitory machine-executable instructions may also be called software. In the M A / IZ / ¿U¿¿ / U¿403ü -96step 2212, the computing device presents questions to the user and, as the user provides the user's answers, the computing device accepts the user's question data in step 2216. In a step 2020, the system processes the user question data to generate verified user question data. This can also occur in a remote location. The verified user question data can serve as a public key. Then, at step 2024, the system uploads the verified user question data to a remote server (optional encryption). Then, in step 2228, the system, such as a remote computer configured for user authentication, compares the verified user question data of the user with the verified user question data stored in one or more databases. The stored data comes from a previous entry by the user when the identity was known. In a step 2232, in response to a match between the stored user question data and the submitted user question data (verified or unverified), the system identifies the user's Blockchain. The system then requests an authentication attempt from the user to collect facial data and motion data during authentication. This occurs at step 2236. In this embodiment, this data is collected when the user's question data matches, but in other embodiments, the user's facial and motion data may be collected at the time of collection of the user's question data. the user's question. In step 2240, the system uploads the authentication data to a remote server from a user (optional encryption) and in step 2244 the system uses the verified user question data as a public key to unlock the authentication data (facial , movement or combination thereof) that are stored in the Blockchain. This can occur in multiple locations, just like the nature of a distributed Blockchain. In a step 2248, the authentication system compares the stored user authentication data with the authentication data submitted by the user to determine whether a match exists within a predetermined threshold. As mentioned above, 100% matches are unlikely or impossible, so similarities between data must be within some range or threshold that can be adjusted based on usage and the need to verify identity. In step 2252, in response to a -97match, access is allowed or the requested information is provided, such as access to a credit score, credit report, or authorization for another type of transaction or loan. This system can be used in any scenario where it is important to verify a person's identity. For example, purchasing an expensive watch or jewelry would benefit from identity verification, as would secure data or location access control. M A / t / ZUZZ / UÓ+OUO Identity Verification with Issued Photo Identification Card In some embodiments, the identity of a person who is authenticated using the systems and methods described above may be verified using a photo Identification card issued to the person. Identification using only the card analysis described here is also contemplated. Figure 23 illustrates an exemplary photo ID card. In Figure 23, a photo ID card 2400 may be a driver's license, passport card, passport, or any other government- or privately-issued ID card. A photo ID card 2400 typically has a front side 2402 and a back side 2404, each of which is shown in Figure 23. The front side 2402 includes a photo 2406 of the person to whom the ID card is issued. 2400. Photograph 2406 is shown herein placed on the left side of the front portion 2402 of card 2400. However, photograph 2406 may be placed in any position on card 2400. Other information is also printed on the card and can be formatted as shown or varied as needed and / or according to design preferences. For example, the name of a state 2408 that issues the card may be printed at the top of the back 2402 of the card 2400. The person's name, 2410, and other identifying information 2412 may also be printed, such as home address. , height, weight, sex, date of birth, etc. The card 2400 may comprise one or more security elements, such as a hologram 2414. On the back 2404 of the card 2400, a barcode 2416 may be provided that is encoded with the holder's personal information and / or other information related to the card of -98ID 2400. Figure 24 illustrates a method for authentication using biometric identification and a photo ID card. The method may be executed through software running on a device such as a computer, laptop, mobile device, etc., as described above. In some embodiments, the method may be executed through a display device where the display device connects to a remote device such as a server on which the software runs. In this embodiment, the method uses a camera on the device, such as front and / or rear cameras on a mobile device, laptop or desktop computer, or a webcam connected to the device. In step 2502, facial recognition is carried out using the device including liveness verification. As explained in detail above, the person authenticating with the system captures images of their face with the device's camera when prompted on the device's screen. As discussed above, the system may verify the life and / or three-dimensionality of the person by instructing the person to change the distance between themselves and the camera by moving the device / camera or themselves with respect to the camera. This allows the system to verify if the person authenticating is a live person and not a hoax. This also allows the system to perform facial recognition and collect biometric information from the person being imaged. It is contemplated and stated that one or more of the facial recognition and / or life detection functions described herein may be used, alone or in any combination, with the photo ID card method described below. At step 2504, the person authenticated or being authenticated is asked to capture an image or video of his or her photo ID card, and the system scans the image of the card to verify the authenticity and the information contained on the card. card. The image can also be uploaded to a remote website configured with software to evaluate and authenticate the identification. During image capture, for example, the system may prompt the user to move the card relative to the camera or the camera relative to the card. In other modes, the distance between the card and the camera does not change. If it moves, the card (or camera) can move in such a way -99way the distance changes between the camera and the card in a straight line closer or further away. Figure 25 shows examples of validation of a photo Identification card, according to an exemplary embodiment. In Figure 25, a first example of a mobile device 2610 is shown that has a screen 2612 and a front camera 2614, among other features. A rear-facing camera is also provided, but not shown. As an example of step 2504 of Figure 25, screen 2612 prompts the user to image the photo ID card 2400 with device 2610. Screen 2612 may display guides 2616 that instruct the user at what distance to image. of the 2400 Photo ID card with the device. The person can image the card 2400 with the device 2612 using the front camera 2514 or the rear camera. As shown in Figure 25, the device may prompt the user to take an image of the photo ID card 2400 at a closer distance relative to the camera of the device 2610. As shown, the guides 2616 may be instructed to occupy a larger portion of the screen 2612 to direct the user to hold the ID card 2400 closer to the camera. Either side or both sides of the card can be captured. By requiring movement of the card relative to the camera, the system can perform several checks to determine if the Photo ID card 2400 is authentic. For example, when the card 2400 is moved relative to the camera, the hologram 2414 on the card 2400 may appear, disappear, and / or change. The system may include a hologram verification on the photo ID card 2400 to verify that the card 2400 is genuine. In other embodiments, the system may perform banding, edge detection, and other screen detection processes as described above. In one embodiment, the system may check the user's fingers on the edges of the card to help confirm that the card is genuine and displayed on a screen of another device. Additionally, by imaging the card very closely, the device can obtain a high-quality image of the 2400 card, including all information on the card. It is also contemplated that the card can be rotated while held in such a way that the camera can see not only the surface of the card and the images and text on the surface, but also the edges of the card. This shows - 100 will also enhance three-dimensionality and will also capture any security features of the card, such as holographic features. This would detect photocopies of the card on a sheet of paper. For example, in some embodiments, the device reads information from the card for use during authentication or for other uses. The system may scan photo 2406 on photo ID card 2400 to obtain biometric information for comparison with the biometric information obtained during step 2502. Additionally, the device may scan card 2400 to retrieve the person's name and other information. identification through text recognition. The information can also be obtained by imaging the back 2404 of the card 2400 for the barcode 2416 or another type of code. This can be particularly useful when a user sets up an account for the first time with an institution so that the user does not have to manually enter user information. In step 2506, the biometric information obtained from the user during step 2502 and from the photo ID card during step 2504 are compared to determine if they match. Data obtained from card image processing can be compared to a database of known card details to verify that the card format is accurate and that other card-related details match known formats, such as, but not limited to, image placement, card thickness, text font details, text placement, security features, barcode format and placement, card color scheme, and dimensionality ratio of the card. In this embodiment, facial biometric information obtained from capturing images of the user's face and capturing images of photograph 2406 of photo ID card 2400 are compared to determine whether the images are of the same person. This comparison can occur based on the captured image of the person that is produced as part of the authentication process or from photographs captured in the above stored in a database. If the biometric information of the different images is similar within a certain threshold, the user is authenticated. Several variations are also contemplated to authenticate using a photo ID card. For example, steps 2502 and 2504 may be performed in reverse order. That is, the user can first generate the - 101 image of the ID card with photo before generating the image of yourself. In another example, the user can generate an image of himself and the photo ID card simultaneously. This provides the advantage of having an image of the person holding the actual card thus showing that the person is in possession of the actual card. Figure 26 shows an example of validation of a photo Identification card, according to an exemplary embodiment. In this example, the user holds the photo ID card 2400 and the images of himself and the photo ID card 2400 with the mobile device 2610. The user can use the screen 2612 of the device 2610 to ensure that both the The user's face and the photo ID card 2400 are clearly in view of the front camera 2614. The device then captures images of the ID card 2400 and the user simultaneously. As above, display 2612 may include prompts that instruct the user on how to obtain images of card 2400 and themselves, even at different distances from the camera. The display may also prompt the user to move the camera to obtain an image of the user's face and after identification during the same authentication session. This allows the images of both the user and the ID card with the user's photograph 2400 to be linked in time. M A / IZ / ¿U¿¿ / U¿403ü Digital Identification Also described is a digital ID configured to further identify or provide assurance of the identity of a user. In many cases, it is desirable to have assurances that a person is who they say they are. Cases where this can be useful occur in many situations. For example, before or as part of a transaction between two parties who do not conduct the transaction in person, it would be desirable for one or both parties to verify the identity of the other party. In particular, if one party has to pay before receiving the goods or before the goods are shipped, you may want assurances regarding the person selling the goods. Internet and long distance transactions are becoming more common. Additionally, identity verification before a loan is another case where it would be desirable to verify the identity of the person receiving the money. Likewise, hiring some to work - 102 remote is a case where it is preferred to verify your identity. Additionally, it is not wise to rent a house, car, or other item to a person without knowing them or verifying their identity. There are many other instances in which a third party may wish to verify a person's identity, including, but not limited to, dating, business relationships, caregivers, transaction counterparties, or voters, such as a voter ID or an ID used to verify eligibility for government benefits. Therefore, there are numerous cases where it is preferred or necessary to have some guarantees or verify the identity of a person. The exposed system and method allow a user of the system to become a verified user. A verified user is a person who completes the steps described herein, receives a digital ID, and a verification server confers the authenticity of the digital ID. The verification server comprises one or more computer systems with associated software configured to process data received from the user during the creation of the digital ID and during verification of the digital ID by a third party. The third party may be any individual or entity that uses the digital identification to verify the user's identity. The digital ID can be used to verify the identity of the user and make them a verified user. The verification server may be one or more servers or executable code per computer execution machine. For example, one server or computer can act as a network server while another can function as a verification process. Another server can perform database and data storage functions. Figure 20 provides a diagram of an exemplary computer server configuration. Figure 1 illustrates exemplary components described herein. A user may be the person 108 and his or her mobile device 112 captures the user's images and photo identification. Any of the servers 120 may be the verification server that is stored in the databases 124. Communication occurs over a network, such as network 116, which may include the Internet. Figure 21 also illustrates a hardware arrangement that can be reconfigured for use with the digital identification system. The user may use the mobile computing device 2104, the server 2108 may function as a validation server, and the third party may use a computing device, such as a - 103 computer 2116. Figure 27 is an operational flow chart of an exemplary method for creating the ID. This is only one possible method of operation and other methods are contemplated. In step 2704, a user seeking to create a digital ID downloads or installs on the user's device an application (software) from an application store or a verification server. In other embodiments, a web browser or web site may be used to interact with the user to create the digital identification. Any type of device may be used, including, but not limited to, a mobile computing device, such as a smartphone or tablet, personal computer, or any other device or system. In step 2708, after installation of the application, the application is executed and the application performs a liveness check (liveness detection) on the user to verify that the user is a living person and not simply a photograph or model. three-dimensional or a figure of the user's face. In one embodiment, the liveness verification includes capturing a first photograph of the user's face at a first distance and a second photograph of the user's face at a second distance. Other life verification methods may be used. The process of capturing photographs of the user's face with the camera located at different distances from the user's face is discussed in detail in the above. The captured photographs may be stored on the user's device or processed to create face map data at step 2712. The face map data is data that represents the user's face as captured in the image, but is not an image of the user. user and the user's face cannot be reconstructed from the face map data. The images, face map data, or both are uploaded to a verification server for processing. Face map data can be considered biometric data or image data. In step 2716, the images or face map data are processed to verify the user's life. Live verification may occur in any manner, including any manner described herein. If the liveness check determines that the user is not a live user, such as if the photographs represent a two-dimensional image or a non-human three-dimensional representation of a person (mannequin, bust, 3D facial model), then the operation ends and no digital ID can be created. Alternatively, if in step 2716 it is determined that the photographs or - 104 face maps are a living person, the operation proceeds to step 2720. At step 2720, the user is instructed to take an image of his or her photo ID (ID that has a photo of the user), such as a license driver's license, a military ID, an ID issued by a state or country, or your passport. In one embodiment, the user has the option, manually or automatically, to obscure and not display one or more elements of photo identification information. For example, the user's driver's license number, passport number, date of birth and / or address, or any other sensitive information may not be displayed on the digital ID or uploaded to the server. check. One or both sides of the ID are photographed by the user using the device to capture the photographs using a camera associated with the device. In step 2724, the user uploads the captured image to the verification server. In one embodiment, the user manually uploads the image, while in other embodiments, the application software automatically uploads the image of the user's identification or passport. It is also contemplated that alternative or additional documents can be captured with an image and uploaded to the verification server. For example, to verify that the user has the goods or the right to rent / sell the property, or complete the transaction, additional images may be captured and uploaded. This may include, but is not limited to, pictures of the item being sold, or the title of a vehicle, property tax records, employment history, themselves at a property, themselves with the property, or showing the VIN ( Vehicle Identification Number), or voter registration card or any other image capture. Next, in step 2728, the verification server and the software (machine executable code) running on the verification server compare one or more of the first image and the second image (captured at different distances) of the user. with the user photograph in the user ID to verify that the user ID photograph matches the user photographs captured in step 2712. This may occur using facial recognition or any other image comparison technique to determine or compare the identity of a user. At decision step 2732, a determination is made of one of the user's images on the photo identification or passport. If the - 105 photos do not match, then the user ID does not match the uploaded photos. Photo ID may be outdated, stolen, or counterfeit. As a result, the operation advances to step 2736 and the operation ends with a message to the user that the photographs do not match and, as such, a digital identification (ID) cannot be created. Alternatively, if the photographs match, then the operation advances to step 2740 and the verification server processes the life verification determination and the user's photo ID or passport photo(s) to generate the digital ID. . The digital ID can take any form, but in this form, it is an image or PDF file that displays one or more of the following: ID image with photo or variation thereof, photo of the user, user email address to the user, life verification, and GPS location, specific or generalized, city or country, timestamp, estimated age or any other information. Next, in step 2744, the verification server processes the digital ID to generate a verification value representing the digital ID. It is also contemplated that any other type of processing may occur on the digital identification file to generate a unique code representing the digital identification. A check function is an example of processing that generates a unique value corresponding to the digital ID. The checking functions performed on an image are known to one of ordinary skill in the art and are not described in great detail herein. The value resulting from the check function is stored for future use and is associated with the digital ID. At step 2748, the digital identification is sent from the verification server, such as by email as an attachment, to the user. The digital ID may be an image file viewable by the user and may be stored by the user or sent to a third party by the user. A link to the verification server may also be provided to the user such that the link may also be shared with a third party. The use of the link is discussed below in relation to Figures 29 and 34. Figure 28 illustrates an exemplary display screen for the software used to capture the first image. As shown, a 2804 screen - 106 can be on a mobile computing device, tablet, laptop or desktop computer with a webcam. Also displayed on screen 2804 is an oval used to frame the face and provide guidance to the user on where to place their face on the screen, as captured by the camera. Inside the oval 2808 is the face of the user 2812. During image capture, the size of the oval may change, which instructs the user to change the distance between the user and the camera, which in turn changes the size. of the user's face on screen 2804. One or more instructions 2816 may be provided on the various display screens of the software during use to assist and guide the user. Figure 29 illustrates an exemplary digital identification. This is only one possible configuration of a digital ID and other provisions are contemplated. As shown, the digital ID 2904 includes the photo ID image of the user 2908, as well as one of the first or second images captured of the user during the life determination. Also part of the digital ID 2904 is a liveness indicator 2924 that declares that the captured image was of a living user. A verified email address is also provided. The verified email address is the user's email address used when downloading the app (as part of logging into the app) and to which the digital ID was sent. These must match. Digital ID 2904 also includes a verification link 2920. The use of verification link 2920 is discussed below. In other embodiments, the digital identification may also include locations for images of other items described above, such as copies of the item being sold, the user at the residence being rented, copy of the title of the item with the user, or any other image used to build trust in the transaction or interaction between the user and the third party. Figure 30 illustrates an exemplary display screen for photo ID type selection. This is just a possible display screen. The photo ID type selection screen 3002 includes a passport selection button 3004, a photo ID selection button 3008, which can be used for any type of photo ID trusted by the third party, and also a ID match bypass 3012 so that the user can skip this stage and features of the - 107 digital identification. Figure 31 illustrates an ID image capture display screen with exemplary photograph. This is just one possible layout and design for the Photo ID image capture screen. In this example screen layout for the photo ID capture screen 3104 there is an ID framing area 3120 where the photo ID 3112 is framed. An instruction area 3108 is provided to guide the user. A flash on / off button 3124 is provided for the user to activate or deactivate the flash or light of the device, if equipped, or image processing and light detection can be used to automatically activate or deactivate the flash or adjust flash timing or intensity. The brightness of the captured image can also be adjusted after capture. A photo capture button 3116 is also provided to trigger the mobile computing device to capture the image of the user's ID when the ID is correctly framed. Figure 32 illustrates an ID image acceptance screen with exemplary photograph. This is just one possible layout and design for the Photo ID image acceptance screen. In this design example for the photo ID image acceptance screen 3204, some elements of Figure 31 are repeated and are not discussed again. In this exemplary screen, a retake button 3208 is provided in case the photograph is not in focus or aligned correctly. An accept button 3212 is provided to allow the user to accept the photo ID image displayed in area 3120. Figure 33 is an operational flowchart of an exemplary method for a third party to verify the digital ID on the verification server. This is only one possible method of operation and it is understood that one skilled in the art will come up with other methods that do not depart from the scope of the following claims. This method begins at step 3304 when the third party requests a copy of the verified user's digital identification. This may be because the third party is seeking assurances regarding the identity of the verified user. Next, in step 3308, the verified user sends the digital identification to the third party. This usually occurs via email, but other methods are possible, such as a text message or - 108 any other way of sending an electronic copy of the digital identification to a third party. Sending an image (verified to be a live user) and an image of the user's photo ID that also matches the live user gives trust to the third party. The verified user can also send a verification link to the third party; the third party can independently access the verification server on their behalf. In step 3312, the third party accesses the verification server using the verification link and then, in step 3316, the third party uploads the digital ID to the verification server using the interface shown in Figure 33. In step 3320 , the verification server performs the verification functions (the same operation that is performed on the newly created digital ID) on the uploaded digital ID to generate a second verification value. As discussed above, the verification server may perform other operations to generate the unique value that is uniquely associated with the digital ID. Next, in step 3324, the verification server compares the first verification value (generated at the time of creating the digital ID) with the second verification value (generated from the digital ID uploaded by a third party). By comparing the two verification values, the verification server determines whether any changes have occurred to the digital ID image file between the time it was sent to the verified user (by the verification server) and to the third party from the verified user . This prevents the verified user from impersonating a modified digital ID, such as changing the user's image or ID image, and the verification server or company (such as FaceTec, Inc.) does not have to store a copy of the digital ID, only the verification, but the validity and authenticity of the digital ID can be ensured to be genuine based on the comparison of the verification value. In a comparison step 3328, it is determined whether the first check value matches the second check value. If the values ​​do not match, then the operation advances to step 3332 and the verification server indicates to the third party that the digital identification has been modified. The digital ID is not verified. Alternatively, if at decision step 3328 the two verification values ​​match, then the operation advances to step 3336 and the verification server sends a response to the third party indicating that the identification - 109 digital is valid and verified, along with the email address used by the verified user to use the digital ID software and receive the digital ID from the verification server. Figure 35 illustrates an exemplary notification screen that may be provided to a third party. Next, in a step 3340, the verification server may update a record associated with the verified user of the submission of the digital ID for verification and the successful matching of the two verification values. This can be useful to validate the verified user over time to provide a trust score to the verified user or to create a history profile. At step 3344, the verification server may request responses from the third party regarding its interaction with the verified user. For example, the request for answers may ask whether the third party had a successful interaction with the verified user, or whether the verified user turned out to be who the verified user represented. These responses can be used to create a confidence score for the digital ID and the verified user, or conversely associate the verified user with fraud or misrepresentation. This information may be shared with other users or future users as a way to establish greater trust in the system and digital identification. Figure 34 illustrates a loading screen of the exemplary digital ID presented by the verification server to the third party. This is just one possible layout and design for the Digital ID loading screen. In this exemplary design, the loading screen of digital ID 3404 is presented to the third party when the third party accesses the verified user's link or independently accesses the verification server (website). On this page there are one or more mechanisms for the third party to upload the digital ID image file. In this exemplary embodiment, the third party may drop and slide the file to upload location 3408. In other embodiments, other mechanisms may be used to upload the image file for the digital ID. Figure 35 illustrates an exemplary digital ID verification screen presented by the verification server to the third party. This is just one possible layout and design for the digital ID verification screen. As shown, the digital ID verification screen 3504 includes a notification that the digital ID has been verified, meaning the address - 110 email in the digital ID is the same email address to which the digital ID was sent (to the user) and that the digital ID image file matches (as verified by the verification operation or other comparison process) with the digital identification file that was originally sent to the user. Also displayed on the digital ID verification screen 3504 is the email address used by the verified user, such as the email address to which the digital ID was mailed. A copy of the verified digital ID is also provided to confirm that the verification corresponds to the appropriate digital ID. In another embodiment, other elements can be displayed. In one or more embodiments, additional steps may occur to build trust in the user or the photo ID. In other embodiments, if the photo ID image provided to the verification server is of a type known in the verification server's database, such as a driver's license, then one or more matching algorithms may be run on the verification server. photo ID to verify that the photo ID matches a template of acceptable photo ID formats. Stated another way, if the photo ID does not have the required information in the required location and other aspects of the photo ID do not match the accepted template for that type of photo ID, it is noted on the digital ID or ID. Digital is not generated or provided to the user. For example, the matching algorithm may match the submitted Photo ID image against the accepted template for the following factors, but is not limited to the following factors: font type, arrangement of elements in the Photo ID, color of the elements or background of the elements, expiration date, arrangement of information, format of information, watermarks, size of the photograph, size ratio of elements with respect to other elements, images, drawings or illustrations in the ID with photography, holograms, anti-copy features, barcodes, facial features in comparison to information on the ID such as eye color, skin color, hair color or any other factor or characteristic. As discussed above, a verification server, which may comprise one or more servers or computers, may receive information from the - 111 application software installed and running on the user's computing device. The application software runs to provide the screen displays and functionality described herein. For example, application software running on the user's mobile computing device may capture images of the user and the user's photo ID, and also upload the image files to the verification server. This provides a closed, secure and controlled system to obtain the required information and transmit the information to the verification server. It is also contemplated that a web page can be created that acts as a portal for the user to interact with the verification server. It is also contemplated that a user or third party may use a desktop or laptop computer interface with the verification server. As discussed herein, the face map comprises data that is derived from images of the user's face. The face map data can be sent to the verification server instead of the full image to reduce bandwidth requirements, reduce the time (for a given bandwidth) required to upload the required information to the verification server, and add a Greater privacy for user images. In one embodiment, the face map data may not be used to recreate the image of the person. When generating the face map data or selecting which image(s) to send to the verification server, specific face frames are selected for their position and quality. The Digital ID may be in any electronic file format suitable for delivery by text message, email, or other means of electronic transmission. For example, and not limited to, the digital ID which may be an image file such as jpeg, tiff, raw image format, PFD, bmp, GIF, PNG or any other type of image file format. In one embodiment, the image file is locked and cannot be edited. The file format for the Digital ID may be a proprietary format usable only by application software running on a computing device. This can make it difficult to edit or modify changes to the digital ID, although any changes would be detected during the comparison of check values ​​derived from the digital ID. Although several embodiments of the invention have been described, it will be apparent to those skilled in the art that many more embodiments are possible and - 112 implementations that are within the scope of this invention. Furthermore, the various features, elements and embodiments described herein may be claimed or combined in any combination or arrangement.

Claims

1. A method for generating a digital ID for a user comprising: capturing at least one image of a user's face with a camera; transmitting at least one image of the user's face or data derived from at least one image of the user's face to a verification server and performing a liveness check on the same to determine whether the at least one image captured a living person; in response to the determination that the user in at least one image is a living person, capturing an image of a user's ID, the ID having an image of the user in the ID; transmitting the image of the ID to the verification server; comparing the at least one image of a user's face or the data derived from the at least one image of the user's face with the image of the user in the ID to determine if a match exists;in response to a match, generate a digital ID, the digital ID having one or more of the following displayed thereon: image of the user's identification, image of the user, email address of the user used to receive the digital ID and information that at least one image of the user was of a living person and that at least one image of the user matches the image in the user identification; and provide the digital ID to the user.

2. The method of claim 1, wherein the capture of at least one image of the user is carried out with a mobile computing device.

3. The method of claim 1, wherein comparing at least one image of the user's face or data derived from at least one image of the user's face with the image of the user in the identification comprises using one or more face matching algorithms.

4. The method of claim 1 further comprising analyzing the ID image against an ID template for IDs having the same format to determine if the ID image matches the ID template.

5. The method of claim 1, wherein the method is performed by means of application software running on a mobile computing device and providing the digital ID to the user comprises sending an email to the user with an attachment, the attachment being the digital ID as an image file.

6. The method of claim 1 further comprising processing the digital ID to generate a first value, the first value being unique for the processing of the user's digital ID.

7. The method of claim 6, wherein the processing comprises a checking function.

8. The method of claim 6 further comprising: receiving a copy of a third party's digital ID on the verification server as part of a verification request by a third party, the third party receiving the copy of the digital ID from the user as part of the guarantee provided by the user to the third party regarding the user's identity; processing the copy of the digital ID to generate a second value, the second value being unique for processing the copy of the digital ID; comparing the first value with the second value; in response to a match between the first and second values, notifying the third party of the verification of the copy of the digital ID; in response to a non-match between the first and second values, providing the third party with notification of the non-verification of the copy of the digital ID.

9. A method for generating a digital ID and verifying the digital ID comprising: capturing one or more images of a user's face with a camera; transmitting one or more user images or data derived therefrom to a verification server; determining whether the one or more user images or data derived therefrom represent a living person captured in one or more user images; capturing an ID image from a photo ID of the user, the photo ID having an image of the user; transmitting the ID image of the photo ID to the verification server; comparing at least one of the one or more user images or data derived therefrom with the image of the user in the photo ID to determine whether the user in one or more user images is the same person as the image in the photo ID;In response to a match from the comparison and the determination that a living person was captured in one or more user images, generate a user digital ID and transmit the user digital ID to the user; receive the received digital ID from a third party on the verification server, seeking the third party to validate the received digital ID; before or after receiving the received digital ID from the third party, process the user digital ID to generate a first unique value for the user digital ID; process the received digital ID to generate a second unique value for the received digital ID; compare the first value with the second value for their determination; and in response to the first value matching the second value, send a verification to the third party that the received digital ID has not been altered from the user digital ID.

10. The method of claim 9 wherein the user digital ID and the received digital ID include at least two of the elements selected from the following list: user ID image, user image, user email address used to receive the user digital ID, and information that the user image was of a living person and that one or more images match the user image in the ID.

11. The method of claim 9, wherein the processing of the user digital ID and the received digital ID is a verification function.

12. The method of claim 9, wherein the one or more images include a first image captured at a first distance between the camera and the user's face and a second image captured at a second distance between the camera and the user's face, such that the first distance is different from the second distance.

13. The method of claim 9 further comprising analyzing the photo ID image against a template of an ID having the same format to determine whether the photo ID image matches the template.

14. The method of claim 9, wherein the method is performed by means of application software running on a mobile computing device and providing the digital ID to the user comprises sending an email to the user with an attachment, the attachment being the digital ID as an image file.

15. The method of claim 9, wherein the processing comprises a checking function.

16. A system for generating a digital ID comprising: a verification server configured to: receive a user email address from a user seeking a digital ID; receive two or more images representing the user from the user seeking the digital ID; process the two or more user images to determine whether the two or more images representing the user are of a living person; in response to the processing that determines that the two or more images representing the user are of a living person, request an ID image comprising an image of a photo ID for the user, including the photo ID a photograph of the user; receive the image of the user's ID image;process the user's photograph in the ID image and at least one of the two or more user images to determine if the user's photograph in the ID image is of the same person as the user shown in at least one of the two or more images; in response to the user's photograph being the same person as in at least one of the two or more images, generate a digital user ID; process the digital user ID to generate a first value that is unique to the digital user ID; and send the digital ID to the user looking for the digital ID.

17. The system of claim 16 wherein the digital ID is an electronic file that, when displayed on a monitor, includes the photographic identification, at least one of the two being the user's image and the user's email address.

18. The system of claim 16 wherein the two or more images comprise a first image captured at a first distance between the camera and the user's face and a second image captured at a second distance between the camera and the user's face, such that the first distance is different from the second distance.

19. The system of claim 16, wherein the verification server receives the two or more images and the ID image from an application that is running on a user's mobile device or through a network portal.

20. The system of claim 16, wherein the verification server is further configured to: receive a copy of a third party's digital ID as part of a verification request by a third party, the third party receiving copy 10 of the user's digital ID; process the copy of the digital ID to generate a second value that is unique to the copy of the digital ID; compare the first value with the second value; in response to the first value being the same as the second value, 15 provide notification to the third party of the verification of the copy of the digital ID; and in response to the first value being different from the second value, notify the third party that the copy of the digital ID cannot be verified.