Title of Invention

A METHOD OF IDENTIFYING A USER BY MEANS OF MODIFIED BIOMETRIC CHARACTERISTICS

Abstract The present invention relates to a method of identifying a user, the method being implemented by means of a database containing personal data of users and containing for each user at least one unmodified biometric characteristic (E1^i), at least one biometric characteristic (E2 i) that has been modified and that is accessible from the unmodified biometric characteristic, and at least one item of identification data (D) that is accessible from a code identifying the modification that has implemented on the second biometric characteristic. The method comprises the steps of comparing first and second biometric characteristics (e1#i) read from the user with the characteristics in the database in order to determine (5) what modification has been implemented and to deduce therefrom the code identifying the modification; and extracting (6) the identification data by means of the code as deduced in this way. The invention also provides a database for implementing the method.
Full Text

A METHOD OF IDENTIFYING A USER BY MEANS OF MODIFIED BIOMETRIC CHARACTERISTICS, AND A DATABASE FOR IMPLEMENTING THE METHOD
The present invention relates to a method of identifying a user by means of a modified biometric characteristic, and to a database for implementing the method. The term "biometric characteristic" is used herein to mean a set of characteristic points, in particular of a fingerprint, of an iris, or of a face, that is specific to each individual and that enables said individual to be distinguished from other individuals.
By way of example, such a method can be used to verify the identity of a user or to authorize the user to access premises, or particular information, or a computer service.
An identification method is known that is implemented by means of a database putting a biometric characteristic of each user into association with personal data of the user. A dishonest person having access to the database would then have access to all of the information needed for that user to usurp the identity of an authorized user. The correspondence between the biometric characteristic and the personal data also goes against the confidentiality that is normally associated with implementing a database suitable for identifying all of the users of a service or an application.
An authentication method is also known from document EP—A—1 126 419 that is implemented by means of a memory and that makes it possible to prevent a third party who gains access to that memory from being able to use the information it contains in order to falsify authentication. The memory contains a modified biometric characteristic obtained by implementing a combination of modifications on a fingerprint of the user, each modification being identified by a respective code, and where such modifications are constituted, for example, by

geometrical transformations associated with the addition of decoys. The combination of these codes forms the authentication code. The method comprises the steps of reading the fingerprint from the user and applying thereto all possible modifications, with the resulting modified biometric characteristic then being compared after each modification or combination of modifications with the modified biometric characteristic that has been stored in memory. A match between stored and resulting modified biometric characteristics makes it possible to deduce the code for the combination of modifications that have been implemented, which code constitutes the authentication code. Thus, mere access to the memory does not give a dishonest user the ability to discover a user's fingerprint, nor the corresponding authentication.
Such a method is difficult to transpose to identifying users from a database containing the biometric characteristics and the personal data of a plurality of users. That would require implementing all possible modifications on the user's fingerprint and comparing the results obtained with each of the modified transformed biometric characteristics in the database. That would lead to an operation that is particularly lengthy and greedy for computer resources. Unless particularly large computer resources are available, the method is therefore increasingly less usable with a database as the number of users referenced in that database increases.
It would therefore be advantageous to have a method that avoids these drawbacks of the above-mentioned method.
To this end, the invention provides a method of identifying a user that is implemented by means of a database of the personal data of users, containing for each user at least one unmodified first biometric characteristic, at least one second biometric characteristic that is accessible from the unmodified

first biometric characteristic and that has been modified by at least one modification, and at least one item of identification data that is accessible from a code identifying the modification that has been implemented on the second biometric characteristic. The method comprises the following steps:
• reading from the user a first biometric characteristic and comparing it with the unmodified first biometric characteristics in the database in order to identify the unmodified first biometric characteristic that corresponds to the user;
• reading from the user a second biometric characteristic and comparing it with the modified second biometric characteristic that is accessible from the unmodified first biometric characteristic of the user in order to determine what modification has been implemented and thus deduce the code identifying the modification; and
• extracting the identification data by means of the code as deduced in this way.
Thus, the first biometric characteristic makes it possible rapidly firstly to determine whether the user has a reference in the database, and secondly to find the modified second biometric characteristic that is stored in the database and that corresponds to the user. The second biometric characteristic read from the user then makes it possible to discover the modification that was implemented on the second biometric characteristic, and to deduce therefrom the code identifying said modification. On the basis of the code, it is then possible to access the personal data of the user. As a result, a third party having access to the database cannot establish a link between the biometric characteristics and the personal data of the users.
The invent3.on also provides a database containing personal data of users for implementing the above method. The database contains, for each user, at least one

unmodified first biometric characteristic, at least one second biometric characteristic that is accessible from the unmodified first biometric characteristic and that has been modified by means of at least one modification, and at least one item of identification data that is accessible from a code identifying the modification that has been performed on the -second biometric characteristic.
Other characteristics and advantages of the invention appear on reading the following description of a particular and non-limiting implementation of the invention.
Reference is made to the accompanying drawing, in which:
• Figure 1 is a diagrammatic view showing the organization of a database in accordance with the invention;
• Figures 2 and 3 show steps in modifying biometric characteristics; and
• Figure 4 is a block diagram showing the identification method in accordance with the invention.
With reference to the figures, the method of identification in accordance with the invention is implemented by means of a personal database of users, given overall reference 1, containing personal data for n users .i,
For each user _i, the database contains an unmodified first record Ex if a modified second record E'2i, and identification data D.
The unmodified first biometric characteristic E, , groups together the characteristic points of a first fingerprint ex i of the user ^L, such as for example the user's left thumb print.
The modified second biometric characteristic Ef2?i is obtained from an unmodified second biometric characteristic E2fi (see Figure 2). The unmodified second biometric characteristic E2/i groups together the

characteristic points of a second fingerprint e2/i of the user i., such as the fingerprint of the user's left index finger. The unmodified second biometric characteristic E2/i is subdivided into subsets A, B, C, D, E, and F that are subjected to modification. In this example, these modifications are transformations Tl, T2, T3 implemented in the manner described in document EP—A—1 12 6 419. The transformations are transformations of the geometrical type, translation, permutation, rotation, scaling, ... . Each transformation Tl, T2, or T3 is identified by a code, in this case respectively 1, 2, or 3.
Taking a user 1 as an example (see Figure 3), the subset A is subjected to the transformation Tl to form the subset A1, the subset B is subjected to the transformation T2 to form the subset B1, the subset C is subjected to the transformation T3 to form the subset C1, the subset D is subjected to the transformation Tl to form the subset D1, the subset E is subjected to the transformation T2 to form the subset E', and the subset F is subjected to the transformation T3 to form the subset F'. The modified second biometric characteristic E!2 x is thus the result of a combination of the transformations Tl, T2, T3, and it comprises the subsets A1, B1, C, D1, E! , and F! . The combination of the transformations used for obtaining the modified second biometric characteristic E'2 x thus has the code 12 3 12 3.
By way of example, for a user 2, the combination of modifications that is performed to obtain the modified second biometric characteristic Ef2^2 might have the code 2 3 12 3 1.
By way of example, the identification data D might comprise the name of the user, civil status, address, the authorizations or rights available to the user, ... -
The database 1 is organized in such a manner that the modified segond biometric characteristic E'2ti is accessible from the unmodified first biometric characteristic E1;L. A reference to the field containing

the modified second biometric characteristic E'2 ^ may be contained for example in the field containing the non-modified first biometric characteristic Ex t.
The identification data D of each user i. is accessible from the code identifying the combination of modifications performed on the modified second biometric characteristic E12fi corresponding to the user i_. The code identifying the combination of modifications in this example thus constitutes information for locating the corresponding identification data D in the database.
The identification method in accordance with the invention is described below in the context of identifying the user 1 (see Figure 4).
The identification method begins with a step 1 of reading from the user a first fingerprint elfl and of extracting therefrom the first biometric characteristic E1 x. This reading step is performed in conventional manner using a fingerprint detector and a recognition device, both known in themselves.
During a step 2, the first biometric characteristic Eltl of the user is compared with the first characteristics Elfi to verify that the user 1 is indeed referenced in the database. When the stored first biometric characteristic Elfl is found, the stored modified second biometric characteristic E'2/1 corresponding to the stored first biometric characteristic Elfl is also identified (step 3).
During a step 4, a second fingerprint e2/l is read from the user and the second biometric characteristic E0 -, is extracted therefrom.
The possible modifications, in this example the geometrical transformations Tl, T2, and T3, are then tried out systematically in all possible combinations on the second biometric characteristic E2fl and the result of these combinatiQns is compared with the modified second biometric characteristic E'2/1 as stored (step 5). When the result of a combination matches the stored second

modified biometric characteristic E'2,if then the code 12 3 12 3 corresponding to the successful combination is deduced and is used to locate the identification data D(l 2 3 1 2 3) corresponding to the user 1 who is thus identified (step 6).
Naturally, the invention is not limited to the implementation described but covers any variant coming within the ambit of the invention as defined by the claims.
In particular, the invention is applicable to other biometric characteristics, and in particular to any set of characteristic points, in particular belonging to a fingerprint, to an iris, or to a face, that is specific to each individual and that enables that individual to be distinguished from other individuals.
It is also possible to provide a modification consisting in adding at least one decoy to the subsets A1, B', C, D1, E', and F1. In this example, the decoy is a false subset containing imaginary characteristic points. The modifications could consist solely in adding decoys, without performing the transformations on the initial subsets. The number of transformations may also be different from that described.
Although the subsets are shown as being contiguous, the subsets could overlap.
In a variant, the identification D could be stored in the database in encrypted form. The code identifying the combination of transformations then constitutes a key suitable for deciphering the identification data D: the code is used for deciphering the data or for deciphering an encrypted key for use in deciphering the data.



CLAIMS
1. A method of identifying a user, the method being characterized in that it is implemented by means of a database of the personal data of users, containing for each user at least one unmodified first biometric characteristic (Elfi), at least one second biometric characteristic (E2 i) that is accessible from the unmodified first biometric characteristic and that has been modified by at least one modification (T), and at least one item of identification data (D) that is accessible from a code identifying the modification that has been implemented on the second biometric characteristic, and in that the method comprises the steps of:
• reading (1) from the user a first biometric characteristic (ex i) and comparing it with the unmodified first biometric characteristics in the database in order to identify the unmodified first biometric characteristic that corresponds to the user;
• reading (4) from the user a second biometric characteristic (e2/i) and comparing it with the modified second biometric characteristic that is accessible from the unmodified first biometric characteristic of the user in order to determine (5) what modification has been implemented and thus deduce the code identifying the modification; and
• extracting (6) the identification data by means of the code as deduced in this way.
2. A method according to claim 1, characterized in that the modified second biometric characteristic (Ef2/i) has been subjected to a combination of modifications (T) , and in that the access code to the identification data is constituted by the combination of codes identifying said modifications.

3. A database of the personal data of users, the database
containing, for each user, at least one unmodified first
biometric characteristic (E1#i), at least one second
biometric characteristic (E'2 J that is accessible from
the unmodified first biometric characteristic and that
has been modified by means of at least one modification
(T), and at least one item of identification data (D)
that is accessible from a code identifying the
modification that has been performed on the second
biometric characteristic.
4. A database according to claim 3, characterized in that
the code forms information for locating the
identification data (D) in the database.
5. A database according to claim 3, characterized in that
the identification data (D) is encrypted, and in that the
code constitutes a key suitable for decrypting the
identification data.


Documents:

2309-chenp-2007 amended pages of specification 25-01-2011.pdf

2309-CHENP-2007 AMENDED PAGES OF SPECIFICATION 04-01-2011.pdf

2309-CHENP-2007 AMENDED CLAIMS 04-01-2011.pdf

2309-chenp-2007 correspondence others 21-01-2011.pdf

2309-chenp-2007 correspondence others 25-01-2011.pdf

2309-chenp-2007 form-1 25-01-2011.pdf

2309-chenp-2007 form-1 04-01-2011.pdf

2309-chenp-2007 form-3 25-01-2011.pdf

2309-chenp-2007 form-3 04-01-2011.pdf

2309-CHENP-2007 OTHER PATENT DOCUMENT 04-01-2011.pdf

2309-CHENP-2007 POWER OF ATTORNEY 04-01-2011.pdf

2309-CHENP-2007 EXAMINATION REPORT REPLY RECIEVED 04-01-2011.pdf

2309-CHENP-2007 FORM-13 26-10-2010.pdf

2309-CHENP-2007 FORM-6 01-05-2009.pdf

2309-chenp-2007 power of attorney 21-01-2011.pdf

2309-CHENP-2007 CORRESPONDENCE OTHERS 16-03-2010.pdf

2309-chenp-2007-abstract.pdf

2309-chenp-2007-claims.pdf

2309-chenp-2007-correspondnece-others.pdf

2309-chenp-2007-description(complete).pdf

2309-chenp-2007-drawings.pdf

2309-chenp-2007-form 1.pdf

2309-chenp-2007-form 3.pdf

2309-chenp-2007-form 5.pdf

2309-chenp-2007-form18.pdf

2309-chenp-2007-pct.pdf


Patent Number 246520
Indian Patent Application Number 2309/CHENP/2007
PG Journal Number 09/2011
Publication Date 04-Mar-2011
Grant Date 02-Mar-2011
Date of Filing 29-May-2007
Name of Patentee MORPHO
Applicant Address 27 RUE LABLANC, 75015 PARIS
Inventors:
# Inventor's Name Inventor's Address
1 CHABANNE, HERVE 48 RUE DE LA MARNE, 78200 MANTES-LA-JOLIE, FRANCE
2 RIEUL, FRANCOIS 3 RUE AMPERE, F-78100 SAINT-GERMAIN EN LAYE, FRANCE
3 DIDIER, BERNARD 94 ROUTE D'HERCY, 77870 VYLAINES SUR SEINE, FRANCE
PCT International Classification Number G06F 17/30
PCT International Application Number PCT/FR05/002894
PCT International Filing date 2005-11-22
PCT Conventions:
# PCT Application Number Date of Convention Priority Country
1 0412618 2004-11-29 France