An integrated authentication solution which brings together all three elements of authentication, something you are, something you have and something you know to authenticate an individual before entering a room or building. Three separate devices are used to authenticate each of the elements in order to authenticate an individual’s right to enter a room or building. A porch-shaped shell is used to house a number of detectors with the purpose of identifying and authenticating a contactless smartcard (something you have). The shell must be no wider than 100cm to ensure the card can be read from anywhere on the individual’s person. Once the card has been authenticated, a number of image capturing device(s), to take a 180 degree image of the individual’s face (something you are). Upon passing this test, a secure shutter opens to reveal a keypad to enable the individual to enter a PIN number or password to be no shorter than 6 digits (something you know). If this PIN is authenticated, the individual is allowed access to the room or building. All devices must be securely attached to the building or room in question and must not have terminals of any kind outside the secured area.
Authenticating an individual to enter a building or room has long been achieved by single methods mostly using something you have. Some systems do use multiple methods and/or something you are or know, however there are always weaknesses in all systems, some more than most. This invention relates to this problem of weaknesses in authentication systems allowing an individual physical access to a restricted area, while ensuring minimal inconvenience to an authorised individual. By using the three methods of authentication specified, the weaknesses of the system may only be exploited if all three elements are obtained or reproduced. The use of the contactless smartcard ensures that the ‘something you have’ element is present, but does not require any action by the individual, while the 3D image capture requires only that the individual remains fairly still. The inclusion of at least 5 image capturing devices ensures that a reasonable 3D image is captured. The image capture devices are not required to be standard cameras, although must create a 3D image with enough detail to correctly identify the individual. The final authentication method is one requiring the individual to type in a PIN number to be at least 6 digits in length to ensure a secure number.
A key component of this solution is the fixed sequential nature and order of authentication methods. The first element must be the smartcard, as this is the one method not requiring action of any kind by the individual. The image capture stage must not be initiated unless a smartcard has been identified and authenticated. Likewise the numerical keypad must not be revealed or activated unless the 3D image has been authenticated. The keypad is the only device that can always be hidden securely, as it does not have as many restrictions to the placement of it and the minimal size necessary for it to function and therefore is the most logical component to be the final stage in the process of authentication. In effect the individual in question is authenticated to reach the next stage until the final stage is reached. This ensures that no single method failing can result in an unauthorised individual gaining entry to the restricted area. It is this precise combination of authentication methods which makes this solution unique and of use to security agencies and companies.
Fig. 1 shows the possible look of the porch-shaped shell. The exact number of sensors/detectors shown be the arrow 1a is not fixed, but the more sensors there are, the greater the width of the shell can be.
Fig. 2 shows the second method of authentication and the positioning of the image capture devices in a 180 degree circular formation. Again the exact number is relative to the technology used, although a minimum of 5 is necessary to ensure reasonable accuracy of the 3D image. Arrow 2a shows the image capture devices; whereas arrow 2b shows the rough position the individual must be in relative to the image capture devices in order to ensure maximum effectiveness of the capture.
Fig. 3 shows what a typical numerical keypad may look like when embedded in a wall or solid object of some kind. Arrow 3a points to a grove or slit in the surface of the keypad where a shutter could rest to ensure it cannot be prised open.
Although the exact shape and aesthetic look of the device is irrelevant to the functionality, the size of the gap between the detectors embedded within the shell must not exceed 100cm due to the current limit on the detection range of the standard ISO 15693 being 50cm (50cm on each side). The greater the number of sensors/detectors, the greater the width of the shell can be up to a point, but 100cm is the absolute limit. This limit is only relevant until more advanced technologies become available with greater detection ranges, as this solution is limited to any specific technologies.
The constraints on the form of the capture devices used to build the 3D image are minimal, thus the fig. 2 is only a possible layout, however the preferred embodiment of the devices used in this stage must achieve a reasonable 3D image of the individual being authenticated, such that the there is a high level of confidence that the face of the individual in question is that of an individual authorised to use the smartcard authenticated in order to reach the image capture stage of the same session.
The final device, the keypad must be physically secure and not clearly visible until the preceding two stages of authentication have been successfully completed and the individual in question is recognised as an authorised individual. This is a key part of this solution and is one of the primary reasons for this method being the final one. It is not necessary for the keypad to be purely numerical, but it is a simple device and a numerical PIN is less likely to be directly related to personal information and/or events and therefore is more likely to be harder for an unauthorised individual to guess. Fig. 3 shows the possible look of a numerical keypad embedded in a wall, but this does not mean that it must be so. It could be embedded in a solid object attached securely to the floor or ceiling for example.
However there are several practical reasons for the form shown in Fig. 3. Firstly, embedding the device in the wall, specifically that between the individual and the restricted area, makes it easier to ensure there are no terminals with access to the workings or the data stored for the authenticating devices, outside the restricted area. Secondly, the grove or slit for the shutter in the surface of the keypad ensures that the shutter cannot be prised open, while the specific angular form of the keypad within the wall ensures maximum protection of the PIN when it is being entered, there is limited visibility of the keypad from the outside, while ensuring the individual in question has enough of a visual on the keypad to enter the PIN.
The key point of note is that this invention is not a specific product or technology, but a solution for authentication and all elements of the foregoing description including preferred embodiment and drawings/diagrams are to be considered in all respects as illustrative and not restrictive. This invention may be embodied in other specific forms without departing from the essential characteristics and idea thereof. The scope of the invention is therefore also indicated by the appended claims and all changes which come within the meaning of the claims are therefore intended to be embraced therein.