Note: Descriptions are shown in the official language in which they were submitted.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
1
CRYPTOGRAPHICALLY SECURE PERSON IDENTIFICATION
TECHNICAL FIELD
This invention generally relates to a technology for facilitating
authentication
of person identification documents.
BACKGROUND OF THE INVENTION
Herein, person identification document (ID) authentication refers to the
confirmation that the presented ID is authentic, genuine, legitimate, valid,
and/or
unadulterated. This may also be called person ID certification. Examples of
such
personal IDs include immigration documents, passports, and driver's license.
In contrast, "person verification" refers to the confirmation that the
personal
information on an ID corresponds to the person presenting the ID.
There are many conventional person ID authentication approaches.
Sophisticated document production is the most common approach. Other common
approaches include biometrics, smart cards, and watermarks.
Sophisticated Production
Historically and over many cultures, the test of a person's identity is
verified
by the possession of identifying documents. The test of the veracity of such
documents has been the difficulty of producing such documents. Although it is
not
an identification document, paper money is a prime example of the receiver
relying
on its authenticity because it is difficult to produce a passable counterfeit.
However, recent advances in the printing technology have made high-quality
printing devices relatively inexpensive. The availability of high-end printers
has
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
2
rendered forging most personal identification documents (IDs) a relatively
simple
task. It has also significantly raised the costs of printing the official
documents by
the issuing organizations.
In response, issuing parties (such as governments) have implemented
S increasingly more sophisticated and presumptively more expensive production
techniques. For example, issuing parties are using holograms, watermarks,
micro-
printing, special print paper and/or chemical coating, etc. Since the
production of
IDs is more complex, authentication has become correspondingly more complex,
unreliable, and most importantly, expensive.
Biometric Approaches
Biometrics has been defined as a process of automatically recognizing a
person using distinguishing traits. Several biometric approaches have been
proposed via face, speech, fingerprint, handwriting, and/or iris and retina
recognition. A survey of these techniques is provided by "The Biometric
Consortium" at "http://www.biometrics.org."
Typically, a biometric-based person identification system includes a human
verifier who ensures the identification system is not fooled. This can happen
when
an adversary shows a realistic size photo of the face of an authorized person
to the
face detector or plays a voice recording to a speech detector.
While some types of biometric-based person identification (such as retina
scan or fingerprint detection) can be highly reliable, often they are
intimidating
(e.g., retina scan) and can be used maliciously to incriminate innocent users
(e.g.,
fingerprint scan). A malicious detector can record a person's fingerprint,
create its
physical copy, and then, incriminate this person at will. This renders
fingerprint
detection systems highly undesirable for most person identification scenarios.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
3
Finally, some biometrics systems are commonly subj ected complaints for
invasion of privacy. For example, wide-spread face detection points can
disclose at
any time one's location to a party who gains control over such a system.
Nevertheless, the almost all biometric-based person identification systems
have three major disadvantages:
~ inconsistent reliability (especially for face and speech recognition) as
the system scales up, which commonly renders these systems highly
prone to false alarms and false positives;
~ the authenticator needs to be connected to a central trusted server
which actually performs the identification; and
~ the equipment performing the authentication is costly.
For most applications, biometric-based approaches are inconvenient, costly,
and most importantly, unreliable.
Smart Cards
Smart cards represent a seemingly effective approach , to per$on
identification. An advantage of smart cards that is often touted is its all-
digital
communication with the authenticator.
A simple scenario is having a smart card, which contains a digital photo,
personal description data, and a signed hash of this information using the
private
key of the issuer. Authentication is performed by hashing the photo and the
personal description data and then authenticating this hash against the
signature
using the public key of the issuer. Finally, the authenticator must display
the
certified digital photo, so that a human can verify that the person being
identified is
on the photo.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
4
Personal IDs are frequently lost or damaged. Replacing a smart card involves
purchase of another hardware device in addition to burning this device with
the
appropriate identification contents. This can be expensive.
Due to their relatively generous storage capabilities, smart cards may give an
impression that they may be used for storing additional information, in
particular,
private information about the owner (e.g., private keys that are revoked if
smart
card is lost). However, it has been demonstrated so far that smart cards
cannot be
considered a secure storage because it is relatively easy to extract the
hidden
information even without reverse engineering the smart card.
Exemplary attacks that have successfully identified encryption keys (both
symmetric and private keys) have been based on analyzing smart card's I/O
behavior via differential power analysis or timing analysis. Thus, it cannot
be
expected that a smart card stores anything more than the public information
about
the user, which is in many ways equivalent to a photo ID.
1 S Watermarks
Another technique for authenticating content is to hide imperceptible secret
information, a watermark, in the digital photo. One serious disadvantage of
this
type of ID authentication is the fact that in most watermarking systems, the
secret
hidden in the photo must be present in the authenticator. Hence, a single
broken
authenticating device renders the entire system broken.
Surprisingly, public-key watermarking systems have been developed,
however, with different target applications. In addition, this system requires
significantly longer host signals than a single photo to statistically
reliably detect
the existence of a given secret. In addition, such a system requires that the
secret
used to mark a photo be renewed after several photos.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
Finally, a malicious customer can always try to estimate the secret by taking
many photos of herself and comparing them with the photo on the ID. In
summary,
using watermarks for public ID authentication is the least robust technology
for
enabling secure ID authentication.
5 Challenge
All conventional approaches (e.g., sophisticated production, biometrics,
smart cards, and watermarks) are riddled with shortcomings. They all have one
or
more of the following drawbacks:
~ expensive to implement, maintain, and/or scale;
~ difficult to implement, maintain, and/or scale;
~ difficult for the human authenticator to effectively authenticate;
~ unreliable results (e.g., an unacceptable degree of false positive or
misses); and
~ unreliable security (e.g., increasingly easier for an adversary to thwart
or fool the system).
It is a challenge to provide an architecture for secure personal
identification
documents (IDs) that are difficult to forge, simply and inexpensively
produced, and
do not require smart card, biometric, or sophisticated production approaches.
SUMMARY OF THE INVENTION
Described herein is a technology for facilitating authentication of person
identification documents.
One implementation, described herein, is a simple, inexpensive, and
cryptographically secure personal ID architecture. With this implementation,
one
may efficiently create and authenticate secure photographic personal
identification
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
6
documents (ID) that thwarts tampering and counterfeiting attempts. This ID
employs a compact, cryptographically signed bar-code that is readable by an
ordinary scanner.
This summary itself is not intended to limit the scope of this patent.
Moreover, the title of this patent is not intended to limit the scope of this
patent. For
a better understanding of the present invention, please see the following
detailed
description and appending claims, taken in conjunction with the accompanying
drawings. The scope of the present invention is pointed out in the appending
claims.
BRIEF DESCRIPTION OF THE DRAWINGS
The same numbers are used throughout the drawings to reference like
elements and features.
Fig. 1 is an illustration of an example personal identification that may be
employed in accordance with an implementation described herein.
Fig. 2 is broad graphical representation of an issuing party issuing a
personal
identification in accordance with an implementation described herein.
Fig. 3 is broad graphical representation of an authentication of a personal
identification in accordance with an implementation described herein.
Fig. 4 is a functional flow diagram showing an implementation described
herein...
Fig. 5 is an example of a computing operating environment capable of
(wholly or partially) implementing at least one embodiment described herein.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT
In the following description, for purposes of explanation, specific numbers,
materials, and configurations are set forth in order to provide a thorough
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
7
understanding of the present invention. However, it will be apparent to one
skilled
in the art that the present invention may be practiced without the specific
exemplary
details. In other instances, well-known features are omitted or simplified to
clarify
the description of the exemplary implementations of present invention, thereby
better explain the present invention. Furthermore, for ease of understanding,
certain
method steps are delineated as separate steps; however, these separately
delineated
steps should not be construed as necessarily order dependent in their
performance.
The following description sets forth one or more exemplary implementations
of a Error! Reference source not found. that incorporate elements recited in
the
appended claims. These implementations are described with specificity in order
to
meet statutory written description, enablement, and best-mode requirements.
However, the description itself is not intended to limit the scope of this
patent.
The inventors intend these exemplary implementations to be examples. The
inventors do not intend these exemplary implementations to limit the scope of
the
claimed present invention. Rather, the inventors have contemplated that the
claimed
present invention might also be embodied and implemented in other ways, in
conjunction with other present or future technologies.
An example of an embodiment of a Error! Reference source not found.
may be referred to as an exemplary "Face Certification" or an "exemplary
FACECERT" for short.
Tntrnrlnrtinn
The one or more exemplary implementations, described herein, of the
present claimed invention may be implemented (in whole or in part) by a
FACECERT architecture 400 and/or by a computing environment like that shown in
Fig. 5.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
g
The exemplary FACECERT is a simple, inexpensive, and cryptographically
secure personal ID architecture. With the exemplary FACECERT, one may
efficiently create and authenticate secure photographic personal
identification
documents (ID) that thwarts tampering and counterfeiting attempts.
This ID employs a compact, cryptographically signed bar-code that is
readable by an ordinary scanner. It provides an efficient, simple,
inexpensive, and
secure mechanism for authenticating a person's identification using IDs that
are
difficult to forge, but simply and inexpensively produced.
In a typical conventional scenario, the authentication system (i.e., an
"authenticator") of a person's ID must connect to a remote database and
retrieve a
stored photograph for the comparison with the ID.
Unlike conventional approaches, the exemplary FACECERT does not require
sophisticated production, smart cards, biometrics, and/or massive, remote
databases.
More interestingly, the IDs need not be printed by a trusted or high-end
printer (as
1 S is typically the case with conventional approaches). Rather, the ID may be
printed
anywhere, anytime, and potentially by anyone.
With the exemplary FACECERT, all the necessary data for authentication is
securely stored on the ID itself, in the form of a cryptographically signed
bar-code.
It does not depend on face recognition technology.
Secure photo identification provided by the exemplary FACECERT would
contribute to efficient, secure, and inexpensive digital government efforts,
since
they provide cryptographical security, low-cost all-digital infrastructure
deployment
and maintenance, and convenient usage for both users and ID issuers.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
9
Exemplary FACECERT IDs
The exemplary FACECER'r is a simple, inexpensive, and cryptographically
secure personal ID architecture. Instead of relying on the sophistication of
the
printing process to impose difficult forging, the exemplary FACECER'r relies
on
public-key cryptography for provable security, while deploying a standard-
quality
low-cost color printing process.
As shown in Fig. 1, a personal FACECERT ID 100 includes "person-
distinguishing data" in a "human-readable" representation and a "computer-
readable" representation.
Herein, the designation of "human-readable" does not exclude the possibility
that a computer may read the representation. In fact, with the exemplary
FACECERT, a computing device does "read" the human-readable representation.
Rather, the designation means that it is easily readable by human. Examples of
such
representations include photographs, images, symbols, and human-language
(e.g.,
1 S English) text.
Similarly, the designation of "computer-readable" focuses on the ease at
which a computer may read the representation rather that a human's inability
to
read it.
In general, "person-distinguishing data" includes information that reasonably
distinguishes one person from another. Examples of person-distinguishing data
includes (but is not limited to) the following information about a specific
person:
one or more images of the person's face, a retina scan of the person, an iris
scan of
the person, the person's name, the person's social security number, the
person's
account number, the person's weight, the person's height, the person's hair
color,
the person's eye color, one or more of the person's fingerprints, information
about
the person's birthmarks, information about the person's tattoos, the person's
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
personal human statistics, one or more distinguishing traits of that person,
and the
person's contact information.
With the exemplary FACECERT, the human-readable representation includes
a human-readable printout of person's portrait photo 110 and any supplemental
S information 120 (typically, personal information). The computer-readable
readable
representation includes a device readable 2-D color bar-code 130, which
contains a
cryptographically signed message.
That bar-coded message 130 includes compact versions of both the
supplemental information 120 and a representation of the face (of the portrait
10 photo). The message is signed (e.g., using RSA) using the private key of
the ID-
issuing party (i.e., the issuer).
FACECERT ID Issuance
As illustrated in Fig. 2, a primary example of an ID-issuer 200 is a
department of government. The issuer 200 officially issues the ID 100.
Typically, the human-readable person-distinguishing data that is certified on
a FACECERT ID is both photographic and textual. The photo 110 is a portrait of
the
owner of the FACECERT ID. The photo may have any suitable resolution. Since
the
printout on the ID fits certain fixed area, this resolution may be
constrained. The
resolution needs to great enough to be effectively legible by humans and
machine.
The supplemental information 120 is any suitable data. It is likely to vary
depending on the specific application. As shown in Fig. l, it will typically
be
personal statistical information such as name, age, weight, height, weight,
eye color,
other personal data, etc. This data is printed on the ID 100.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
11
Typically, the computer-readable person-distinguishing data that is certified
on a FACECERT ID is a 2D color bar code (e.g., bar-code 130). Alternatively,
it
may be a magnetic strip or some other suitable computer-readable medium.
With the exemplary FACECERT, it is desirable for a bar-code reader to read
the bar-code 130 on a FACECERT ID with relative accuracy. Since the likelihood
of
read-failure increases with the number of bits encoded in the bar-code, a
balance
between accuracy and data storage is typically made when producing a FACECERT
ID. Also, included in this balance are the space and reproduction quality
requirements of the ID.
Efficient compaction digital-facial-image data is advantageous in some
instances because:
~ For a given size of the bar-code, efficient face-data compaction
maximizes the presentation accuracy of the compacted face-data with
respect to the face in the original image - this reduces the risk of finding
look-a-likes or mimicking a given face; and
~ For a given facial presentation accuracy, efficient compaction reduces the
length of the message that needs to be cryptographically signed, thus
decreasing the computational cost of authenticating a cryptographic
signature, which limit the amount of data that can be signed if one wants
to authenticate an ID in only one or few seconds.
Therefore, the exemplary FACECERT employs a bar-code of about 3Kb that
balances these factors. Of course, other implementation may employ a bar-code
that
encodes more or less data.
Modern scanners are capable of reliably reading up to about six maximally
separated colors. Thus, for a message of ns bits, the exemplary FACECERT uses
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
12
ins log6 2~ bins in the bar-code. For example, for ns = 3072 bits, we use 1189
bins
which results in a 120 x 10 bin bar-code.
It is desirable for the print area of each bin should be such that scanning
the
bar-code results in an error that is less than certain desired minimal
performance
bound. It is realistic to assume that the longer dimension of the bar-code
reaches an
inch. If each bin is scanned with a 10 x 10 CCD matrix ( 1000 dpi 48-bit CCD
sensor
array is a standard equipment of most low-cost scanners), the data in the bar-
code
can be detected with high reliability.
The exemplary FACECERT compacts an image of a face 112 into only several
thousand bits with preserved sharpness of the main facial characteristics. The
exemplary FACECERT employs eigenface-based compression methodologies and
improved variants of principal component analysis, such bit-rates can be
easily
achieved even when the component analysis is trained on a small database of
images.
Loss of an ID can result in a potentially malicious reuse of the ID by an
adversary if that adversary is a near-perfect look-a-like. To prevent this
unlikely
scenario, the ID may contain descriptive information of a certain unique mark
of the
ID owner.
ID Authentication
Fig. 3 illustrates an example of FACECERT ID authentication. It is performed
by an intelligent scanning device (such as FACECERT authenticator 300). As
shown
in Fig. 3, the authenticator 300 scans the photo, supplemental info, and bar-
code of
the ID 100.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
13
The authenticator 300 obtains the public key of the ID-issuing party. The key
may be stored on-board the authenticator or on a locally connected data
storage.
Alternatively, the key may be retrievable via a remote (e.g., Internet)
connection.
The authenticator 300 scans the bar-code, decodes the cryptographic
signature, and then performs signature authentication (e.g., public-key
decryption of
the decoded data) using the public key of the issuer 200. As a result, the
authenticator 300 obtains the message signed with the private key of the
issuer.
That message includes person-distinguishing data. More specifically, the
message contains the supplemental information 120 and a compacted
representation
of the face 112 in the photo 110. Next, the authenticator scans the textual
supplemental information 120 from the ID 100, performs character recognition,
and
compares the recognized text with the extracted supplemental information.
Next, the authenticator 300 scans the photo of the ID 100. It detects the face
in the photo and performs a statistical comparison with the de-compacted face
extracted from the bar-coded message. By using printed guides 114 on the ID,
one
may achieve accurate scanning alignment, such as rotation and scaling.
If the two faces match beyond a certain threshold (which may be arbitrarily,
statistically, and/or empirically determined), the authenticator 300 concludes
that
the ID is authentic. Otherwise, the ID has been either forged or damaged, or
an
error occurred while scanning the ID. This indication may simply be a
chromatic
light (e.g., red or green light) and/or an audible tone (e.g., buzzer or
beep).
Therefore, tampering with the photo or the supplemental information on an
officially issued ID means they will not match the person-distinguishing data
encoded in the cryptographically signed bar-code.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
14
Human Verification
Although the authenticator 300 performs authentication of a specific
FACECERTS ID, an actual human verifies that the face on the ID corresponds to
the
person presenting the ID. This human is called, herein, the verification
official 305.
S The human's role with the exemplary FACECERT is verifying that the face on
the ID
corresponds to the person presenting the ID. This is the same role that human
verifiers often perform in typically security or person identification
settings.
Therefore, in a typical person identification setting, the role of the
exemplary
FACECER'r is to authenticate the ID. It does this by confirming that the
information
on the ID (including the photo) has not been altered since it was issued by
the ID-
issuer. Instead of authorizing the ID, the role of the verification official
305 is to
verify that the face on the ID (and other person-distinguishing data on the
ID)
corresponds to the person presenting the ID.
With a positive confirmation by the exemplary FACECERT, the human
verifier 305 may confidently rely on the person-distinguishing data (including
the
photo) on the presented ID. Conversely, with a negative confirmation by the
exemplary FACECERT, the human verifier 305 may have probable cause to suspect
that the information on the presented ID has been modified.
While this authentication and verification process is typically performed in-
person, it may occur on-line via a web-cam, closed-circuit television, and the
like.
With the exemplary FACECERT, the human verifier 305 may, if desired, have
the face from the bar-code displayed on a video screen and double check that
everything is in order. This scenario is particularly practical at border
crossings,
where the immigration officers are already sitting in front of a computer, so
their
scanning device can send all the information to a computer for display.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
Cryptography Background
The exemplary FACECERT employs a public-key infrastructure (PKI) to
cryptographically sign the data in the bar-code of the ID. More specifically,
it
employs RSA public-key cryptography. However, other implementations of the
5 exemplary FACECERT may employ other cryptographically secure mechanism,
especially those using private-public key structures.
Although the RSA public-key cryptography infrastructure is well-known to
those of ordinary skill in the art, many of its key aspects are discussed here
to
provide background for further discussion of its use with the exemplary
FACECERT.
10 In the RSA public-key signing system, each communicating party is assumed
to have two keys: a public-key, which is available to everyone and used for
signature authentication, and a private-key, which is securely stored with the
signature issuer and used to sign messages. The public-private key-pair is
created in
the following way:
15 ~ Generate two large and distinct primes p and q .
~ Compute n = pq and ~p = (p -1)(q -1) .
~ Select a random a E Z' ~ ~ < a < ~p, gcd(e, ~p) =1.
~ Find d E Z' ~ ~ < d < ~p, ed ---1(mod~p)
The created key-pair is: private key is d , whereas the public-key is a set of
two numbers (n, e) . Commonly, in communication protocols that use the RSA
public-key crypto-system (e.g., the Secure Socket Layer - SSL) a is fixed,
usually
to a = 2'6 + 1, hence, reducing the information that represents the public-key
to n as
well as speeding up signature authentication. A message m E [0, n -1] is
typically
signed using the private key d as follows:
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
16
s = m d (modn). (0.1 )
The authentication procedure shows that for a given message m , signature s
has been obtained by signing m using d . However, the private-key d is not
used,
rather the corresponding public-key n is typically used to perform the same
task as
follows:
r = s a (modn). (0.2)
If r = m , then s is a valid signature of m , otherwise the signature s does
not
correspond to the message m .
The exemplary FACECERT does not dependant upon a single secret stored in
a single protected location. Rather, it employs a secure storage techniques
for the
master secrets (e.g., private keys).
1 S For example, with one technique, the multiple private-public keys are used
to
chain the signatures (e.g., output of one RSA signing is sent as input to
another
RSA signing with a different private key). Each private key may be stored in
geographically different but secure locations.
With another example of a secure storage technique, parts of each private
key is stored in k different locations such that each key can be retrieved
only if n out
of k (n < k) collude their information to create the key. Those of skill in
the art
recognize this technique as "secret sharing." With this technique, the issuing
organization further disperses the pieces of the puzzle that need to be
assembled by
the adversary to break the system.
With still another example of a technique, the secrets may be stored in
tamperproof hardware.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
17
Of course, the exemplary FACECERT may employ other suitable secure
storage techniques.
FaceCert Architecture and Methodolo~y
Fig. 4 illustrates the functional components and one or more methodological
implementations of the FACECERT architecture 400. The top portion 410 of Fig.
4
illustrates the issuance of a FACECERT ID 100 while the lower portion 420
illustrates the authentication of that ID. These one or more methodological
implementations may be performed in software, hardware, or a combination
thereof
As shown in issuance portion 410 of Fig. 4, the FACECERT ID issuer 200
creates the message m that is signed by RSA.
At 210, the exemplary FACECERT compacts the face in the photo 110 of the
ID 100. This compact face data (e.g., message f ) is a succinct, but
relatively
complete, representation of the specific face in the specific photo 110.
The output of the face compaction is the message f with nF > nT bits.
Parameter nF is fixed and equals nF = k * nRSA, k E Z' , where nRSA is the
length of an
RSA public-key (we adopt nRSA =1024 ) and k is commonly set to k E [2, S] .
Given a fixed nF , one of the goals of the face compaction is to increase the
distance between any two distinct facial structures. This goal translates
directly to
minimized likelihood of a false negative and false positive during the
authentication.
At 220, the supplemental information 120 (e.g., textual data) is compressed
using any suitable data compression technique. For example, the printed
message
can be compressed as pure text using LZ77 or semantically with optimal coding
(e.g., addresses converted to latitude/longitude encoded using arithmetic
encoding).
The output of the text compression is denoted as a message t with nT bits.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
18
The exemplary FACECERT reads the data from the FACECERT ID with an
error-free assumption. Then it either compresses the data or it
cryptographically
hashs it before combining the digest, as in Equation (1.3). Since the output
is
always a fixed length, hashing is sometimes desirable over compression.
Exemplary
hash functions are SHA1 and MDS.
Messages f and t are merged into a message m of length n~, = nF using an
operator 230 that encourages each bit of m to be dependent upon at least one
bit
from both f and t and there exists at least one bit in m which depends upon a
given bit of f or t . This helps to increase the number of bits that need to
be
manipulated in a photo to create a certain message m . An example of such an
operator is:
m = t ~ f ---- m; = t;moa"T XORf,., i = O..nF -1, (0.3)
where m; , f,. , and t; represent the i -th bit of message m , f , and t
respectively.
At 240, message m is signed with the private-key 242 of the issuer of a
FACECERT ID. Each nRSA bits of m are signed separately. The resulting
signature s
has ns = nM = nF bits. The resulting signature s is printed as a 2D color bar-
code
130onto the FACECERT ID 100.
As shown in authentication portion 420 of Fig. 4, the FACECERT
authenticator 300 that the cryptographically signed data in the bar-code
corresponds
with the supplemental data 120 and the face 112 in the photo 110 of a FACECERT
ID.
The authenticator 300 initially scans all three printed components of the ID:
the photo 110, the supplemental textual information 120, and the bar-code 130.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
19
Those are represented by photo scan 310, OCR text scan 320, and bar-code scan
330.
At 322, the scanned supplemental textual information is also converted into a
text-string. This text-string is compressed using the same compression
technique
(e.g., one based on Equation (0.2)) employed above by component 220. This
results
in message tv . Generic optical character recognition (OCR) is not required
for this
task because the font used to print the text is known to the authenticator and
may be
optimized for improved OCR.
At 332, the authenticator 300 received the scanned bar-code data. It converts
scanned bar-code into a authentication signature sv . The authenticator
obtains the
issuer's public-key 334. It performs the RSA signature authentication on sv
using
issuer's public-key and obtains the signed message my .
If the ID has not been tampered with, then the authentication signature sv
and the originally printed signature s will match. However, the authenticator
has no
direct access to a verifiable copy originally printed signature. Rather, it
must
authenticate that the authentication signature sv of the presented ID is,
indeed, the
originally printed signature s .
Since the photo and supplemental info on the presented ID were
presumptively used to generate the authentication signature sv, then the data
encoded in sv should match the face and supplemental data extracted there
from. If
the ID remains in a pristine and unmodified condition, they will match.
Otherwise,
there will be no match.
At 340, message fv is computed from my and tv .
At 350, the authenticator 300 applies a de-compaction technique to extract
the digital facial-feature data from f~ .
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
At 360, the authenticator compares the facial-feature data extracted from fv
to digital facial-feature data of the scanned photo of the presented ID. It
quantifies
the level of similarity (e.g., correlation) between the two faces: the de-
compacted
and the scanned one.
5 At 370, the authenticator 300 reports the results of component 360. If the
quantified level of correlation is above a threshold, then it reports that the
ID is
authentic. Otherwise, it reports that it is invalid.
Alternatively, the authenticator may report that the ID is valid, but provide
an additional indication (e.g., flashing blue light and quick beeps) that this
10 particular person should be detained. She may be wanted by the authorities
as a
person of interest, a suspect, an escapee, a criminal, etc.
Again, the face authentication task does not involve face recognition in the
typical setting of biometrics, but rather a more straightforward task of
correlating
two equivalent facial structures.
1 S If the authenticator 300 indicates that the ID is authentic, the human
official
verifier 305 confidently performs their typical duty of authenticating that
the
human-readable data (including the photo) on the ID corresponds with the
person
presenting the ID. If the authenticator 300 indicates that the ID is invalid,
it gives
the human official verifier 305 reasonable suspicion to investigate further.
The data
20 on the ID may be forged and thus, the presenter is an imposter. The data on
the ID
may be corrupted or simply read incorrectly.
Face Compendium
A digital representation of the facial features of the face 112 in the photo
110
on the ID 100 is stored in the bar-code 130. If the balances of bar-code
reading
accuracy and space allowed it, then the entire unabridged photo may be encoded
in
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
21
the bar-code. Since key distinguishing information is found on the face of the
person, then the balances of factors may allow for an unabridged portion of
the
photo that represents the face to be encoded in the bar-code.
Since the realities of the balance lean towards substantially less data
storage
in the bar-code than can fully represent the unabridged face in the photo, the
digital
image 110 of the face is compacted with the exemplary FACECERT. While the
image of the face may be compacted using traditional image compression
techniques (e.g., JPEG, GIF, etc.), other techniques may be employed to reduce
the
storage requirements further while maintaining a fair representation of the
face.
With the exemplary FACECERT, the digital facial-feature data in the bar-code
should be a succinct, but reasonably complete, representation of the face in
that
photo. Unlike biometric face-recognition approaches, the digital facial-
feature data
does not need to represent the person's face viewed from multiple angles and
conditions.
Rather, the digital facial-feature data on the FACECERT ID need only
represent that specific face on that specific photograph. That is because the
exemplary FACECERT is authenticating that the face in the photo on the ID
matches
the face represented by the digital facial-feature data in the bar-code.
Since the digital facial-feature data is indeed a succinct, but reasonably
complete, representation of the face in that specific photo, it may be called
"face
compendium." This face compendium is "reasonably complete" in the sense that
the
compendium contains sufficient data to reconstruct an image of the face.
Furthermore, the compendium is "reasonably complete" enough so that enough
facial-feature data is encoded therein to potentially distinguish the
represented face
from other similar faces.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
22
Of course, other implementations may employ bar-codes that encode more or
less data, but one implementation, described herein, employs a bar-code of
about
3000 bits. This is found to be reasonable compromise of many factors,
including
(but not limited to) bar-code reading accuracy and space for the bar-code.
S To improve this compromise, the exemplary FACECERT employs a
compaction technique that identifies the object of interest (e.g., facial
structure) and
compacts its features, rather than compacting the entire image using standard
image
compression techniques such as JPEG.
Face Detection and Compaction
The computer vision community has studied various models of faces over
the last several years. The exemplary FACECERT does not need to encode the
face
image to facilitate recognition of the person in differing images, but rather
in the
very same photograph from which the face code has been extracted. Thus, the
exemplary FACECERT does not face the difficult issue of over-training that is
present in a typical biometric face-recognition application.
Rather, the exemplary FACECERT employs an efficient facial-features
compaction technique. While generic DCT coefficients may be employed, the face
images may be compacted better using subspace models learned from a large face
database.
The problem of subspace learning can be elegantly defined in terms of a
generative model that describes joint generation of the subspace coordinates,
or
factors, y and the image g by linearly combining image components in the so
called factor loading matrix A
p(g, y) = N(g; fc + Ay, ~)N(y; 0, I). (0.4)
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
23
where d~ constitutes the non-uniform image noise (i.e., the variability not
captured
in the subspace model). A is an n x k matrix used to expand from the k-
dimensional
subspace into a full n-dimensional one, where n is the number of pixels in the
image
g.
The parameters A , c~ , and ,u can be learned by maximizing the likelihood
of a set of images ~~ ,
logP(~r)=log jP(gr~Yr)~ (0.5)
and a good low-dimensional representation of the image tends to be E[y ~ g] .
The above probability model, called factor analysis (FA), also allows for the
design of the optimal encoding strategy for the factors y . As a result, a
face image
can be efficiently encoded with about 85 bytes representing 100 face factors y
.
The subspace model may be extended that take into account the possible
transformation of the facial image, such as translations, rotations, and
scale. In this
model, called transformed component analysis (TCA), an additional random
transformation variable T is applied to the image expanded from y , and a new
image h is observed:
p(h, g, y) = N(h; Tg, lY)N(g; P + Ay, ~)N(y; 0, I). (0.6)
Such a model, when trained on an image set tends to automatically align all
images to create the very compact subspace representation. The regular
subspace
models, in presence of transformational variability in the training data will
tend to
create blurt' models, while TCA creates sharper components.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
24
FACECERT Authentication
The task of authentication performed by the exemplary FACECERT may be
viewed as template matching. A likelihood over the windows in the image can be
used as a cost instead of the template differences, although even
straightforward
correlation technique would work.
For example, to use the likelihood as the similarity measure, one would take
the message f , extract the window size and detection threshold thr as well as
the
subspace parameters y compute:
log p(h ~ Y) _ ~.,g P(h~ g~T ~ Y) ~ (o.7)
for all windows of appropriate size. If maxh log p(h) > thr , then the ID
photograph
does contain the face encoded in the bar-code.
If the only modeled transformations are shifts, the integration over
1 S transformation T is not necessary since the search is done over all
windows in the
image. This process is equivalent to matching ,u + Ay with the window h , in
the
sense of a Mahalanobis distance dependent on the learned noise model. These
types
of computations are as effective as image correlation and can be done very
efficiently using the fast Fourier transformation (FFT).
During the photo ID creation, the provided photograph is searched for a face,
which is cropped and compacted efficiently using a transformed component
analyzer. The face code, together with the compaction error and the window
size
(or even position) is signed with a private key.
The FACECERT ID is then created as a combination of text, photo and a bar-
code containing the encoded face. During authentication, the bar-code is
decoded
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
and the face code, consisting of the factors y , threshold on likelihood (or
encoding
error) and the window size are decoded from the bar-code using a public key
and
the face store in the bar-code is compared to the one in the actual photograph
in the
FACECERTID.
5 Scanning 2D Color Bar-codes
Of course, it is desirable to have high accuracy when reading the 2D color
bar-code. Modern low-cost scanning devices typically have a 48-bit per pixel
accuracy in the RGB color spectrum. However, hardly the color information of a
digital image is retrieved accurately after printing and then scanning.
10 Assuming low-cost devices and print material, one can at best hope for only
several colors to be transmitted reliably through this communication channel.
Assuming an nB-bin bar-code ,l3 , the likelihood that it is incorrectly
scanned
equals:
ne
15 Pr[,l3 ~ y] =1- ~ (1- Pr[,Q; ~ y; ]) <_ 1- (1- s)"B (0.8)
where y is the scanned nB -bin bar-code and ~ is the maximal likelihood for a
given color used in the bar-code to be incorrectly scanned. At least one
implementation, described herein, adopts 6-color bar-codes:
RGB:I' _ ~0,0,0],[0,0,255],[0,255,0],[255,0,0],[255,255,255],[255,255,0]
as a reliable communication channel s < 10-g that can satisfy read error
probabilities
of at least Pr[/3 ~ y] < 10-4 .
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
26
Commonly, for a given scanner type (e.g., CCD sensor matrix brand), one of
the following colors [255, 255, 0] , [255, 0, 255] , [0, 255, 255] has the
highest read error
rates with respect to the other colors in r . Thus, for a given CCD scanning
device
type, the I' spectrum is one of these colors, which results in a good read-
error rate.
Bar-code read accuracy can be improved through error detection (e.g., parity
check) and error correcting codes (e.g., Reed-Solomon codes), although
typically
good performance is achieved by printing the r colors at a known location on
the
ID to enable scanner fine-tuning.
Exemplary Computing System and Environment
Fig. 5 illustrates an example of a suitable computing environment 500 within
which an exemplary FaceCert, as described herein, may be implemented (either
fully or partially). The computing environment 500 may be utilized in the
computer
and network architectures described herein.
The exemplary computing environment 500 is only one example of a
computing environment and is not intended to suggest any limitation as to the
scope
of use or functionality of the computer and network architectures. Neither
should
the computing environment 500 be interpreted as having any dependency or
requirement relating to any one or combination of components illustrated in
the
exemplary computing environment 500.
The exemplary FaceCert may be implemented with numerous other general
purpose or special purpose computing system environments or configurations.
Examples of well known computing systems, environments, and/or configurations
that may be suitable for use include, but are not limited to, personal
computers,
server computers, thin clients, thick clients, hand-held or laptop devices,
multiprocessor systems, microprocessor-based systems, set top boxes,
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
27
programmable consumer electronics, network PCs, minicomputers, mainframe
computers, distributed computing environments that include any of the above
systems or devices, and the like.
The exemplary FaceCert may be described in the general context of
S computer-executable instructions, such as program modules, being executed by
a
computer. Generally, program modules include routines, programs, objects,
components, data structures, etc. that perform particular tasks or implement
particular abstract data types. The exemplary FaceCert may also be practiced
in
distributed computing environments where tasks are performed by remote
processing devices that are linked through a communications network. In a
distributed computing environment, program modules may be located in both
local
and remote computer storage media including memory storage devices.
The computing environment S00 includes a general-purpose computing
device in the form of a computer 502. The components of computer 502 may
include, by are not limited to, one or more processors or processing units
504, a
system memory 506, and a system bus 508 that couples various system components
including the processor 504 to the system memory 506.
The system bus 508 represents one or more of any of several types of bus
structures, including a memory bus or memory controller, a peripheral bus, an
accelerated graphics port, and a processor or local bus using any of a variety
of bus
architectures. By way of example, such architectures may include an Industry
Standard Architecture (ISA) bus, a Micro Channel Architecture (MCA) bus, an
Enhanced ISA (EISA) bus, a Video Electronics Standards Association (VESA)
local bus, and a Peripheral Component Interconnects (PCI) bus also known as a
Mezzanine bus.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
28
Computer 502 typically includes a variety of computer readable media. Such
media may be any available media that is accessible by computer 502 and
includes
both volatile and non-volatile media, removable and non-removable media.
The system memory 506 includes computer readable media in the form of
S volatile memory, such as random access memory (RAM) 510, and/or non-volatile
memory, such as read only memory (ROM) 512. A basic input/output system
(BIOS) 514, containing the basic routines that help to transfer information
between
elements within computer 502, such as during start-up, is stored in ROM S 12.
RAM 510 typically contains data and/or program modules that are immediately
accessible to and/or presently operated on by the processing unit 504.
Computer 502 may also include other removable/non-removable,
volatile/non-volatile computer storage media. By way of example, Fig. 5
illustrates
a hard disk drive 516 for reading from and writing to a non-removable, non-
volatile
magnetic media (not shown), a magnetic disk drive 518 for reading from and
writing to a removable, non-volatile magnetic disk 520 (e.g., a "floppy
disk"), and
an optical disk drive 522 for reading from and/or writing to a removable, non-
volatile optical disk 524 such as a CD-ROM, DVD-ROM, or other optical media.
The hard disk drive 516, magnetic disk drive 518, and optical disk drive 522
are
each connected to the system bus 508 by one or more data media interfaces 526.
Alternatively, the hard disk drive 516, magnetic disk drive 518, and optical
disk
drive 522 may be connected to the system bus 508 by one or more interfaces
(not
shown).
The disk drives and their associated computer-readable media provide non
volatile storage of computer readable instructions, data structures, program
modules, and other data for computer 502. Although the example illustrates a
hard
disk 516, a removable magnetic disk 520, and a removable optical disk 524, it
is to
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
29
be appreciated that other types of computer readable media which may store
data
that is accessible by a computer, such as magnetic cassettes or other magnetic
storage devices, flash memory cards, CD-ROM, digital versatile disks (DVD) or
other optical storage, random access memories (RAM), read only memories
S (ROM), electrically erasable programmable read-only memory (EEPROM), and the
like, may also be utilized to implement the exemplary computing system and
environment.
Any number of program modules may be stored on the hard disk 516,
magnetic disk 520, optical disk 524, ROM 512, and/or RAM 510, including by way
of example, an operating system 526, one or more application programs 528,
other
program modules 530, and program data 532.
A user may enter commands and information into computer 502 via input
devices such as a keyboard 534 and a pointing device 536 (e.g., a "mouse").
Other
input devices 538 (not shown specifically) may include a microphone, joystick,
game pad, satellite dish, serial port, scanner, and/or the like. These and
other input
devices are connected to the processing unit 504 via input/output interfaces
540 that
are coupled to the system bus 508, but may be connected by other interface and
bus
structures, such as a parallel port, game port, or a universal serial bus
(USB).
A monitor 542 or other type of display device may also be connected to the
system bus 508 via an interface, such as a video adapter 544. In addition to
the
monitor 542, other output peripheral devices may include components such as
speakers (not shown) and a printer 546 which may be connected to computer 502
via the input/output interfaces 540.
Computer 502 may operate in a networked environment using logical
connections to one or more remote computers, such as a remote computing device
548. By way of example, the remote computing device 548 may be a personal
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
computer, portable computer, a server, a router, a network computer, a peer
device
or other common network node, and the like. The remote computing device 548 is
illustrated as a portable computer that may include many or all of the
elements and
features described herein relative to computer 502.
5 Logical connections between computer 502 and the remote computer 548 are
depicted as a local area network (LAN) 550 and a general wide area network
(WAN) 552. Such networking environments are commonplace in offices,
enterprise-wide computer networks, intranets, and the Internet.
When implemented in a LAN networking environment, the computer 502 is
10 connected to a local network S50 via a network interface or adapter 554.
When
implemented in a WAN networking environment, the computer 502 typically
includes a modem 556 or other means for establishing communications over the
wide network 552. The modem 556, which may be internal or external to computer
502, may be connected to the system bus 508 via the input/output interfaces
540 or
15 other appropriate mechanisms. It is to be appreciated that the illustrated
network
connections are exemplary and that other means of establishing communication
links) between the computers 502 and 548 may be employed.
In a networked environment, such as that illustrated with computing
environment 500, program modules depicted relative to the computer 502, or
20 portions thereof, may be stored in a remote memory storage device. By way
of
example, remote application programs 558 reside on a memory device of remote
computer 548. For purposes of illustration, application programs and other
executable program components such as the operating system are illustrated
herein
as discrete blocks, although it is recognized that such programs and
components
25 reside at various times in different storage components of the computing
device
502, and are executed by the data processors) of the computer.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
31
Computer-Executable Instructions
An implementation of an exemplary FaceCert may be described in the
general context of computer-executable instructions, such as program modules,
executed by one or more computers or other devices. Generally, program modules
include routines, programs, objects, components, data structures, etc. that
perform
particular tasks or implement particular abstract data types. Typically, the
functionality of the program modules may be combined or distributed as desired
in
various embodiments.
Exemplary Operating Environment
Fig. 5 illustrates an example of a suitable operating environment S00 in
which an exemplary FaceCert may be implemented. Specifically, the exemplary
FaceCert(s) described herein may be implemented (wholly or in part) by any
program modules 528-530 and/or operating system 526 in Fig. 5 or a portion
thereof.
The operating environment is only an example of a suitable operating
environment and is not intended to suggest any limitation as to the scope or
use- of
functionality of the exemplary FaceCert(s) described herein. Other well known
computing systems, environments, and/or configurations that are suitable for
use
include, but are not limited to, personal computers (PCs), server computers,
hand-
held or laptop devices, multiprocessor systems, microprocessor-based systems,
programmable consumer electronics, wireless phones and equipments, general-
and
special-purpose appliances, application-specific integrated circuits (ASICs),
network PCs, minicomputers, mainframe computers, distributed computing
environments that include any of the above systems or devices, and the like.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
32
Computer Readable Media
An implementation of an exemplary FaceCert may be stored on or
transmitted across some form of computer readable media. Computer readable
media may be any available media that may be accessed by a computer. By way of
example, and not limitation, computer readable media may comprise "computer
storage media" and "communications media."
"Computer storage media" include volatile and non-volatile, removable and
non-removable media implemented in any method or technology for storage of
information such as computer readable instructions, data structures, program
modules, or other data. Computer storage media includes, but is not limited
to,
RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM,
digital versatile disks (DVD) or other optical storage, magnetic cassettes,
magnetic
tape, magnetic disk storage or other magnetic storage devices, or any other
medium
which may be used to store the desired information and which may be accessed
by a
computer.
"Communication media" typically embodies computer readable instructions,
data structures, program modules, or other data in a modulated data signal,
such as
carrier wave or other transport mechanism. Communication media also includes
any
information delivery media.
The term "modulated data signal" means a signal that has one or more of its
characteristics set or changed in such a manner as to encode information in
the
signal. By way of example, and not limitation, communication media includes
wired media such as a wired network or direct-wired connection, and wireless
media such as acoustic, RF, infrared, and other wireless media. Combinations
of
any of the above are also included within the scope of computer readable
media.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
33
Comparison with Existing Approaches
The exemplary FACECER'r does not require smart cards or expensive
biometric approaches to authenticating a person's identity. It does not rely
on the
sophistication of ID production to help authenticate a person's identity by
reducing
the likelihood of counterfeits.
Sophisticated Production
With readily available and relatively inexpensive high-quality, sophisticated
production equipment, an unscrupulous rogue can cheaply arid easily produce
impressive counterfeit documents, including personal IDs. In response, issuing
parties (such as governments) have implemented increasingly more sophisticated
and presumptively more expensive production techniques.
For example, issuing parties are using holograms, watermarks, micro-
printing, special print paper and/or chemical coating, etc. Since the
production of
IDs is more complex, authentication has become correspondingly more complex,
unreliable, and most importantly, expensive.
With the exemplary FACECERT, these issuing parties can end this escalating
cycle of increasingly more expensive and sophisticated production techniques
and
increasingly more complex, unreliable, and expensive authentication
techniques. In
contrast to the conventional approaches, the exemplary FACECERT does not rely
on
the sophistication of ID production to increase the confidence level that the
presented ID is not counterfeit.
The FACECERT ID does not need to be printed by a trusted or high-end
printer. It does not need to be produced using sophisticated production
techniques
to make it more difficult and expensive for a devious scoundrel to manufacture
a
counterfeit ID.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
34
Rather, the FACECERT ID may be printed anywhere, anytime, and potentially
by anyone using basic, inexpensive printers. That is because the exemplary
FACECERT relies on the cryptographically signed data in the bar-code to make
it
more difficult and expensive for an adversary to manufacture a counterfeit ID;
rather than rely on the sophistication of production.
With the exemplary FACECERT, the Department of Motor Vehicles may, for
example, e-mail a driver's license ID (in its digital format) to a customer,
who can
print it on her own printer creating as many copies as she wants. Unlike the
conventional approaches, loss of the ID with the exemplary FACECERT incurs
minimal cost to the customer.
Biometric Approaches
With biometrics, a computer may automatically recognize a person using
distinguishing traits of that person. Several biometric-based person
identification
approaches have been proposed. Some of these include based upon automatic
recognition of the distinguishing traits of a person's face, speech,
fingerprints,
handwriting, and/or iris and retina.
While some types of biometric-based person identification (such as retina
scan or fingerprint detection) can be reliable, often they are intimidating
(e.g., retina
scan) and can be used maliciously to incriminate innocent users (e.g.,
fingerprint
scan). A malicious detector can record a person's fingerprint, create its
physical
copy, and then, incriminate this person at will. This renders fingerprint
detection
systems highly undesirable for most person identification scenarios.
Typically, a biometric-based person identification system includes a human
verifier who ensures the identification system is not fooled. This can happen
when
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
an adversary shows a realistic size photo of the face of an authorized person
to the
face detector or plays a voice recording to a speech detector.
Finally, some biometrics systems are commonly subjected complaints for
invasion of privacy. For example, wide-spread face detection points can
disclose at
5 any time one's location to a party who gains control over such a system.
For most applications, biometric-based approaches are generally considered
to be inconvenient, costly, and most importantly, unreliable.
Smart Cards
With a smart card based system, a digitally stored image of the person's face
10 must be displayed so that the human verifier can confirm that the face in
the image
stored on the card corresponds to the face of the presenter of the smart card.
The
typical display will be a LCD or other flat panel display.
However, the exemplary FACECERT does not need to display any image.
Instead, it employs an optical scanner (e.g., a charge-coupled device (CCD) to
scan
15 the photo, supplemental information, and bar-code. The human verifier
confirms
that the face of the printed image corresponds to the face of the presenter of
the
FACECERTID.
Medium-quality displays (e.g., LCDs) are significantly more expensive than
CCD scanners (up to a factor of S). In one estimate, a mass-produced scanner
of the
20 authenticator of the exemplary FACECERT should not cost more than US$15, as
opposed to a smart card authenticator, which should encompass at least US$SO
only
for the LCD display. Consequently, the cost of the authenticating
infrastructure of
the exemplary FACECERT is significantly less than that of a smart-card based
approach.
CA 02497737 2005-03-03
WO 2004/036802 PCT/US2003/027614
36
Furthermore, personal IDs are frequently lost or damaged. Replacing a
FACECERT ID involves only a simple reprint. However, replacing a smart card
involves purchase of another hardware device in addition to burning this
device
with the appropriate identification contents.
Moreover, the data stored on smart cards are not secure. Using various
techniques, the data in the smart card can be extracted. More importantly, it
can be
replaced with new data. This reduces the overall confidence level in the
security of
smart cards.
Due to their relatively generous storage capabilities, smart cards may give an
impression that they may be used for storing additional information, in
particular,
private information about the owner (e.g. private keys that are revoked if
smart card
is lost).
Conclusion
Although the invention has been described in language specific to structural
features and/or methodological steps, it is to be understood that the
invention
defined in the appended claims is not necessarily limited to the specific
features or
steps described. Rather, the specific features and steps are disclosed as
preferred
forms of implementing the claimed invention.
