[go: up one dir, main page]

WO2020128076A1 - Method to authenticate an end-user using brain waves - Google Patents

Method to authenticate an end-user using brain waves Download PDF

Info

Publication number
WO2020128076A1
WO2020128076A1 PCT/EP2019/086855 EP2019086855W WO2020128076A1 WO 2020128076 A1 WO2020128076 A1 WO 2020128076A1 EP 2019086855 W EP2019086855 W EP 2019086855W WO 2020128076 A1 WO2020128076 A1 WO 2020128076A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
brain
brain waves
brain wave
wave scheme
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2019/086855
Other languages
French (fr)
Inventor
Sumitavo BISWAS
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thales DIS France SA
Original Assignee
Thales DIS France SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thales DIS France SA filed Critical Thales DIS France SA
Publication of WO2020128076A1 publication Critical patent/WO2020128076A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/33Security of mobile devices; Security of mobile applications using wearable devices, e.g. using a smartwatch or smart-glasses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules

Definitions

  • the present invention relates to a method to authenticate an end-user.
  • the invention also pertains to an end-user device and a verification device implementing said method.
  • Login and password can be used. Also a personal identification number, or PIN code, can be used.
  • the first type is not convenient and do not avoid a steal of credentials.
  • the second type presents even more security limitations as a PIN code can be stolen and easily fraudulently used.
  • the present invention aims at proposing a very secure way of authenticating an individual.
  • the present invention is defined, in its broadest sense, as a method to authenticate an end-user, said method being implemented with an end-user device having a memory to securely store a reference brain wave scheme relative to a personal thought of the user and with a verification device having a brain computer interface to acquire brain waves from the end-user, said method comprising the step of, for both end-user and verification devices, connecting to each other, comparing the stored reference brain waves scheme with the acquired brain waves, authenticating the end-user as soon as the acquired brain waves correspond to the stored reference brain wave scheme.
  • the proposed solution thus helps to solve the mentioned problem using single step multi-factor authentication using brain waves, like a “passthought” and an end-user device, which is advantageously a secure electronic identification (elD) card.
  • elD electronic identification
  • the solution proposes to use a Brain Computer Interface (BCI) device to imprint a unique signature into an end-user device, typically a smart ID card, to be issued to the end user.
  • Brain waves are typically obtained by single-channel/multi-channel electro-encephalography.
  • the unique signature will be formed using a sample thought in a mind of the user which in turn acts as a very secure password.
  • the thought is unique to a user and leads to generation of unique brain signals and waves. This technology is very secure as it involves using brain waves which cannot be stolen like ordinary passwords or keys.
  • a thus obtained smart card once issued can be used to securely identify an individual wherein the smart card can be swapped along with the user thought, as captured using a brain computer interface, and corresponding match of signature generated is a dire proof that the individual is successfully identified.
  • reference biometric data being also stored in the end-user device, these data are used in conjugation with the stored reference brain waves scheme to constitute a unique signature of the end-user to be checked with the acquisitions at the verification device thus further comprising biometric acquisition interface.
  • Such a feature enables to strengthen the passthought by combining the passthought verification with a biometric verification.
  • the usage of the passthought in conjugation of other details such as finger print, retina scan etc generates a unique signature.
  • Biometric data can be chosen among finger print, retina scan.
  • the method comprises a preliminary step of provisioning the end-user device with the reference brain wave scheme and, when applicable, with the reference biometric data.
  • Such a provisioning enables the end-user device to be the storage of the reference.
  • the reference thus remains in property of the end-user.
  • a unique signature formed by the combination of the passthought and biometric data is provisioned in the end-user device, typically an afore mentioned smart card.
  • the method further comprises the step of constructing a reference brain wave scheme by, the end-user being at a brain computer interface, prompting the end-user to think according to particular instructions, acquiring the subsequent brain waves of the end-user using a brain computer interface, repeating the acquisition of the subsequent brain waves when the end-user is prompted to think according to particular instructions, processing similarities and differences of the raw brain waves as acquired to build a reference brain wave scheme representative of the thought of the user when given the particular instructions, such a reference brain wave scheme being the provisioned one.
  • instructions are chosen among: a particular shape, a particular color, a particular private remembrance, a particular private data.
  • Those embodiments can be elected depending on the expected security or on specific needs of the service provider which needs to authenticate the end-user.
  • the thoughts can be a life experience, event etc.
  • the present invention also relates to an end-user device having a memory to securely store a reference brain wave scheme relative to a personal thought of the user and adapted to connect to a verification device having a brain computer interface to acquire brain waves from the end-user, this connection enabling as comparison of the acquired brain wave with the stored reference brain wave scheme, the end-user being authenticated as soon as the acquired brain waves correspond to the stored brain wave scheme.
  • the end-user device is a smart-card or an official electronic identification document. elD cards or biometric identification cards as defined by government are specifically targeted by the invention.
  • Every citizen individual of a country is thus provided with an elD card of the invention.
  • the invention at last relates to a verification device having a brain computer interface to acquire brain waves from the end-user and adapted to connect to an end-user device storing a reference brain wave scheme to enable a comparison of the acquired brain waves with the stored reference brain wave scheme relative to a personal thought of the user, the end-user being authenticated as soon as the acquired brain waves correspond to the stored reference brain wave scheme.
  • one or more embodiments comprise the features hereinafter fully described and particularly pointed out in the claims.
  • Figure 1 represents an illustrative environment where the method of the invention is implemented
  • Figure 2 schematically shows a time diagram of a first embodiment of the method of the invention
  • Figure 3 schematically shows a time diagram of a second embodiment of the method of the invention.
  • Figure 4 schematically shows an end-user device of the invention.
  • FIG. 1 schematically shows an environment where the invention is implemented.
  • This environment comprises an end-user EU and its own end- user device EUD.
  • the environment further comprises a verification device VD able to connect to the end-user device EUD while the end-user EU wants to authenticate him/herself.
  • the end-user device EUD comprises at least a memory MEM where a reference brain waves scheme RWS is stored.
  • the verification device VD comprises a brain computer interface BCI.
  • a brain computer interface BCI can be of the kind of the one Neurosky Mindset as disclosed in following document:“I Think, Therefore I Am: Usability and Security of Authentication Using Brainwaves”, John Chuang & al.
  • Other systems enabling to characterize an individual can also be used in the implementation of the invention. It can thus also be any brain computer interface as known at the time of the implementation of the invention.
  • the end-user EU While in contact or vicinity with the brain computer interface BCI, the end-user EU can produce recordable brain waves BW by him/herself and/or according to instructions prompted by the verification device VD needing to authenticate the end-user EU.
  • the end-user EU can be the single to know what he/she has to think about or the verification device VD can prompt the end-user EU to think about something special.
  • the end-user can be prompted to think about different successive colors or shapes. Then it is possible for the verification device to call the end-user EU to think about colors but according to a specific order, this order can be different each time the end-user EU must authenticate.
  • the pattern of brain waves for each color can be distinguished and the user authenticated according to his/her specific brain waves while thinking about those colors as human beings all have different patterns while thinking about the same things.
  • the end-user preliminary knows what he has to think and just have to mentally reproduce this thought to be authenticated. For example, it can be a specific landscape or a specific life remembrance he/she has. Those example are illustrated in the following.
  • Figure 2 illustrates a first implementation of the invention as a time diagram.
  • the end-user EU is prompted to think about several specific topics T1 , T2 and T3 while being connected to the brain computer interface BCI.
  • a brain computer interface BCI can be a brain sensing headband like the Muse product, NCTU Brain-Computer-lnterface- Fleadband, Necomimi brainwave Cat Ears, Emotiv headsets or other existing or later developed products.
  • the brain computer interface BCI is shown as being installed on board a verification device VD and thus as being the same than in the following of the method.
  • different brain computer interfaces and/or different devices having their own brain computer interface could be used to implement the invention as far as calibration data intervene in order for the reference to be exploitable in comparison with the one acquired at the verification device VD.
  • the interface BCI receives brain waves BW from the end- user EU, these brain waves BW being successively representative of the specific thoughts T1 , T2 and T3.
  • Those brain waves are processed in a step P2 to form a reference brain wave scheme RWS which is sent in a step P3 to the end-user device EUD where it is stored in the memory MEM of this device EUD in a step P4 for later use.
  • the verification device VD can, in a step E1 , prompt the end-user EU to have specific thoughts in a specific order, for example T3 and T1 , while being connected to its brain computer interface. It uses a thinking request TR(T3,T 1 ) for example displayed on a screen of the verification device VD. This request can also be sent to the end-user device EUD for it to display the request on the screen of the end-user device EUD.
  • TR(T3,T 1 ) for example displayed on a screen of the verification device VD.
  • This request can also be sent to the end-user device EUD for it to display the request on the screen of the end-user device EUD.
  • a step E2 the interface BCI acquires brain waves.
  • the acquired brain waves AW are sent, after processing or not, in an authentication request AR to the end-user device EUD for it to check the correspondence with the stored reference brain wave scheme RWS.
  • the memory MEM is read in a step E4 and stored RWS is compared to the acquired brain wave AW in a step E5.
  • the correspondence of RWS and AW leads to a positive authentication (case Y) and the failure leads to a failed authentication (case N).
  • the authentication result OK/NOK can be displayed on the verification device VD.
  • Figure 3 illustrates another implementation of the invention in a time diagram.
  • a preliminary step R0 the end-user EU is prompted to have a thought T, anything he/she wants while being connected to the brain computer interface BCI.
  • the interface BCI receives brain waves BW representative to the thought T from the end-user EU. Those brain waves are processed in a step R2 to form a reference brain wave scheme RWS which is sent in a step R3 to the end-user device EUD where it is stored in the memory MEM of this device EUD in a step R4 for later use.
  • the end-user EU wants to authenticate at a verification device VD
  • the end user after connection to the brain computer interface, thinks at the thought T, in a step S1 .
  • the verification device VD to prompt the end-user EU, even if this can also be contemplated that a positive request is done by the verification device VD.
  • a step S2 the interface BCI acquires brain waves AW.
  • a reference retrieval request RR(RWS) for the reference brain wave scheme to be retrieved by the verification device VD is sent to the end-user device EUD.
  • a step S4 the reference brain wave scheme RWS is retrieved by the verification device VD. Then, in a step S5, the retrieved reference RWS is compared to the acquired brain waves AW.
  • the correspondence of RWS and AW leads to a positive authentication and the failure of the correspondence leads to a failed authentication (case N).
  • the authentication result OK/NOK can then be displayed on the verification device VD.
  • implementations of the invention can be a mix of the features as presented in figure 2 and 3.
  • a single thought T can be used while the end-user device EUD is the one where the comparison occurs.
  • Figure 4 schematically shows an end-user device EUD of the invention according to the first implementation of the invention shown on figure 2. It comprises a memory MEM storing a reference brain wave scheme RWS and a communication interface Cl to connect with a verification device VD. It also comprises a computation module CP adapted to compare the stored reference RWS with any brain wave AW as acquired at a verification device VD connected to the end-user device EUD.
  • a memory MEM storing a reference brain wave scheme RWS and a communication interface Cl to connect with a verification device VD.
  • CP adapted to compare the stored reference RWS with any brain wave AW as acquired at a verification device VD connected to the end-user device EUD.
  • the invention thus provides a very robust system of authentication which is highly secure and effective. In particular, protection against impersonation is provided. It is also very convenient for the end-user as it consists in a single step multi-factor authentication.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Measurement And Recording Of Electrical Phenomena And Electrical Characteristics Of The Living Body (AREA)
  • Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)

Abstract

The present invention relates to a method to authenticate an end-user, said method being implemented with an end-user device having a memory to securely store a reference brain wave scheme relative to a personal thought of the user and with a verification device having a brain computer interface to acquire brain waves from the end-user, said method comprising the step of, for both end-user and verification devices, connecting to each other, comparing the stored reference brain waves scheme with the acquired brain waves, authenticating the end-user as soon as the acquired brain waves correspond to the stored reference brain wave scheme.

Description

METHOD TO AUTHENTICATE AN END-USER USING BRAIN WAVES
FIELD OF THE INVENTION
The present invention relates to a method to authenticate an end-user.
The invention also pertains to an end-user device and a verification device implementing said method.
BACKGROUND OF THE INVENTION
Currently, it is a dire need to securely identify an individual so as to avoid fraud, identity theft, crimes, targeting of services etc. Login and password can be used. Also a personal identification number, or PIN code, can be used.
However those solutions have weaknesses. The first type is not convenient and do not avoid a steal of credentials. The second type presents even more security limitations as a PIN code can be stolen and easily fraudulently used.
Further alternative and advantageous solutions would, accordingly, be desirable in the art.
SUMMARY OF THE INVENTION
The present invention aims at proposing a very secure way of authenticating an individual.
The present invention is defined, in its broadest sense, as a method to authenticate an end-user, said method being implemented with an end-user device having a memory to securely store a reference brain wave scheme relative to a personal thought of the user and with a verification device having a brain computer interface to acquire brain waves from the end-user, said method comprising the step of, for both end-user and verification devices, connecting to each other, comparing the stored reference brain waves scheme with the acquired brain waves, authenticating the end-user as soon as the acquired brain waves correspond to the stored reference brain wave scheme. The proposed solution thus helps to solve the mentioned problem using single step multi-factor authentication using brain waves, like a “passthought” and an end-user device, which is advantageously a secure electronic identification (elD) card. The solution proposes to use a Brain Computer Interface (BCI) device to imprint a unique signature into an end-user device, typically a smart ID card, to be issued to the end user. Brain waves are typically obtained by single-channel/multi-channel electro-encephalography. The unique signature will be formed using a sample thought in a mind of the user which in turn acts as a very secure password. The thought is unique to a user and leads to generation of unique brain signals and waves. This technology is very secure as it involves using brain waves which cannot be stolen like ordinary passwords or keys.
A thus obtained smart card once issued can be used to securely identify an individual wherein the smart card can be swapped along with the user thought, as captured using a brain computer interface, and corresponding match of signature generated is a dire proof that the individual is successfully identified.
According to a particular additional feature, reference biometric data being also stored in the end-user device, these data are used in conjugation with the stored reference brain waves scheme to constitute a unique signature of the end-user to be checked with the acquisitions at the verification device thus further comprising biometric acquisition interface.
Such a feature enables to strengthen the passthought by combining the passthought verification with a biometric verification. The usage of the passthought in conjugation of other details such as finger print, retina scan etc generates a unique signature.
Biometric data can be chosen among finger print, retina scan.
According to a preferred embodiment, the method comprises a preliminary step of provisioning the end-user device with the reference brain wave scheme and, when applicable, with the reference biometric data.
Such a provisioning enables the end-user device to be the storage of the reference. The reference thus remains in property of the end-user. When applicable, a unique signature formed by the combination of the passthought and biometric data is provisioned in the end-user device, typically an afore mentioned smart card.
Advantageously, the method further comprises the step of constructing a reference brain wave scheme by, the end-user being at a brain computer interface, prompting the end-user to think according to particular instructions, acquiring the subsequent brain waves of the end-user using a brain computer interface, repeating the acquisition of the subsequent brain waves when the end-user is prompted to think according to particular instructions, processing similarities and differences of the raw brain waves as acquired to build a reference brain wave scheme representative of the thought of the user when given the particular instructions, such a reference brain wave scheme being the provisioned one.
According to different embodiments of the invention, instructions are chosen among: a particular shape, a particular color, a particular private remembrance, a particular private data.
Those embodiments can be elected depending on the expected security or on specific needs of the service provider which needs to authenticate the end-user. The thoughts can be a life experience, event etc.
The present invention also relates to an end-user device having a memory to securely store a reference brain wave scheme relative to a personal thought of the user and adapted to connect to a verification device having a brain computer interface to acquire brain waves from the end-user, this connection enabling as comparison of the acquired brain wave with the stored reference brain wave scheme, the end-user being authenticated as soon as the acquired brain waves correspond to the stored brain wave scheme.
Advantageously, the end-user device is a smart-card or an official electronic identification document. elD cards or biometric identification cards as defined by government are specifically targeted by the invention.
Advantageously, every citizen individual of a country is thus provided with an elD card of the invention. The invention at last relates to a verification device having a brain computer interface to acquire brain waves from the end-user and adapted to connect to an end-user device storing a reference brain wave scheme to enable a comparison of the acquired brain waves with the stored reference brain wave scheme relative to a personal thought of the user, the end-user being authenticated as soon as the acquired brain waves correspond to the stored reference brain wave scheme.
To the accomplishment of the foregoing and related ends, one or more embodiments comprise the features hereinafter fully described and particularly pointed out in the claims.
BRIEF DESCRIPTION OF THE DRAWINGS
The following description and the annexed drawings set forth in detail certain illustrative aspects and are indicative of but a few of the various ways in which the principles of the embodiments may be employed. Other advantages and novel features will become apparent from the following detailed description when considered in conjunction with the drawings and the disclosed embodiments are intended to include all such aspects and their equivalents.
• Figure 1 represents an illustrative environment where the method of the invention is implemented;
• Figure 2 schematically shows a time diagram of a first embodiment of the method of the invention;
• Figure 3 schematically shows a time diagram of a second embodiment of the method of the invention;
• Figure 4 schematically shows an end-user device of the invention.
DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION
For a more complete understanding of the invention, the invention will now be described in detail with reference to the accompanying drawing. The detailed description will illustrate and describe what is considered as a preferred embodiment of the invention. It should of course be understood that various modifications and changes in form or detail could readily be made without departing from the spirit of the invention. It is therefore intended that the invention may not be limited to the exact form and detail shown and described herein, nor to anything less than the whole of the invention disclosed herein and as claimed hereinafter. The same elements have been designated with the same references in the different drawings. For clarity, only those elements and steps which are useful to the understanding of the present invention have been shown in the drawings and will be described.
Figure 1 schematically shows an environment where the invention is implemented. This environment comprises an end-user EU and its own end- user device EUD. To implement the authentication method of the invention, the environment further comprises a verification device VD able to connect to the end-user device EUD while the end-user EU wants to authenticate him/herself.
For the invention, the end-user device EUD comprises at least a memory MEM where a reference brain waves scheme RWS is stored.
For the invention, the verification device VD comprises a brain computer interface BCI. Such a brain computer interface BCI can be of the kind of the one Neurosky Mindset as disclosed in following document:“I Think, Therefore I Am: Usability and Security of Authentication Using Brainwaves”, John Chuang & al. Other systems enabling to characterize an individual can also be used in the implementation of the invention. It can thus also be any brain computer interface as known at the time of the implementation of the invention.
Other documents proposes wearable bio-sensors like One-Step Two- Factor Authentication with Wearable Bio-Sensors”.
While in contact or vicinity with the brain computer interface BCI, the end-user EU can produce recordable brain waves BW by him/herself and/or according to instructions prompted by the verification device VD needing to authenticate the end-user EU. Depending on the implementation of the invention, the end-user EU can be the single to know what he/she has to think about or the verification device VD can prompt the end-user EU to think about something special.
For example, while the reference brain waves scheme is constructed, the end-user can be prompted to think about different successive colors or shapes. Then it is possible for the verification device to call the end-user EU to think about colors but according to a specific order, this order can be different each time the end-user EU must authenticate. The pattern of brain waves for each color can be distinguished and the user authenticated according to his/her specific brain waves while thinking about those colors as human beings all have different patterns while thinking about the same things.
In another example, the end-user preliminary knows what he has to think and just have to mentally reproduce this thought to be authenticated. For example, it can be a specific landscape or a specific life remembrance he/she has. Those example are illustrated in the following.
Figure 2 illustrates a first implementation of the invention as a time diagram. In a preliminary step P0, the end-user EU is prompted to think about several specific topics T1 , T2 and T3 while being connected to the brain computer interface BCI. Such a brain computer interface BCI can be a brain sensing headband like the Muse product, NCTU Brain-Computer-lnterface- Fleadband, Necomimi brainwave Cat Ears, Emotiv headsets or other existing or later developed products.
Flere the brain computer interface BCI is shown as being installed on board a verification device VD and thus as being the same than in the following of the method. Flowever, different brain computer interfaces and/or different devices having their own brain computer interface could be used to implement the invention as far as calibration data intervene in order for the reference to be exploitable in comparison with the one acquired at the verification device VD.
In a step P1 , the interface BCI receives brain waves BW from the end- user EU, these brain waves BW being successively representative of the specific thoughts T1 , T2 and T3. Those brain waves are processed in a step P2 to form a reference brain wave scheme RWS which is sent in a step P3 to the end-user device EUD where it is stored in the memory MEM of this device EUD in a step P4 for later use.
When the end-user wants to authenticate at a verification device VD, the verification device VD can, in a step E1 , prompt the end-user EU to have specific thoughts in a specific order, for example T3 and T1 , while being connected to its brain computer interface. It uses a thinking request TR(T3,T 1 ) for example displayed on a screen of the verification device VD. This request can also be sent to the end-user device EUD for it to display the request on the screen of the end-user device EUD. This last solution enables to insure that the end-user device connected to the verification device VD is well the one expected for the user connected to the brain computer interface.
In a step E2 the interface BCI acquires brain waves. In a step E3, the acquired brain waves AW are sent, after processing or not, in an authentication request AR to the end-user device EUD for it to check the correspondence with the stored reference brain wave scheme RWS.
For this purpose, the memory MEM is read in a step E4 and stored RWS is compared to the acquired brain wave AW in a step E5. The correspondence of RWS and AW leads to a positive authentication (case Y) and the failure leads to a failed authentication (case N). The authentication result OK/NOK can be displayed on the verification device VD.
Figure 3 illustrates another implementation of the invention in a time diagram.
In a preliminary step R0, the end-user EU is prompted to have a thought T, anything he/she wants while being connected to the brain computer interface BCI.
In a step R1 , the interface BCI receives brain waves BW representative to the thought T from the end-user EU. Those brain waves are processed in a step R2 to form a reference brain wave scheme RWS which is sent in a step R3 to the end-user device EUD where it is stored in the memory MEM of this device EUD in a step R4 for later use. When the end-user EU wants to authenticate at a verification device VD, the end user, after connection to the brain computer interface, thinks at the thought T, in a step S1 . There is no specific need here for the verification device VD to prompt the end-user EU, even if this can also be contemplated that a positive request is done by the verification device VD.
In a step S2 the interface BCI acquires brain waves AW. In a step S3, a reference retrieval request RR(RWS) for the reference brain wave scheme to be retrieved by the verification device VD is sent to the end-user device EUD.
In a step S4, the reference brain wave scheme RWS is retrieved by the verification device VD. Then, in a step S5, the retrieved reference RWS is compared to the acquired brain waves AW.
The correspondence of RWS and AW leads to a positive authentication and the failure of the correspondence leads to a failed authentication (case N). The authentication result OK/NOK can then be displayed on the verification device VD.
It is here noted that implementations of the invention can be a mix of the features as presented in figure 2 and 3. For example, a single thought T can be used while the end-user device EUD is the one where the comparison occurs.
Figure 4 schematically shows an end-user device EUD of the invention according to the first implementation of the invention shown on figure 2. It comprises a memory MEM storing a reference brain wave scheme RWS and a communication interface Cl to connect with a verification device VD. It also comprises a computation module CP adapted to compare the stored reference RWS with any brain wave AW as acquired at a verification device VD connected to the end-user device EUD.
The invention thus provides a very robust system of authentication which is highly secure and effective. In particular, protection against impersonation is provided. It is also very convenient for the end-user as it consists in a single step multi-factor authentication. In the above detailed description, reference is made to the accompanying drawings that show, by way of illustration, specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. The above detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is defined only by the appended claims, appropriately interpreted, along with the full range of equivalents to which the claims are entitled.

Claims

1 . Method to authenticate an end-user, said method being implemented with an end-user device having a memory to securely store a reference brain wave scheme relative to a personal thought of the user and with a verification device having a brain computer interface to acquire brain waves from the end-user, said method comprising the step of, for both end- user and verification devices, connecting to each other, comparing the stored reference brain waves scheme with the acquired brain waves, authenticating the end-user as soon as the acquired brain waves correspond to the stored reference brain wave scheme.
2. Method according to claim 1 , wherein the end-user device is a secure electronic identification card.
3. Method according to claim 1 , wherein, reference biometric data being also stored in the end-user device, these data are used in conjugation with the stored reference brain waves scheme to constitute a unique signature of the end-user to be checked with the acquisitions at the verification device thus further comprising biometric acquisition interface.
4. Method according to claim 3, wherein biometric data are chosen among finger print, retina scan, face recognition, heart patterns.
5. Method according to one of claims 1 to 4, comprising a preliminary step of provisioning the end-user device with the reference brain wave scheme and, when applicable, with the reference biometric data.
6. Method according to one of preceding claims, comprising the step of constructing a reference brain wave scheme by, the end-user being at a brain computer interface, prompting the end-user to think according to particular instructions, acquiring the subsequent brain waves of the end-user using a brain computer interface, repeating the acquisition of the subsequent brain waves when the end-user is prompted to think according to particular instructions, processing similarities and differences of the raw brain waves as acquired to build a reference brain wave scheme representative of the thought of the user when given the particular instructions, such a reference brain wave scheme being the provisioned one.
7. Method according to claim 6, wherein instructions are chosen among: a particular shape, a particular color, a particular private remembrance, a particular private data, a particular private emotion.
8. End-user device having a memory to securely store a reference brain wave scheme relative to a personal thought of the user and adapted to connect to a verification device having a brain computer interface to acquire brain waves from the end-user, this connection enabling as comparison of the acquired brain wave with the stored reference brain wave scheme, the end- user being authenticated as soon as the acquired brain waves correspond to the stored brain wave scheme.
9. End-user device according to claim 5, said end-user device being a smart-card.
10. End-user device according to one of claims 5 and 6, said end- user device being an official electronic identification document.
11. Verification device having a brain computer interface to acquire brain waves from the end-user and adapted to connect to an end-user device storing a reference brain wave scheme to enable a comparison of the acquired brain waves with the stored reference brain wave scheme relative to a personal thought of the user, the end-user being authenticated as soon as the acquired brain waves correspond to the stored reference brain wave scheme.
PCT/EP2019/086855 2018-12-21 2019-12-20 Method to authenticate an end-user using brain waves Ceased WO2020128076A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN201811048680 2018-12-21
IN201811048680 2018-12-21

Publications (1)

Publication Number Publication Date
WO2020128076A1 true WO2020128076A1 (en) 2020-06-25

Family

ID=69105857

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2019/086855 Ceased WO2020128076A1 (en) 2018-12-21 2019-12-20 Method to authenticate an end-user using brain waves

Country Status (1)

Country Link
WO (1) WO2020128076A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20250076984A1 (en) * 2013-10-02 2025-03-06 Naqi Logix Inc. Systems and methods for using imagined directions to define an action, function or execution for non-tactile devices

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090063866A1 (en) * 2007-08-29 2009-03-05 Jiri Navratil User authentication via evoked potential in electroencephalographic signals
US20180012009A1 (en) * 2016-07-11 2018-01-11 Arctop, Inc. Method and system for providing a brain computer interface
US9892576B2 (en) * 2013-08-02 2018-02-13 Jpmorgan Chase Bank, N.A. Biometrics identification module and personal wearable electronics network based authentication and transaction processing

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090063866A1 (en) * 2007-08-29 2009-03-05 Jiri Navratil User authentication via evoked potential in electroencephalographic signals
US9892576B2 (en) * 2013-08-02 2018-02-13 Jpmorgan Chase Bank, N.A. Biometrics identification module and personal wearable electronics network based authentication and transaction processing
US20180012009A1 (en) * 2016-07-11 2018-01-11 Arctop, Inc. Method and system for providing a brain computer interface

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
JOHN CHUANG, I THINK, THEREFORE I AM: USABILITY AND SECURITY OF AUTHENTICATION USING BRAINWAVES

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20250076984A1 (en) * 2013-10-02 2025-03-06 Naqi Logix Inc. Systems and methods for using imagined directions to define an action, function or execution for non-tactile devices

Similar Documents

Publication Publication Date Title
US10869620B2 (en) Biometric identification by garments having a plurality of sensors
US10943000B2 (en) System and method for supplying security information
US6185316B1 (en) Self-authentication apparatus and method
JP7421766B2 (en) Public key/private key biometric authentication system
US9646261B2 (en) Enabling continuous or instantaneous identity recognition of a large group of people based on physiological biometric signals obtained from members of a small group of people
Zheng et al. Finger-to-heart (F2H): Authentication for wireless implantable medical devices
US8239685B2 (en) Biometric authentication method
US11663306B2 (en) System and method for confirming a person's identity
US20120032778A1 (en) Communication system and communication device
EP0983662A1 (en) Identification and security using biometric measurements
US11115215B2 (en) Methods and devices of enabling authentication of a user of a client device over a secure communication channel based on biometric data
CN106992956A (en) A kind of methods, devices and systems for realizing inter-device authentication
CN102176712A (en) Identity authentication method and data card
WO2017096550A1 (en) Methods and apparatus using human electrocardiogram to protect electronic data
WO2020128076A1 (en) Method to authenticate an end-user using brain waves
Al Reshan et al. MBPSKA: Multi-biometric and physiological signal-based key agreement for body area networks
US20160381012A1 (en) Human body communication device with secure access
US20200019690A1 (en) Biometric authentication system and biometric authentication method using frequency response characteristics of biometric signal
US20240364528A1 (en) Cryptographic key pair generation from ecg signals
EP3745289B1 (en) Apparatus and method for registering biometric information, apparatus and method for biometric authentication
US11165772B2 (en) Methods and devices of enabling authentication of a user of a client device over a secure communication channel based on biometric data
Chandrakar et al. A secure ECG based smart authentication scheme for IoT devices
Tehranipoor et al. Investigation of the internet of things in its application to low-cost authentication within healthcare
HAMDI et al. Using Biometrics for Authentication in e-Health Systems
Vaidya et al. Survey of Multi level Authentication for improving the Privacy Preservation and Security

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19832132

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19832132

Country of ref document: EP

Kind code of ref document: A1