Verification application, method, electronic device and computer program
Abstract
There is a verification application arranged to interact with other applications on an electronic device, the electronic device having a processor, a memory and an operating system controlling operation of the verification application and the other applications on the processor using arbitrary memory locations, where the other applications are enabled to call the verification application to securely determine authenticity of a user of the electronic device. The verification application is arranged to receive verification data for secure determination of authenticity of the user; and provide, upon a call from any of the other applications and a match between the verification data and a verification reference, a trust token to the calling application. A method, electronic device and computer program are also disclosed.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A verification application arranged to interact with other applications on an electronic device, the electronic device having a processor, a memory and an operating system controlling operation of the verification application and the other applications on the processor using arbitrary memory locations, where the other applications are enabled to call the verification application to securely determine authenticity of a user of the electronic device, wherein the verification application is further arranged to
receive verification data for secure determination of authenticity of the user; and provide, upon a call from any of the other applications and a match between the verification data and a verification reference, a trust token to the calling application.
2 . The verification application of claim 1 , wherein the verification application is arranged to be paired with at least one of the other applications by mutually exchanging at least one of
an application signature; a cryptographic key or keys; a password; and a shared secret.
3 . The verification application of claim 2 , wherein the provision of the trust token is only provided when the verification application and the one of the other applications providing a call to the verification application are properly paired.
4 . The verification application of claim 1 , wherein the trust token comprises information generated by a cryptographic mechanism of the verification application.
5 . The verification application of claim 1 , wherein the trust token comprises any of a cryptographic key, a shared secret, an identity or data associated with a user, and a security credential, stored by the verification application.
6 . The verification application of claim 1 , wherein parameters for generation of the trust token, upon installation of the verification application on the electronic device, are set and the verification reference is enrolled.
7 . The verification application of claim 1 , wherein the call from the one of the other applications includes an indicator on a degree of required certainty in the match; and
wherein the match between the verification data and the verification reference is considered present if an estimated false acceptance rate by a matching mechanism of the verification application is less than the degree of required certainty in the match.
8 . The verification application of claim 7 , wherein the trust token includes or is accompanied by an authenticity indicator; and
wherein the authenticity indicator is based on the estimated false acceptance rate by the matching mechanism.
9 . The verification application of claim 1 , further arranged to provide an indicator on broken or no trust if
a degree of required certainty in the authentication for the match between the received verification data and the verification reference is reset to a lower certainty level than before the reset; the calling application is not properly paired with the verification application; or a combination thereof.
10 . The verification application of claim 1 , wherein to receive verification data comprises to receive a biometric sample, the verification reference is a biometric reference and the match between the verification data and the verification reference is performed by a biometric matching mechanism of the verification application; and
wherein the biometric matching mechanism is arranged to match the biometric sample to the biometric reference.
11 . A method of a verification application arranged to interact with other applications on an electronic device, the electronic device having a processor, a memory and an operating system controlling operation of the verification application and the other applications on the processor using arbitrary memory locations, the method comprising
receiving a call, to the verification application from one of the other applications, to securely determine authenticity of a user of the electronic device; receiving verification data; authenticating the verification data by matching to a verification reference stored by the verification application; and providing, upon a match between the verification data and the verification reference, a trust token to the calling application.
12 . The method of claim 11 , further comprising pairing the verification application with at least one of the other applications by mutually exchanging at least one of
an application signature; a cryptographic key; and a password.
13 . The method of claim 12 , wherein the providing of the trust token is only performed when the verification application and the one of the other applications providing a call to the verification application are properly paired.
14 . The method of claim 11 , wherein providing of the trust token comprises generating information by a cryptographic mechanism of the verification application.
15 . The method of claim 11 , wherein the providing of the trust token comprises any of a cryptographic key, a shared secret, an identity or data associated with a user, and a security credential stored by the verification application.
16 . The method of claim 11 , further comprising providing an indicator on broken or no trust if
the degree of required certainty in the authentication for the match between the received verification data and the verification reference is reset to a lower certainty level than before the reset; the calling application is not properly paired with the verification application; or a combination thereof.
17 . The method of claim 11 , further comprising, upon installation of the verification application on the electronic device,
setting parameters for generation of the trust token; and enrolling the verification reference.
18 . The method of claim 11 , wherein the call from the one of the other applications includes an indicator on a degree of required certainty in the matching; and
wherein the match between the verification data and the verification reference is considered present if an estimated false acceptance rate by the matching is less than the degree of required certainty.
19 . The method of claim 18 , wherein the trust token includes or is accompanied by an authenticity indicator;
wherein the authenticity indicator is based on the estimated false acceptance rate by the matching.
20 . The method of claim 11 , wherein the receiving of verification data comprises receiving a biometric sample, the verification reference is a biometric reference and the matching between the verification data and the verification reference is performed by biometric matching of the biometric sample to the biometric reference.
21 . A computer program comprising computer executable instructions which when executed by a processor of an electronic device having the processor, a memory and an operating system controlling operation of applications on the processor using arbitrary memory locations, wherein the computer executable instruction causes the processor to perform the method of claim 11 .
22 . An electronic device having a processor, a memory and an operating system, comprising a verification application according to claim 1 , at least one other application enabled to call the verification application to securely determine authenticity of a user of the electronic device, and a verification data input arranged to provide verification data to the verification application, wherein the operating system is arranged to control operation of the verification application and the other applications on the processor using arbitrary memory locations.
23 . The electronic device of claim 22 , wherein the verification data input comprises a biometric reader arranged to provide biometric samples as verification data;
wherein the verification reference is a biometric reference and the match between the verification data and the verification reference is performed by a biometric matching mechanism of the verification application; and wherein the biometric matching mechanism is arranged to match the biometric sample to the biometric reference.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.