EyeLock patent takes biometric authentication to the network layer
The United States Patent and Trademark Office has issued U.S. patent No. 100,009,178 B2, to EyeLock, a provider of iris-based identity authentication solutions, adding to the company's IP portfolio, according to a press release.
The patent utilizes a "zero-knowledge proof" algorithm that eliminates the need to transmit sensitive biometric data, thus eliminating privacy concerns at the network layer.
"With the geometric increase in information exchange over the past few years, reliable transmission and storage of sensitive data has become a vital aspect of network security," EyeLock Chief Technology Officer Jeff Carter said in the release. "Data as it traverses a network is at its most vulnerable state as it is a very easy target for any attacker present in the network. Our latest patent brings strong biometric authentication technology to the network layer to provide real-time authorization and human presence assurance for network traffic."
The patent can:
- Prevent the spread of malware by distinguishing between network traffic that is generated through human/application interaction and application-only traffic.
- Mitigate session-hijacking attacks wherein the session of a live user who is logged into a website (e.g., a banking site) is taken over by a hostile actor.
- Give organizations granular control over network resources at the firewall level based on the presence of a biometric factor such as the iris.