1. Patent Search
  2. Details

PASSWORD SAFE

20200382493 ยท 2020-12-03

    Inventors

    Cpc classification

    International classification

    Abstract

    An electronic device for safe storage of confidential information comprises a biometric sensor for validating whether a user is an authorized user, and is devoid of any wired or wireless communication capability and ports for possible unauthorized access to any of the confidential information, except access by and synchronization with a second like device whose authorized access has been obtained by the same user, and within a close proximity range.

    Claims

    1. A portable, self-contained electronic storage device for storing confidential information, comprising: a housing; a processor in the housing; a biometric sensor on the housing connected to the processor for detecting at least one biometric attribute of a user; an input device on the housing connected to the processor for enabling a user to input confidential information of the user; a storage medium in the housing connected to the processor, for storing confidential information of the user; a display on the housing for display of confidential information; and a program operative to run on the processor for checking whether the biometric attribute of the user as sensed by the biometric sensor validates the identity of the user as an authorized user permitting access to the confidential information, and operative to enable wireless access by and synchronization with a second like device only if authorized access has been obtained by the same user, and within a close proximity range, wherein the device is otherwise devoid of communication capability over wired and wireless computers and networks to prevent possible access to the device through such computers and networks, and wherein the device is devoid of any wired ports enabling possible access through any wired connections and card slots, except wireless access by and synchronization with a second like device whose authorized access has been obtained by the same user, and within a close proximity range.

    2. The device according to claim 1, wherein the biometric sensor comprises a fingerprint sensor.

    3. The device accordingly to claim 2, wherein the biometric sensor comprises two fingerprint sensors.

    4. The device according to claim 1, wherein the biometric sensor comprises a facial recognition sensor.

    5. The device according to claim 1, wherein the biometric sensor is a fingerprint sensor and facial recognition sensor, and wherein the program is operative to permit access only if fingerprint access is validated, and facial recognition is validated to be the authorized user.

    6. The device according to claim 1, further comprising a cradle for charging the device wirelessly by induction when the device is in close proximity to the cradle.

    7. The device according to claim 6, wherein the cradle has two device interface regions for interfacing with first and second devices when each device has recognized the user as an authorized user, and wherein the program is operative to exchange confidential information stored in the first device with the second device within a close proximity range.

    8. The device according to claim 1, wherein the program is operative to erase all confidential information after a predetermined number of attempts to access the confidential information by a user whose biometric attributes do not identify the user as an authorized user.

    9. The device according to claim 1, wherein the program is operative to erase all confidential information if the device senses a physical tampering.

    10. The device accordingly to claim 1, wherein the program is operative to communicate alert signals to the user if any of the confidential information has reached the end of an expiration period and needs to be replaced.

    11. The device according to claim 1, wherein the confidential information includes a QR code.

    12. A self-contained electronic storage device, comprising: a memory for storing confidential information of a user; and a biometric sensor for receiving personal biometric data unique to the user, and a program operative for providing that access to the device and confidential information stored in the memory is limited to the user having personal biometric data, and operative to enable wireless access by and synchronization with a second like device only if authorized access has been obtained by the same user, and within a close proximity range, wherein the device is otherwise devoid of any wired or wireless communication capability and parts for possible access to any of the confidential information.

    13. The device according to claim 12, wherein the biometric sensor comprises at least one of a fingerprint sensor, a facial recognition sensor, and retinal scan sensor.

    Description

    BRIEF DESCRIPTION OF THE DRAWINGS

    [0021] FIG. 1 shows a front view of a password safe according to an embodiment of the invention;

    [0022] FIG. 2 shows a rear view of the password safe of FIG. 1;

    [0023] FIG. 2A is a side view of the password safe;

    [0024] FIG. 3 shows a front view of a charging platform for charging the password safe;

    [0025] FIG. 4 is a perspective view of the charging platform of FIG. 3; and

    [0026] FIG. 5 is a front view of two password safes on a charging platform or cradle.

    DESCRIPTION OF A PREFERRED EMBODIMENT

    [0027] A preferred embodiment of a password safe according to the invention will now be described as an example, but the invention is not limited to this preferred embodiment or any particular details of this embodiment.

    [0028] The invention provides a portable, self-contained electronic storage device for storing confidential information, comprising: a housing; a processor in the housing; a biometric sensor on the housing connected to the processor for detecting at least one biometric attribute of a user; an input device on the housing connected to the processor for enabling a user to input confidential information of the user; a storage medium in the housing connected to the processor, for storing confidential information of the user; a display on the housing for display of confidential information; and a program operative to run on the processor for checking whether the biometric attribute of the user as sensed by the biometric sensor validates the identity of the user as an authorized user permitting access to the confidential information, wherein the device is devoid of communication capability over wired and wireless computers and networks to prevent possible access to the device through such computers and networks, and wherein the device is devoid of any wired ports enabling possible access through any wired connections and card slots, except access by and synchronization with a second like device whose authorized access has been obtained by the same user, and within a close proximity range.

    [0029] The biometric sensor may comprise a fingerprint sensor, and may comprise two fingerprint sensors. The biometric sensor may comprise a facial recognition sensor. The biometric sensor may comprise a fingerprint sensor and facial recognition sensor, and wherein the program is operative to permit access only if fingerprint access is validated, and facial recognition is validated to be the authorized user. The device may further comprise a cradle for charging the device wirelessly by induction when the device is in close proximity to the cradle. The cradle may have two device interface regions for interfacing with first and second devices when each device has recognized the user as an authorized user, and wherein the program is operative to exchange confidential information stored in the first device with the second device within a close proximity range. The program may be operative to erase all confidential information after a predetermined number of attempts to access the confidential information by a user whose biometric attributes do not identify the user as an authorized user. The program may be operative to erase all confidential information if the device senses a physical tampering. The program may be operative to communicate alert signals to the user if any of the confidential information has reached the end of an expiration period and needs to be replaced. The confidential information may include a QR code.

    [0030] The invention provides a self-contained electronic storage device, comprising: a memory for storing confidential information of a user; and a biometric sensor for receiving personal biometric data unique to the user, and for providing that access to the device and confidential information stored in the memory is limited to the user having personal biometric data, wherein the device is devoid of any wired or wireless communication capability and parts for possible access to any of the confidential information. The biometric sensor may comprise at least one of a fingerprint sensor, a facial recognition sensor, and retinal scan sensor.

    [0031] As shown in the attached Figures, a password safe 10 is about half the size of a conventional smartphone, measuring 2.44 wide, 2.7 high and 0.20 deep. The password safe 10 comprises a housing which has a touch screen keyboard 12 on a backlit color display 14, two biometric fingerprint sensors left and right 16, 18 and a camera 20. The display 14 can display status messages 22 such as the presence of a biometric match, the name of the user and whether the source (user) is secure.

    [0032] The device can be easily carried by the user. There may be mounts that allow the device to physically piggyback or attach to a phone or other commonly carried primary device, but without any electronic connection.

    [0033] The two biometric fingerprints 16, 18 can be arranged to unlock the camera 20 for facial recognition that is located on the same side of the device as the fingerprint sensors 16, 18, in a way that first requires fingerprint matches, and then facial recognition for the device to be fully accessed. The facial recognition may comprise a retinal scan. In some cases only one of fingerprint recognition or facial recognition will be sufficient. After successful biometric verification by both fingerprint and/or facial recognition, the program may also require keying in a master password as the last step in the authentication process.

    [0034] The password safe device is designed such that the fingerprint sensors 16, 18 and camera 20 are minimal in size in reference to other actual device sizes, allowing the majority of the user facing surface real estate to be used for a digital interface. The keyboard 12 is all digital with soft keys and part of the touch display screen 14.

    [0035] As shown in FIG. 2, the password safe has a processor with a self-destructible memory 30, an induction charger 32 and near field radio transmitter/receiver 34 and a rechargeable battery pack 36.

    [0036] FIG. 3 shows a charging platform 40 having a DC power connector port 42, charging and control circuiting 44, a first (right) induction charger 46 and near field radio transmitter/receiver 48, a second (left) induction charger 50 and a new field radio transmitter/receiver 52, an encryption circuit 54, a left charging indicator 56, a synch indicator 58, and a right charging indicator 60. Two password safe devices 10, 10A can be placed side by side near the left and right induction chargers 50 and 46, as shown in FIG. 3. When both devices are accessed and the secondary device is being synched with the primary device, the synch indicator 58 lights up to advise the user that synchronization is occurring.

    [0037] The processor in the password safe has program control software to control operations of the password safe 10. The software will have common user requirements including individual master password management to store fingerprints and facial recognition of the authorized user. The software will have auto-lock setting with multiple and custom lengths of time to terminate authorized access if the user is not actively using the device for input or retrieval of data for a certain time period, for example, 30 minutes.

    [0038] A user self-destruct feature in the software will be able to be set for self-destruction of the stored password data or disabling of the device after a custom number of failed login attempts by the user.

    [0039] The device has a historical user login or attempt summary, which can be reset.

    [0040] The software of the device has the ability for the user to create folders allowing the user to group similar passwords and login credentials. Example: User has five personal emails and creates a folder called Personal Emails.

    [0041] The device has a catalog of templates of commonly used login/password/credentials. WIFI login, emails, website info, server credentials, etc.

    [0042] The device has a customizable template builder for advanced users where a user may design their own template. For example, an IT person in a certain government situation has a common set of data required to access a system that most people would never require. The template builder allows full form design and field control.

    [0043] The device could provide password suggestions, so that upon request from the user, a highly complicated password generator is provided in the proper format of length and proper acceptable character requirements, such as a combination of letters, numbers, capital letters, special characters or the like, which meets a certain minimal level of security. For security reasons, some passwords automatically expire after a certain time period and become invalid. For passwords that need to be changed periodically before they expire, say every two months, the program can remind the user in advance prior to the time the password will expire so that a new password can be created before the time expires. The software also has the ability to generate a two-dimensional QR code, in response to keyed input of the required info to generate such a QR code. The camera 20 may capture an image of a QR code from an outside source.

    [0044] The software will provide an option to master purge all the data which will self-destruct all current data.

    [0045] The user will have the ability to have the primary device communicate with one or more secondary devices to mirror the current configuration of the primary device primarily for backup and safeguarding, as shown in FIG. 5.

    [0046] Synchronization will require both devices be fully unlocked and accessed via the user interface, and manually placed, into mirror mode and placed in the physical charging platform or cradle for actual physical connectivity. Successful pairing allows synchronization to occur. Failure to follow the strict safeguarded procedure will result in a non-connection. Alternatively, synchronization can occur outside the cradle if the devices are very close to each other.

    [0047] The primary device 10 contains a user setting that can modify the factory set details for this functionality. For example, if the pairing/sync is attempted six times unsuccessfully with in ten minutes, both devices self-destruct their memory contents.

    [0048] The secondary device 10A also contains all of the same menu options as the primary device 10. In case the primary device 10 is lost, damaged or compromised, the secondary device 10A mirrors the primary device 10. If that occurs, the secondary device 10A becomes the primary device 10 and a new secondary device 10A can be programmed to copy all of the data from the primary device 10 to mirror it. A new replacement device 10A could be configured to mirror the new primary device.

    [0049] Although a preferred embodiment has been described, a device made according to the invention does not need to have all of the features described herein. The scope of the invention is not limited to this embodiment and is defined only by way of the appended claims.