System Specification
The program specification outlines a means of access to premises for office working, or else to an online system for home working.
At the entrance to the premises, the client is recognised through facial recognition.
The client is invited to touch a logo bearing the word BLOCKLOCK in a tic-tac-toe layout from upon a plinth-, counter- or wall-mounted tablet or screen.
Doing so replaces the logo with the same arrangement, except featuring nine randomised faces, amongst which is that of the client in question.
On occasion, for out-of-house access the opening gallery may exclude any picture of the client, targeting those cases when an impostor attempts access with no prior knowledge of the appearance of that client.
Upon successful identification of self, the client is presented with a further randomised selection of faces among a pin-pad style gallery of nine frames.
Among that first iteration is one face that the client would be expected to know, for instance a portrait of their line manager. (It may eventually be an object that they would recognise, like a key-ring for instance).
Again, on random occasions the client will be presented with a gallery containing no-one that they could be expected to recognise, such that making a selection would be suspect.
Upon successful selection from among the first gallery, though, a second, third and fourth iteration would be run so as to substitute for say a numeric passcode.
Should the client be unsure of any gallery, whilst still genuine, a touch of the screen beyond the area of the gallery would cause it to refresh the randomly-drawn faces beside another the client should be familiar with. Such refreshes are limited in scope.
In those cases where this process generates an underlying PIN code instead of a one-time passcode, for example, then should it be used again the underlying numeric key-pad may be shuffled beside the portraits themselves.
This precludes covert observation from determining any pattern of hand-movement likely to stem from repeated use of a regularly sequenced numeric pin-pad.
The final selection would, for home-working, point the client to a masked URL from where work might be commenced... access having been secured.
For premises, successful access of this kind will issue in an airline check-in style barcode or QR code that can be worn in lieu of a photographic ID.
This can be monitored by cameras and portals throughout the building, but has the benefit of expiring at the end of day. This in turn means that no photographic ID might be either mislaid or misused.