WO2002005078A2 - Method and apparatus for secure identity authentication with audible tones - Google Patents

Method and apparatus for secure identity authentication with audible tones Download PDF

Info

Publication number
WO2002005078A2
WO2002005078A2 PCT/US2001/041049 US0141049W WO0205078A2 WO 2002005078 A2 WO2002005078 A2 WO 2002005078A2 US 0141049 W US0141049 W US 0141049W WO 0205078 A2 WO0205078 A2 WO 0205078A2
Authority
WO
WIPO (PCT)
Prior art keywords
cryptographic
processor
cryptographic signature
person
audible
Prior art date
Application number
PCT/US2001/041049
Other languages
French (fr)
Other versions
WO2002005078A3 (en
Inventor
Gregory Rose
Franklin P. Antonio
Original Assignee
Qualcomm Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Incorporated filed Critical Qualcomm Incorporated
Priority to MXPA03000124A priority Critical patent/MXPA03000124A/en
Priority to AU2001272018A priority patent/AU2001272018A1/en
Priority to JP2002509874A priority patent/JP2004517376A/en
Priority to EP01951085A priority patent/EP1356360A2/en
Priority to IL15363601A priority patent/IL153636A0/en
Priority to KR10-2003-7000153A priority patent/KR20030022848A/en
Priority to BRPI0112239-8A priority patent/BR0112239A/en
Priority to CA002416202A priority patent/CA2416202A1/en
Publication of WO2002005078A2 publication Critical patent/WO2002005078A2/en
Priority to NO20030046A priority patent/NO20030046L/en
Publication of WO2002005078A3 publication Critical patent/WO2002005078A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F1/00Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3272Short range or proximity payments by means of M-devices using an audio code

Definitions

  • the present invention pertains generally to the field of electronic security, and more particularly to the authentication of individuals through audible tones.
  • electronic authentication of an individual can be performed by: 1. Authentication through knowledge, i.e., a password or a personal identification number (PIN) entered into a machine;
  • an individual may perhaps need a PIN for an ATM machine, a password to log on to a computer at work, a password to access the Internet service provider at home, a proximity card to gain access to a secure building, and a garage door opener to gain entry into a house.
  • ATM automatic teller machine
  • smartcards require a smartcard reader
  • voice ID would require a voice encoder /decoder
  • DNA sample would require a laboratory.
  • the present invention pertains to an apparatus that can be used by an individual to securely identify one's self to another party, wherein the apparatus comprises: a processor; a storage element coupled to the processor, wherein the storage element includes an instruction set executable by the processor for generating a cryptographic signature; and a sound component coupled to the processor, wherein the processor commands the sound component to generate an audible tone associated with the cryptographic signature.
  • multiple signatures using multiple cryptographic keys can be either stored or generated by the storage element and the processor.
  • the apparatus further comprises an input element for bi-directional data transfers with other electronic devices.
  • the apparatus further comprises a user interface that can be used to supply an activation code.
  • FIG. 1 is a block diagram of a physical implementation of an exemplary embodiment
  • FIG. 2 is a block diagram of an authentication procedure between an individual and a database manager, wherein an exemplary embodiment is used to authenticate the identity of the individual;
  • FIG. 3 is a flow chart of an authentication method using the exemplary embodiment.
  • FIG. 1 is an exemplary embodiment of a device 5 comprising a processor 10, a storage element 20 coupled to the processor 10, and a sound component 30 coupled to the processor 10, wherein the storage element 20 is configured to store a set of cryptographic signatures and the processor 10 is configured to control the generation of audible tones from the sound component 30, wherein each audible tone is associated with a signature from the set of cryptographic signatures.
  • the device 5 can be implemented in a small, portable size with the use of microprocessors, or application specific integrated circuits (ASICs), or any other logic capable of a control function.
  • the storage element 20 can be any memory device, such as a random access memory (RAM), flash memory, or a disk storage medium.
  • the sound component 30 can be implemented by any mechanical or electronic sound generation device, such as a speaker, along with an optional sound reception device, such as a microphone.
  • the device 5, which will be referred to hereinafter as a "token,” can be carried and activated by an individual whenever some form of identification must be provided to an entity requesting identity authentication.
  • One method for generating cryptographic signatures is public-key cryptography.
  • a public-key cryptography scheme a user has both a private key and a public key for encrypting documents. The user encrypts a communication with the user's private key and sends the encrypted communication to a targeted party, who then decrypts the communication with the user's public key. The fact that the targeted party was able to decrypt the communication with the user's public key would be the electronic signature that authenticates the communication as originating from the user.
  • a public-key cryptography scheme is illustrative only and the exemplary embodiments may incorporate other signature-generating schemes.
  • audible tones are generated to uniquely represent the cryptographic signatures stored on or generated by the token.
  • desktop and laptop computers currently integrate microphones into the computer system and almost all desktop and laptop computers carry the capability to generate sounds.
  • the exemplary embodiment can be advantageously implemented to operate with desktop and laptop computers running the appropriate software.
  • Other electronic devices including, but not limited to, personal data assistants (PDAs), mobile phones, and pagers can also be used with the exemplary embodiment with a proper I/O add-on or software upgrade.
  • the exemplary embodiment can be used with any communication system that is capable of carrying audible tones. Examples include, but are not limited to telephone networks, building intercom systems, and radio communication networks.
  • FIG. 2 is a block diagram of a basic authentication system between an individual and a database manager, wherein a token is used to authenticate the identity of the individual in accordance with one embodiment.
  • a first party 100 intends to access information protected by a database manager 103.
  • the first party 100 holds a token 101 up to a microphone (not shown) coupled to a computer 102, wherein the computer 102 is in communication with the database manager 103.
  • the token 101 generates audible tones to the computer 102, which then transmits the tones, or the cryptographic signature represented by the tones, to the database manager 103.
  • the database manager 103 verifies the first party's identity by retrieving authentication information from the database 104.
  • the individual 100 can then proceed with a private transaction.
  • the freshness of a signature can be ensured through a challenge/response procedure chosen by the database manager 103, wherein the signature is generated in response to a challenge from the database manager 103.
  • the sound component of the token 101 comprises a sound generation element and a sound reception element, so that the token 101 can detect audible tones from the speakers of the computer 102.
  • a token can be programmed to carry multiple keys that would identify an individual to multiple entities.
  • a token can be programmed to generate an audible signature that would identify a token holder to a financial institution over a telephone line.
  • the token can also be programmed to generate a second audible signature that would identify a token holder to a computer network over a microphone hooked up to a computer in the network.
  • the same token can be programmed to generate a third audible signature to a proximity card reader in order to gain access to a secure building.
  • the audible signatures would be generated in accordance with one or more cryptographic keys, wherein the private key portions of the cryptographic keys remain secret within the token, and the corresponding public key portions are used by any entity to verify the audible signatures.
  • One method of generating electronic signatures using private keys and public keys is the Digital Signature Algorithm, promulgated in Federal Information Processing Standard Publication 186-1.
  • the token can further comprise another form of input element, such as a parallel port, a serial port, or a universal serial bus, so that the token can interact with another party through a medium other than audible sound.
  • Various authentication protocols exist in which both parties must exchange information in order to confirm the identity of the opposite party.
  • a token can be programmed with a public-key cryptographic scheme wherein an exchange of public keys must be made.
  • the token can store predetermined cryptographic signatures in the storage element, or the token can generate cryptographic signatures in response to a signal from an external source.
  • the exemplary embodiment may also include an output element for communicating with electronic devices more directly, rather than through sound generation.
  • the sound component will be engaged for authentication functions, but an output element can be engaged for data transfers, such as the backup of the cryptographic signatures onto a personal computer or the exchange of public key information.
  • an activation requirement can be programmed into a token, so that another party may not use the token fraudulently or accidentally.
  • a user interface can be incorporated with the token so that an activation check can be performed.
  • a token will not generate an authentication signature unless it receives confirmation as to the identify of its user.
  • Confirmation can come in the form of a PIN entered into a keypad.
  • confirmation can be determined from a voice print, wherein the user interface is a microphone and the processor has sufficient processing ability to enable voice recognition. Voice recognition methods are well known in the art and will not be discussed in detail herein.
  • Another method to activate a token that has a microphone input would be to use a Dual Tone Multi-Frequency (DTMF) device to input the activation code.
  • DTMF Dual Tone Multi-Frequency
  • This method has the advantage of requiring little processing complexity and requiring an inexpensive and commonly available DTMF sound generator (such as a telephone).
  • Another implementation of the activation requirement is to have the sound component utter numbers in a sequential or non-sequential manner. Whenever a number in the PIN is uttered, the user presses the activation button to register the number with the processor.
  • each cryptographic signature can be associated with its own activation requirement, so that the token may require a different activation check for each authentication request from separate entities.
  • the token can be programmed to become inactive if too many attempts are made to input the activation code.
  • the sound component of the token can be configured to generate encoded audible tones, wherein the encoding will increase the probability that the cryptographic message or signature will be delivered without error.
  • Modulation techniques including, but not limited to Dual Tone Multi-Frequency (DTMF) and Frequency Shift Keying (FSK), can be implemented in order to create a more distinguishable sound amidst loud background noises.
  • the functionality of the sound component can be supplemented with an infrared port.
  • an infrared port may be used advantageously in those circumstances where the use of a sound component would be awkward and undesirable, such as in a public place.
  • the sound component can generate ultrasonic frequencies.
  • the generation of ultrasonic frequencies can be made by an add-on device that works in conjunction with the exemplary embodiment.
  • Such an add-on device would be connected to the exemplary embodiment through audible tones or through an output element.
  • FIG. 3 is a flowchart of an authentication method using a token holding a cryptographic signature.
  • the method is described in relation to a customer trying to access private bank records. However, it should be apparent to one skilled in the art that the method can be applied to any situation wherein a party is trying to access private information or establish access to a computer system or building.
  • a customer enters a banking web site using a personal computer.
  • the banking web site asks for the identity of the customer by sending a coded challenge to the personal computer, wherein the coded challenge is encoded using a public key of the customer.
  • the personal computer requests authentication from the customer.
  • the customer holds a token near the microphone and the speakers of the personal computer and presses an activation button.
  • a series of audio tones plays between the token and the personal computer.
  • the personal computer decodes the audio data and encodes a response to the web site using the coded challenge and the decoded audio data.
  • the web site verifies the digital signature on the response from the personal computer by using its own private key.
  • a token can be used to authenticate the identity of an individual without the need of a personal computer.
  • Most businesses have customer service departments that are accessible through the telephone.
  • customers who have accounts with a business are asked to provide a piece of "secure" information, such as the maiden name of the customer's mother, or the last four digits of a Social Security number, in order to establish the identity of the calling party.
  • "secure" methods are inadequate precautions when a close family member, personal friend, or other party has knowledge of the same information asked by the customer service representative.
  • a customer service representative can authenticate the identity of the customer through the transmission of audible tones over a telephone network.
  • a customer holds the token over the mouthpiece of a telephone and presses the activation button.
  • the customer service representative holds the ear piece of the telephone against a sound detection/ decoding device that compares the received audible tone to a database of tones. A positive match confirms the identity of the calling party.
  • the exemplary embodiments can be implemented whenever a database for storing information pertaining to the authentication process, as discussed above, exists at the receiving end.
  • the processor of the exemplary embodiment can be configured to implement any one of the various cryptographic schemes that are presently available.
  • the exemplary embodiment can be used to implement one cryptographic scheme with one party and another cryptographic scheme with another party.
  • the basic implementation of the exemplary embodiment can be performed without the need for a physical connection to an intermediary device because it can communicate with the separate parties through the almost universal communication medium of sound.
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • the processor may advantageously be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, micro-controller, or state machine.
  • the software module could reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.

Abstract

Method and apparatus for allowing persons to securely identify themselves in electronic commerce and transactions involving other parties. A token stores or determines a set of cryptographic signatures and uses a sound component to generate a unique audible tone representative of a cryptographic signature. The audible tone is conveyed to a party requesting authentication of the token holder, whereupon the party determines whether the information conveyed by the audible tone exists in a database of identities.

Description

METHOD AND APPARATUS FOR SECURE IDENTITY AUTHENTICATION WITH AUDIBLE TONES
BACKGROUND
I. Field of the Invention
The present invention pertains generally to the field of electronic security, and more particularly to the authentication of individuals through audible tones.
II. Background
Access to the Internet and usage of electronic data systems have grown steadily among the general public. Electronic commerce has been eagerly embraced by both consumers and businesses due to the relative ease with which one party can purchase or sell to another party without the inherent complications involved with running a "bricks and mortar" establishment. However, with the introduction of a system of communication wherein face- to-face contact is eliminated or greatly reduced, opportunities for fraudulent activity have increased. A stolen credit card in the hands of a wrong-doer can cause damage to the credit rating of the named credit card holder and cause damage for the credit card issuer who must absorb the loss resulting from unauthorized purchases. In a worst-case scenario, a wrong-doer may actually purloin a party's identity in order to exploit the credit-worthiness and financial accounts of that party. Such an activity leaves the wronged party in the untenable position of defending himself or herself against any criminal activity perpetrated in his or her name, denying activities conducted at the businesses of deceived creditors, or re-establishing a new identity with the authorities.
In order to prevent unauthorized parties from intercepting private information, various encryption schemes have been developed so that private information transmitted between parties is concealed. However, the concealment of private information is only one aspect of the security needed to achieve a high level of consumer confidence in electronic commerce. Another aspect is authentication.
Traditionally, signatures are placed on legal documents to identify the parties involved in the subject matter of the documents and to show that the parties are in formal agreement. With the advent of the electronic commerce, some type of electronic signature is necessary to formalize the identification of the parties and the agreement between them. The United States government recently enacted the "Electronic Signatures in Global and National Commerce Act", HR 1714, 105th Cong. (2000), to give such electronic signatures the same force of law as a penned signature for certain legal contracts. However, the actual implementation of a secure electronic signature has been left unresolved by the U.S. government.
In the current state of the art, electronic authentication of an individual can be performed by: 1. Authentication through knowledge, i.e., a password or a personal identification number (PIN) entered into a machine;
2. Authentication through portable objects, i.e., a credit card, a police badge, a SecurlD token, or a proximity card; or
3. Authentication through personal characteristics, i.e., a fingerprint, DNA, or a signature.
With the current reliance on electronic security measures, it is not uncommon for an individual to carry multiple objects or to remember multiple passwords. For example, an individual may perhaps need a PIN for an ATM machine, a password to log on to a computer at work, a password to access the Internet service provider at home, a proximity card to gain access to a secure building, and a garage door opener to gain entry into a house.
Authentication through knowledge is thus problematic for individuals who must remember multiple passwords or PINs, or for individuals with poor memories. It is highly recommended that people do not write down such information because it leaves a person vulnerable to the theft of the passwords and PINs.
Authentication through portable objects and personal characteristics can also be problematic for an average consumer because highly specialized input devices are required to retrieve the authentication information. For example, automatic teller machine (ATM) cards require an ATM, smartcards require a smartcard reader, a voice ID would require a voice encoder /decoder, and a DNA sample would require a laboratory.
Hence, the current methods utilizing physical objects and personal characteristics are inadequate for a person who must be authenticated through a computer connection or across a telephone line. In addition, remembering passwords and carrying multiple physical objects can be too cumbersome. There is a present need to simplify the process of authenticating an individual to multiple entities.
SUMMARY
The present invention pertains to an apparatus that can be used by an individual to securely identify one's self to another party, wherein the apparatus comprises: a processor; a storage element coupled to the processor, wherein the storage element includes an instruction set executable by the processor for generating a cryptographic signature; and a sound component coupled to the processor, wherein the processor commands the sound component to generate an audible tone associated with the cryptographic signature.
In one aspect of an embodiment, multiple signatures using multiple cryptographic keys can be either stored or generated by the storage element and the processor.
In another aspect of an embodiment, the apparatus further comprises an input element for bi-directional data transfers with other electronic devices.
In another aspect of an embodiment, the apparatus further comprises a user interface that can be used to supply an activation code.
BRIEF DESCRIPTION OF THE DRAWINGS
The features, objects, and advantages of the present invention will become more apparent from the detailed description set forth below when taken in conjunction with the drawings in which like reference characters identify correspondingly throughout and wherein:
FIG. 1 is a block diagram of a physical implementation of an exemplary embodiment;
FIG. 2 is a block diagram of an authentication procedure between an individual and a database manager, wherein an exemplary embodiment is used to authenticate the identity of the individual; and
FIG. 3 is a flow chart of an authentication method using the exemplary embodiment.
DETAILED DESCRIPTION OF THE EXEMPLARY EMBODIMENTS
FIG. 1 is an exemplary embodiment of a device 5 comprising a processor 10, a storage element 20 coupled to the processor 10, and a sound component 30 coupled to the processor 10, wherein the storage element 20 is configured to store a set of cryptographic signatures and the processor 10 is configured to control the generation of audible tones from the sound component 30, wherein each audible tone is associated with a signature from the set of cryptographic signatures. As is readily apparent to one skilled in the art, the device 5 can be implemented in a small, portable size with the use of microprocessors, or application specific integrated circuits (ASICs), or any other logic capable of a control function. The storage element 20 can be any memory device, such as a random access memory (RAM), flash memory, or a disk storage medium. The sound component 30 can be implemented by any mechanical or electronic sound generation device, such as a speaker, along with an optional sound reception device, such as a microphone. The device 5, which will be referred to hereinafter as a "token," can be carried and activated by an individual whenever some form of identification must be provided to an entity requesting identity authentication.
One method for generating cryptographic signatures is public-key cryptography. In a public-key cryptography scheme, a user has both a private key and a public key for encrypting documents. The user encrypts a communication with the user's private key and sends the encrypted communication to a targeted party, who then decrypts the communication with the user's public key. The fact that the targeted party was able to decrypt the communication with the user's public key would be the electronic signature that authenticates the communication as originating from the user. It should be noted that the use of a public-key cryptography scheme is illustrative only and the exemplary embodiments may incorporate other signature-generating schemes.
It is an advantage in the exemplary embodiment that audible tones are generated to uniquely represent the cryptographic signatures stored on or generated by the token. Almost all desktop and laptop computers currently integrate microphones into the computer system and almost all desktop and laptop computers carry the capability to generate sounds. Hence, the exemplary embodiment can be advantageously implemented to operate with desktop and laptop computers running the appropriate software. Other electronic devices, including, but not limited to, personal data assistants (PDAs), mobile phones, and pagers can also be used with the exemplary embodiment with a proper I/O add-on or software upgrade. In addition, the exemplary embodiment can be used with any communication system that is capable of carrying audible tones. Examples include, but are not limited to telephone networks, building intercom systems, and radio communication networks. Hence, an individual can use the exemplary embodiment to identify himself or herself directly in a face-to-face transaction or indirectly through an acoustic communication medium. FIG. 2 is a block diagram of a basic authentication system between an individual and a database manager, wherein a token is used to authenticate the identity of the individual in accordance with one embodiment. A first party 100 intends to access information protected by a database manager 103. The first party 100 holds a token 101 up to a microphone (not shown) coupled to a computer 102, wherein the computer 102 is in communication with the database manager 103. The token 101 generates audible tones to the computer 102, which then transmits the tones, or the cryptographic signature represented by the tones, to the database manager 103. The database manager 103 verifies the first party's identity by retrieving authentication information from the database 104. The individual 100 can then proceed with a private transaction. In an alternative embodiment, the freshness of a signature can be ensured through a challenge/response procedure chosen by the database manager 103, wherein the signature is generated in response to a challenge from the database manager 103. In this embodiment, the sound component of the token 101 comprises a sound generation element and a sound reception element, so that the token 101 can detect audible tones from the speakers of the computer 102.
It is another advantage of the exemplary embodiment that a token can be programmed to carry multiple keys that would identify an individual to multiple entities. For example, a token can be programmed to generate an audible signature that would identify a token holder to a financial institution over a telephone line. The token can also be programmed to generate a second audible signature that would identify a token holder to a computer network over a microphone hooked up to a computer in the network. The same token can be programmed to generate a third audible signature to a proximity card reader in order to gain access to a secure building. In an aspect of the embodiment, the audible signatures would be generated in accordance with one or more cryptographic keys, wherein the private key portions of the cryptographic keys remain secret within the token, and the corresponding public key portions are used by any entity to verify the audible signatures. One method of generating electronic signatures using private keys and public keys is the Digital Signature Algorithm, promulgated in Federal Information Processing Standard Publication 186-1. In another exemplary embodiment, the token can further comprise another form of input element, such as a parallel port, a serial port, or a universal serial bus, so that the token can interact with another party through a medium other than audible sound. Various authentication protocols exist in which both parties must exchange information in order to confirm the identity of the opposite party. For example, a token can be programmed with a public-key cryptographic scheme wherein an exchange of public keys must be made. Hence, the token can store predetermined cryptographic signatures in the storage element, or the token can generate cryptographic signatures in response to a signal from an external source.
In addition to various input elements, the exemplary embodiment may also include an output element for communicating with electronic devices more directly, rather than through sound generation. For example, the sound component will be engaged for authentication functions, but an output element can be engaged for data transfers, such as the backup of the cryptographic signatures onto a personal computer or the exchange of public key information.
In another embodiment, an activation requirement can be programmed into a token, so that another party may not use the token fraudulently or accidentally. In this embodiment, a user interface can be incorporated with the token so that an activation check can be performed. Hence, a token will not generate an authentication signature unless it receives confirmation as to the identify of its user. It should be noted that the token may generate audible tones as part of a protocol interaction even though the token may ultimately refuse to generate an audible authentication signature. Confirmation can come in the form of a PIN entered into a keypad. Alternatively, confirmation can be determined from a voice print, wherein the user interface is a microphone and the processor has sufficient processing ability to enable voice recognition. Voice recognition methods are well known in the art and will not be discussed in detail herein.
Another method to activate a token that has a microphone input would be to use a Dual Tone Multi-Frequency (DTMF) device to input the activation code. This method has the advantage of requiring little processing complexity and requiring an inexpensive and commonly available DTMF sound generator (such as a telephone). Another implementation of the activation requirement is to have the sound component utter numbers in a sequential or non-sequential manner. Whenever a number in the PIN is uttered, the user presses the activation button to register the number with the processor.
In another implementation that can be used in conjunction with the activation requirement methods described above, each cryptographic signature can be associated with its own activation requirement, so that the token may require a different activation check for each authentication request from separate entities. As an added security precaution, the token can be programmed to become inactive if too many attempts are made to input the activation code.
In another embodiment, the sound component of the token can be configured to generate encoded audible tones, wherein the encoding will increase the probability that the cryptographic message or signature will be delivered without error. Modulation techniques, including, but not limited to Dual Tone Multi-Frequency (DTMF) and Frequency Shift Keying (FSK), can be implemented in order to create a more distinguishable sound amidst loud background noises.
In another embodiment, the functionality of the sound component can be supplemented with an infrared port. Various laptop computer manufacturers, printer manufacturers, and PDA manufacturers have incorporated infrared ports into their equipment. An infrared port may be used advantageously in those circumstances where the use of a sound component would be awkward and undesirable, such as in a public place.
In another embodiment, the sound component can generate ultrasonic frequencies. Alternatively, the generation of ultrasonic frequencies can be made by an add-on device that works in conjunction with the exemplary embodiment. Such an add-on device would be connected to the exemplary embodiment through audible tones or through an output element.
FIG. 3 is a flowchart of an authentication method using a token holding a cryptographic signature. For illustrative purposes, the method is described in relation to a customer trying to access private bank records. However, it should be apparent to one skilled in the art that the method can be applied to any situation wherein a party is trying to access private information or establish access to a computer system or building. At step 300, a customer enters a banking web site using a personal computer. At step 310, the banking web site asks for the identity of the customer by sending a coded challenge to the personal computer, wherein the coded challenge is encoded using a public key of the customer. At step 320, the personal computer requests authentication from the customer. At step 330, the customer holds a token near the microphone and the speakers of the personal computer and presses an activation button. At step 340, a series of audio tones plays between the token and the personal computer. At step 350, the personal computer decodes the audio data and encodes a response to the web site using the coded challenge and the decoded audio data. At step 360, the web site verifies the digital signature on the response from the personal computer by using its own private key.
Once the banking web site has confirmed the identity of the customer, the customer can then access his or her account information. In another example, a token can be used to authenticate the identity of an individual without the need of a personal computer. Most businesses have customer service departments that are accessible through the telephone. In many instances, customers who have accounts with a business are asked to provide a piece of "secure" information, such as the maiden name of the customer's mother, or the last four digits of a Social Security number, in order to establish the identity of the calling party. However, such "secure" methods are inadequate precautions when a close family member, personal friend, or other party has knowledge of the same information asked by the customer service representative. In one embodiment, a customer service representative can authenticate the identity of the customer through the transmission of audible tones over a telephone network. At the transmission end, a customer holds the token over the mouthpiece of a telephone and presses the activation button. At the receiving end, the customer service representative holds the ear piece of the telephone against a sound detection/ decoding device that compares the received audible tone to a database of tones. A positive match confirms the identity of the calling party.
It should be noted that the exemplary embodiments can be implemented whenever a database for storing information pertaining to the authentication process, as discussed above, exists at the receiving end. The processor of the exemplary embodiment can be configured to implement any one of the various cryptographic schemes that are presently available. Hence, the exemplary embodiment can be used to implement one cryptographic scheme with one party and another cryptographic scheme with another party. The basic implementation of the exemplary embodiment can be performed without the need for a physical connection to an intermediary device because it can communicate with the separate parties through the almost universal communication medium of sound.
Thus, a novel and improved method and apparatus for securely identifying individuals through the use of audible tones have been described. Those of skill in the art would understand that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both. The various illustrative components, blocks, modules, circuits, and steps have been described generally in terms of their functionality. Whether the functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system. Skilled artisans recognize the interchangeability of hardware and software under these circumstances, and how best to implement the described functionality for each particular application. As examples, the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the embodiments disclosed herein may be implemented or performed with a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components such as, e.g., registers and FIFO, a processor executing a set of firmware instructions, any conventional programmable software module and a processor, or any combination thereof. The processor may advantageously be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, micro-controller, or state machine. The software module could reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. Those of skill would further appreciate that the data, instructions, commands, information, signals, bits, symbols, and chips that may be referenced throughout the above description are advantageously represented by voltages, currents, electromagnetic waves, magnetic fields or particles, optical fields or particles, or any combination thereof. Preferred embodiments of the present invention have thus been shown and described. It would be apparent to one of ordinary skill in the art, however, that numerous alterations may be made to the embodiments herein disclosed without departing from the spirit or scope of the invention. Therefore, the present invention is not to be limited except in accordance with the following claims.
WHAT IS CLAIMED IS:

Claims

1. An apparatus for performing identity authentication of a person, comprising: a processor; a storage element coupled to the processor, wherein the storage element includes an instruction set executable by the processor for generating a cryptographic signature; and a sound component coupled to the processor, wherein the processor is configured to command the sound component to generate an audible tone associated with the cryptographic signature.
2. The apparatus of Claim 1, wherein the sound component comprises a sound generation element and a sound reception element, wherein the processor is configured to determine the cryptographic signature based on an external signal received from the sound reception element.
3. The apparatus of Claim 2, wherein the sound reception element is a microphone.
4. The apparatus of Claim 1, wherein the cryptographic signature is predetermined.
5. The apparatus of Claim 1, further comprising an input element coupled to the processor, wherein the input element is configured to facilitate data transfer.
6. The apparatus of Claim 2, wherein the external signal selects a key.
7. The apparatus of Claim 1, further comprising a user interface, wherein the person can optionally enter an activation check.
8. The apparatus of Claim 7, wherein the activation check is a voiceprint.
9. The apparatus of Claim 7, wherein the activation check is a personal identification number.
10. The apparatus of Claim 2, wherein the cryptographic signature is generated from one of a plurality of cryptographic keys and the audible tone is one of a plurality of audible tones, wherein each of the plurality of audible tones is associated with one of the plurality of cryptographic keys.
11. The apparatus of Claim 10, further comprising a user interface, wherein the person can optionally enter an activation check.
12. The apparatus of Claim 11, wherein the activation check is one of a plurality of activation checks, wherein each of the plurality of activation checks is associated with one of the plurality of cryptographic keys.
13. The apparatus of Claim 12, wherein the plurality of activation checks comprise a plurality of personal identification numbers.
14. The apparatus of Claim 12, wherein the plurality of activation checks comprise a plurality of voiceprints.
15. The apparatus of Claim 2, further comprising an output element coupled to the processor, wherein the output element is configured to facilitate data transfer.
16. The apparatus of Claim 15, wherein the output element is an infrared port.
17. The apparatus of Claim 2, wherein the sound component can transmit a plurality of tones at an ultrasonic frequency.
18. A method for performing identity authentication of a person, comprising: storing a cryptographic signature on a portable unit; and generating an audible tone associated with the cryptographic signature, wherein the audible tone is offered to authenticate the identity of the person.
19. A method for performing identity authentication of a person, comprising: generating a cryptographic signature on a portable unit; and generating an audible tone associated with the cryptographic signature, wherein the audible tone is offered to authenticate the identity of the person.
20. The method of Claim 19, wherein the generation of the cryptographic signature comprises: storing a private key of the person; receiving a challenge, wherein the challenge includes a message coded with the public key of a second party; and forming a response to the challenge, wherein the response includes the challenge coded with the private key of the person.
21. The method of Claim 19, wherein the cryptographic signature is one of a plurality of cryptographic signatures on the portable unit and the audible tone is one of a plurality of audible tones, wherein each of the plurality of audible tones corresponds to one of the plurality of cryptographic signatures.
22. The method of Claim 19, wherein the generating of a cryptographic signature follows the providing of an activation check code to the portable unit.
PCT/US2001/041049 2000-07-07 2001-06-18 Method and apparatus for secure identity authentication with audible tones WO2002005078A2 (en)

Priority Applications (9)

Application Number Priority Date Filing Date Title
MXPA03000124A MXPA03000124A (en) 2000-07-07 2001-06-18 Method and apparatus for secure identity authentication with audible tones.
AU2001272018A AU2001272018A1 (en) 2000-07-07 2001-06-18 Method and apparatus for secure identity authentication with audible tones
JP2002509874A JP2004517376A (en) 2000-07-07 2001-06-18 Method and apparatus for reliable identification and authentication by audible sound
EP01951085A EP1356360A2 (en) 2000-07-07 2001-06-18 Method and apparatus for secure identity authentication with audible tones
IL15363601A IL153636A0 (en) 2000-07-07 2001-06-18 Method and apparatus for secure identity authentication with audible tones
KR10-2003-7000153A KR20030022848A (en) 2000-07-07 2001-06-18 Method and apparatus for secure identity authentication with audible tones
BRPI0112239-8A BR0112239A (en) 2000-07-07 2001-06-18 method for secure identity authentication with audible tones
CA002416202A CA2416202A1 (en) 2000-07-07 2001-06-18 Method and apparatus for secure identity authentication with audible tones
NO20030046A NO20030046L (en) 2000-07-07 2003-01-06 Secure authentication using audible tones

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US61156900A 2000-07-07 2000-07-07
US09/611,569 2000-07-07

Publications (2)

Publication Number Publication Date
WO2002005078A2 true WO2002005078A2 (en) 2002-01-17
WO2002005078A3 WO2002005078A3 (en) 2003-08-21

Family

ID=24449543

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/041049 WO2002005078A2 (en) 2000-07-07 2001-06-18 Method and apparatus for secure identity authentication with audible tones

Country Status (13)

Country Link
EP (1) EP1356360A2 (en)
JP (1) JP2004517376A (en)
KR (1) KR20030022848A (en)
CN (1) CN1708772A (en)
AU (1) AU2001272018A1 (en)
BR (1) BR0112239A (en)
CA (1) CA2416202A1 (en)
IL (1) IL153636A0 (en)
MX (1) MXPA03000124A (en)
NO (1) NO20030046L (en)
RU (1) RU2003103604A (en)
TW (1) TW513629B (en)
WO (1) WO2002005078A2 (en)

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1333406A1 (en) * 2002-02-04 2003-08-06 Siemens Aktiengesellschaft Ring tone authentication
EP1481535A1 (en) * 2002-02-15 2004-12-01 Qualcomm, Incorporated System and method for acoustic two factor authentication
EP1504534A2 (en) * 2002-05-10 2005-02-09 Qualcomm, Incorporated Wireless communication using sound
EP1504562A1 (en) * 2002-05-15 2005-02-09 Qualcomm, Incorporated System and method for managing sonic token verifiers
WO2005013180A2 (en) 2003-07-22 2005-02-10 Qualcomm Incorporated Digital authentication over acoustic channel
EP1527539A1 (en) * 2002-07-01 2005-05-04 QUALCOMM Incorporated Communication using audible tones
WO2012106380A1 (en) * 2011-01-31 2012-08-09 Jason Lester Hill Sonic based digital networking
WO2013009255A1 (en) * 2011-07-11 2013-01-17 Show & Pay Ab A security device and a method for supporting validation in a validation process for an end user interacting with a web site
WO2013055970A3 (en) * 2011-10-11 2013-12-12 Tangome, Inc. Authenticating device users
CN104112307A (en) * 2014-06-24 2014-10-22 福建歌航电子信息科技有限公司 Electronic lock by using sound waves for unlocking and unlocking method thereof
US20150020173A1 (en) * 2012-09-04 2015-01-15 Apple Inc. Automated device access
EP2922010A3 (en) * 2013-11-15 2015-10-21 Robert Culyer Digital voucher authentication
EP2621126A4 (en) * 2010-09-25 2015-10-21 Tendyron Corp Electronic device that uses voice mode to communicate with external devices
US9183552B2 (en) 2010-04-14 2015-11-10 Nokia Technologies Oy Method and apparatus for providing automated payment with an audio token
US9344892B1 (en) 2016-01-19 2016-05-17 Fmr Llc Mobile device authentication and call routing using dual-tone multi-frequency signaling
AU2015200701B2 (en) * 2010-01-12 2016-07-28 Visa International Service Association Anytime validation for verification tokens
US9460590B2 (en) 2012-09-24 2016-10-04 Wal-Mart Stores, Inc. Determination of customer proximity to a register through use of sound and methods thereof
CN106981111A (en) * 2017-03-22 2017-07-25 福建农林大学 A kind of utilization rivest, shamir, adelman encrypts the electronic switch lock and its method for unlocking of sonic data
US10586229B2 (en) 2010-01-12 2020-03-10 Visa International Service Association Anytime validation tokens
EP2940641B1 (en) * 2012-12-28 2021-05-19 Rakuten, Inc. Information accessing device, computer program, information processing system, access control system, mobile terminal, method for controlling mobile terminal, and program for controlling mobile terminal

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101103525B1 (en) * 2010-12-06 2012-01-09 엘지이노텍 주식회사 Lighting device
KR101103524B1 (en) * 2010-11-30 2012-01-09 엘지이노텍 주식회사 Lighting device
CN102567881A (en) * 2011-12-30 2012-07-11 深圳盒子支付信息技术有限公司 Novel network payment system and method
CN103220599A (en) * 2013-03-22 2013-07-24 福州欣联达电子科技有限公司 Converting method and converter for portable device headset interface and serial communication interface
CN104463587A (en) * 2014-09-24 2015-03-25 冯林 Payment authentication system
CN105700448B (en) * 2016-01-29 2018-06-08 中国联合网络通信集团有限公司 Long-distance monitoring method and remote monitoring system
CN105809790B (en) * 2016-03-10 2018-04-10 上海斐讯数据通信技术有限公司 A kind of method of sound wave lock system and automatic unlocking
WO2018042798A1 (en) * 2016-09-02 2018-03-08 シャープ株式会社 Response device, control method therefor, and control program therefor
CN108040186B (en) * 2017-11-15 2021-02-09 维沃移动通信有限公司 DTMF signal sending method and mobile terminal

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4601011A (en) * 1981-12-30 1986-07-15 Avigdor Grynberg User authorization verification apparatus for computer systems including a central device and a plurality of pocket sized remote units
EP0374012A1 (en) * 1988-12-07 1990-06-20 ETAT FRANCAIS représenté par le Ministre des Postes, Télécommunications et de l'Espace Authentication apparatus for an interactive server
FR2753860A1 (en) * 1996-09-25 1998-03-27 Fintel Sa METHOD AND SYSTEM FOR SECURING REMOTE SERVICES PROVIDED BY FINANCIAL ORGANIZATIONS
US5745555A (en) * 1994-08-05 1998-04-28 Smart Tone Authentication, Inc. System and method using personal identification numbers and associated prompts for controlling unauthorized use of a security device and unauthorized access to a resource
WO2000021020A2 (en) * 1998-10-02 2000-04-13 Comsense Technologies, Ltd. Card for interaction with a computer
WO2001011575A1 (en) * 1999-08-09 2001-02-15 Wow Company S.A. Portable certification device with acoustic coupling

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4601011A (en) * 1981-12-30 1986-07-15 Avigdor Grynberg User authorization verification apparatus for computer systems including a central device and a plurality of pocket sized remote units
EP0374012A1 (en) * 1988-12-07 1990-06-20 ETAT FRANCAIS représenté par le Ministre des Postes, Télécommunications et de l'Espace Authentication apparatus for an interactive server
US5745555A (en) * 1994-08-05 1998-04-28 Smart Tone Authentication, Inc. System and method using personal identification numbers and associated prompts for controlling unauthorized use of a security device and unauthorized access to a resource
FR2753860A1 (en) * 1996-09-25 1998-03-27 Fintel Sa METHOD AND SYSTEM FOR SECURING REMOTE SERVICES PROVIDED BY FINANCIAL ORGANIZATIONS
WO2000021020A2 (en) * 1998-10-02 2000-04-13 Comsense Technologies, Ltd. Card for interaction with a computer
WO2001011575A1 (en) * 1999-08-09 2001-02-15 Wow Company S.A. Portable certification device with acoustic coupling

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1333406A1 (en) * 2002-02-04 2003-08-06 Siemens Aktiengesellschaft Ring tone authentication
EP1481535A1 (en) * 2002-02-15 2004-12-01 Qualcomm, Incorporated System and method for acoustic two factor authentication
US7966497B2 (en) 2002-02-15 2011-06-21 Qualcomm Incorporated System and method for acoustic two factor authentication
JP2005518721A (en) * 2002-02-15 2005-06-23 クゥアルコム・インコーポレイテッド Acoustic two-factor authentication system and method
EP1481535A4 (en) * 2002-02-15 2006-07-26 Qualcomm Inc System and method for acoustic two factor authentication
EP1504534A2 (en) * 2002-05-10 2005-02-09 Qualcomm, Incorporated Wireless communication using sound
EP1504534A4 (en) * 2002-05-10 2011-05-11 Qualcomm Inc Wireless communication using sound
EP1504562A4 (en) * 2002-05-15 2007-08-08 Qualcomm Inc System and method for managing sonic token verifiers
EP1504562A1 (en) * 2002-05-15 2005-02-09 Qualcomm, Incorporated System and method for managing sonic token verifiers
US7401224B2 (en) 2002-05-15 2008-07-15 Qualcomm Incorporated System and method for managing sonic token verifiers
EP1527539A1 (en) * 2002-07-01 2005-05-04 QUALCOMM Incorporated Communication using audible tones
EP1527539A4 (en) * 2002-07-01 2005-11-09 Qualcomm Inc Communication using audible tones
EP1654688A2 (en) * 2003-07-22 2006-05-10 Qualcomm Incorporated Digital authentication over acoustic channel
EP1654688A4 (en) * 2003-07-22 2011-10-19 Qualcomm Inc Digital authentication over acoustic channel
WO2005013180A2 (en) 2003-07-22 2005-02-10 Qualcomm Incorporated Digital authentication over acoustic channel
US10586229B2 (en) 2010-01-12 2020-03-10 Visa International Service Association Anytime validation tokens
AU2015200701B2 (en) * 2010-01-12 2016-07-28 Visa International Service Association Anytime validation for verification tokens
US9183552B2 (en) 2010-04-14 2015-11-10 Nokia Technologies Oy Method and apparatus for providing automated payment with an audio token
EP2621126A4 (en) * 2010-09-25 2015-10-21 Tendyron Corp Electronic device that uses voice mode to communicate with external devices
WO2012106380A1 (en) * 2011-01-31 2012-08-09 Jason Lester Hill Sonic based digital networking
WO2013009255A1 (en) * 2011-07-11 2013-01-17 Show & Pay Ab A security device and a method for supporting validation in a validation process for an end user interacting with a web site
US8682297B2 (en) 2011-10-11 2014-03-25 Tangome, Inc. Seamlessly authenticating device users
WO2013055970A3 (en) * 2011-10-11 2013-12-12 Tangome, Inc. Authenticating device users
US20150020173A1 (en) * 2012-09-04 2015-01-15 Apple Inc. Automated device access
US11768928B2 (en) 2012-09-04 2023-09-26 Apple Inc. Automated device access
US9992674B2 (en) * 2012-09-04 2018-06-05 Apple Inc. Automated device access
US20180324586A1 (en) * 2012-09-04 2018-11-08 Apple Inc. Automated device access
US11048789B2 (en) 2012-09-04 2021-06-29 Apple Inc. Automated device access
US9460590B2 (en) 2012-09-24 2016-10-04 Wal-Mart Stores, Inc. Determination of customer proximity to a register through use of sound and methods thereof
US11651338B2 (en) 2012-12-28 2023-05-16 Rakuten Group, Inc. Information access device, computer program product, information processing system, access control system, portable terminal, portable terminal control method, and portable terminal control program product
EP2940641B1 (en) * 2012-12-28 2021-05-19 Rakuten, Inc. Information accessing device, computer program, information processing system, access control system, mobile terminal, method for controlling mobile terminal, and program for controlling mobile terminal
EP2922010A3 (en) * 2013-11-15 2015-10-21 Robert Culyer Digital voucher authentication
CN104112307A (en) * 2014-06-24 2014-10-22 福建歌航电子信息科技有限公司 Electronic lock by using sound waves for unlocking and unlocking method thereof
US9344892B1 (en) 2016-01-19 2016-05-17 Fmr Llc Mobile device authentication and call routing using dual-tone multi-frequency signaling
CN106981111A (en) * 2017-03-22 2017-07-25 福建农林大学 A kind of utilization rivest, shamir, adelman encrypts the electronic switch lock and its method for unlocking of sonic data

Also Published As

Publication number Publication date
TW513629B (en) 2002-12-11
AU2001272018A1 (en) 2002-01-21
NO20030046L (en) 2003-02-21
RU2003103604A (en) 2004-06-10
IL153636A0 (en) 2003-07-06
EP1356360A2 (en) 2003-10-29
CA2416202A1 (en) 2002-01-17
WO2002005078A3 (en) 2003-08-21
JP2004517376A (en) 2004-06-10
MXPA03000124A (en) 2003-09-22
BR0112239A (en) 2006-05-02
CN1708772A (en) 2005-12-14
KR20030022848A (en) 2003-03-17
NO20030046D0 (en) 2003-01-06

Similar Documents

Publication Publication Date Title
EP1356360A2 (en) Method and apparatus for secure identity authentication with audible tones
US9231944B2 (en) Method and apparatus for the secure authentication of a web site
JP4680505B2 (en) Simple voice authentication method and apparatus
US8755501B2 (en) Acoustic encoding of dynamic identification codes
US8943583B2 (en) System and method for managing sonic token verifiers
EP2339550A1 (en) One-Time password credit/debit card
JP2004519874A (en) Trusted Authentication Digital Signature (TADS) System
US7836308B2 (en) Apparatus and method for multiple function authentication device
JP3925613B2 (en) Personal authentication system and personal authentication method
JP2001298779A (en) Mobile information terminal and service system using it
KR20030025962A (en) Method for authenticating user using security card based on sound
JP2002288623A (en) Ic card system
KR20020073717A (en) A Personal Approval System from the Off-line for Fingerprint Cognition and Smart Card and Method thereof

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWE Wipo information: entry into national phase

Ref document number: 153636

Country of ref document: IL

WWE Wipo information: entry into national phase

Ref document number: 2001951085

Country of ref document: EP

Ref document number: 7/CHENP/2003

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 1020037000153

Country of ref document: KR

Ref document number: 2416202

Country of ref document: CA

Ref document number: 018124151

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: PA/a/2003/000124

Country of ref document: MX

WWE Wipo information: entry into national phase

Ref document number: 2001272018

Country of ref document: AU

ENP Entry into the national phase

Ref country code: RU

Ref document number: RU A

Ref document number: 2003103604

Country of ref document: RU

Kind code of ref document: A

WWP Wipo information: published in national office

Ref document number: 1020037000153

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 2001951085

Country of ref document: EP

ENP Entry into the national phase

Ref document number: PI0112239

Country of ref document: BR

WWW Wipo information: withdrawn in national office

Ref document number: 2001951085

Country of ref document: EP