CA2496357A1 - Method and system for authenticating the originator of an electronic facsimile transmission - Google Patents
Method and system for authenticating the originator of an electronic facsimile transmission Download PDFInfo
- Publication number
- CA2496357A1 CA2496357A1 CA 2496357 CA2496357A CA2496357A1 CA 2496357 A1 CA2496357 A1 CA 2496357A1 CA 2496357 CA2496357 CA 2496357 CA 2496357 A CA2496357 A CA 2496357A CA 2496357 A1 CA2496357 A1 CA 2496357A1
- Authority
- CA
- Canada
- Prior art keywords
- originator
- fax
- voice
- module
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/44—Secrecy systems
- H04N1/4406—Restricting access, e.g. according to user identity
- H04N1/4413—Restricting access, e.g. according to user identity involving the use of passwords, ID codes or the like, e.g. PIN
-
- G—PHYSICS
- G10—MUSICAL INSTRUMENTS; ACOUSTICS
- G10L—SPEECH ANALYSIS OR SYNTHESIS; SPEECH RECOGNITION; SPEECH OR VOICE PROCESSING; SPEECH OR AUDIO CODING OR DECODING
- G10L17/00—Speaker identification or verification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00204—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server
- H04N1/00244—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server with a server, e.g. an internet server
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00912—Arrangements for controlling a still picture apparatus or components thereof not otherwise provided for
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/32—Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
- H04N1/327—Initiating, continuing or ending a single-mode communication; Handshaking therefor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/32—Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
- H04N1/327—Initiating, continuing or ending a single-mode communication; Handshaking therefor
- H04N1/32765—Initiating a communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/32—Circuits or arrangements for control or supervision between transmitter and receiver or between image input and image output device, e.g. between a still-image camera and its memory or between a still-image camera and a printer device
- H04N1/327—Initiating, continuing or ending a single-mode communication; Handshaking therefor
- H04N1/32786—Ending a communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/44—Secrecy systems
- H04N1/4406—Restricting access, e.g. according to user identity
- H04N1/4433—Restricting access, e.g. according to user identity to an apparatus, part of an apparatus or an apparatus function
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N1/00—Scanning, transmission or reproduction of documents or the like, e.g. facsimile transmission; Details thereof
- H04N1/00127—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture
- H04N1/00204—Connection or combination of a still picture apparatus with another apparatus, e.g. for storage, processing or transmission of still picture signals or of information associated with a still picture with a digital computer or a digital computer system, e.g. an internet server
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
- H04N2201/00—Indexing scheme relating to scanning, transmission or reproduction of documents or the like, and to details thereof
- H04N2201/0077—Types of the still picture apparatus
- H04N2201/0093—Facsimile machine
Abstract
Method, system and server for authenticating the originator of a fax transmission is provided. The server is provided between the fax originator and a receiving entity.
The server automatically intercepts access request from the originator and implements voice biometric verification before the originator sends a fax document to the receiving entity. The server may allow the fax originator to start a facsimile transaction only when the fax originator obtains positive authentication.
The server automatically intercepts access request from the originator and implements voice biometric verification before the originator sends a fax document to the receiving entity. The server may allow the fax originator to start a facsimile transaction only when the fax originator obtains positive authentication.
Description
Method And System For Authenticating The Originator Of An Electronic Facsimile Transmission FIELD OF INVENTION
[0001] This invention relates to a facsimile transmission, specifically to a method and system for authenticating the identity of the originator of a facsimile transmission.
BACKGROUND OF THE INVENTION
[0001] This invention relates to a facsimile transmission, specifically to a method and system for authenticating the identity of the originator of a facsimile transmission.
BACKGROUND OF THE INVENTION
[0002] Sometimes called "telecopying," a facsimile (fax) is the telephonic transmission of scanned-in printed material (text or images), usually to a telephone number associated with a printer or other output device. The original document is 1o scanned with a fax machine, which treats the contents (text or images) as a single fixed graphic image, converting it into a binary data (1 for white, 0 for dark). In this digital form, the information is transmitted as electrical signals through the telephone system. The receiving fax machine reconverts the coded image and prints a paper copy of the document.
15 [0003] For positively authenticating the identity of the human originator of a facsimile transmission, various suggestions have been made as follows:
[0004] (1) PKI (Public Key Infrastructure) Smart Card enabled network devices:
A
user (i.e. sender) has a Smart Card or Token device holds the individuals private key and credentials. However, Smart Cards and Token devices can be stolen.
20 [0005] (2) Fax device user passwords/PINs (Personal Identification Numbers): A user (i.e. sender) is identified by a user code/key and a PINlPassword. However, passwords and PINS can be easily forgotten or guessed.
[0006] (3) Fax Server and Transmission Symmetric Key methods: A fax server or fax machine uses a cryptographic method for authenticating a sending fax device to a 25 receiving fax device. The cryptographic method can authenticate to, and exchange credentials between, the fax devices. However, the cryptographic method cannot authenticate the identity of a human operator in the sending fax.
[0007] It is therefore desirable to provide a new reliable system and method of authenticating the identity of an originator of a facsimile transmission.
SUMMARY OF THE INVENTION
[0008] It is an object of the present invention to provide a new system and method that obviates or mitigates at least one of the disadvantages of existing systems.
[0009] According to an aspect of the present invention, there is provided a server for authenticating the identity of an originator of a facsimile transmission, which includes: a voice biometric module for a speaker verification with a voiceprint; an intercepting module for automatically intercepting a fax request from the originator; a request module for requesting a voice reply to the originator; an authentication module for authenticating the originator in response to the speaker verification by the voice 1 o biometric module using the voice reply and the voiceprint; and means for allowing the originator the fax transmission in response to the authentication result.
[0010] According to a further aspect of the present invention, there is provided a method of authenticating the identity of an originator of a facsimile transmission, which includes the steps of generating a voiceprint based on voice sampling;
15 automatically intercepting a fax request from the originator; requesting a voice reply to the originator; verifying the originator based on the voice reply and voiceprint; and authenticating the originator in response to the verification, and allowing the originator the fax transmission.
[0011 ] According to a further aspect of the present invention, there is provided a 2o system for authenticating the identity of an originator of a facsimile transmission, which includes: a server provided between the originator and a receiving system and a fax system for the originator. The server includes: a voice biometric module for a speaker verification with a voiceprint; an intercepting module for automatically intercepting a fax request from the originator; a request module for requesting a voice 25 reply to the originator; an authentication module for authenticating the originator in response to the speaker verification by the voice biometric module using the voice reply and the voiceprint; and means for allowing the originator the fax transmission in response to the authentication result. The fax system for the originator includes: a fax machine for sending a fax document, and a telephony system for communicating with 3o the server.
[0012] This summary of the invention does not necessarily describe all features of the invention.
BRIEF DESCRIPTION OF THE DRAWllVGS
[0013] These and other features of the invention will become more apparent from the following description in which reference is made to the appended drawings wherein:
[0014] FIGURE 1 is a diagram showing a voice biometric server in accordance with an embodiment of the present invention;
[0015] FIGURE 2 is a flow chart showing enrollment and voice verification/authentication process in Figure 1;
[0016] FIGURE 3 is a flow chart showing verification/authentication process in a bank;
[0017] FIGURE 4 is a flow chart showing an example of verification/authentication process of Figure 3;
[0018] FIGURE 5 is flow chart showing an example of operation for acquiring a 1s unique identifier; and [0019] FIGURE 6 is a flow chart showing an example of operation for preventing user identity spoofing.
DETAILED DESCRIPTION
[0020] Figure 1 shows a server 10 in accordance with an embodiment of the present 2o invention. The voice biometric server 10 is a server with a faxboard. The voice biometric server 10 is an integrated hardware and software platform that verifies the identity of callers (a sender, a fax originator) with biometric voice verification, records voice transactions, and creates a secure audit trail of all interactions with a system.
[0021] The voice biometric server 10 may include a module for anti-spoofing, as 25 disclosed in Canadian Patent application No. 2,465,650, which is incorporated herein by reference. The voice biometric server 10 may include functionality disclosed in Canadian Patent Application Nos. 2,375,589, 2,327,610, 2,375,415, 2,375,165, 2,364,293, 2,352,001 and 2,393,561, which are incorporated herein by reference.
[0022] The voice biometric server 10 verifies/authenticates a fax originator before the fax originator sends a fax document to a receiving entity.
[0023] In Figure 1, a fax 16 and a telephone 18 are shown as example, which are connected to the voice biometric server 10 through a network 12. In Figure 1, a fax 22, a computer 24 and a printer 26 are shown as example, which are connected to the voice biometric server 10 through a network 14.
[0024] The voice biometric server 10 accepts faxes from fax machines (e.g. 16 of 1o Figure 1) with attached handsets or from those without attached handsets as long as there is a telephone (e.g. 18 of Figure 1) connected to the fax transmission line, e.g. a typical setup for SOHO (Small Office Home Office) users. It can also interface with various telephony configurations including analog and digital trunks, direct connections from the Telephone Central Office (CO) or from the customer's Private 15 Branch Exchange (PBX) (e.g. 20 of Figure 1), or Voice over Internet Protocol (VoIP) installations. The authenticated fax may be sent directly to a desktop Personal Computer (PC) (e.g. 24 of Figure 1), an attached printer (e.g. 26 of Figure 1), or to an existing fax infrastructure (e.g. 22 of Figure 1).
[0025] The voice biometric server 10 ensures the identity of the fax originator and 2o that the transmitted fax is routed to the correct receiving fax server. The voice biometric server 10 works as an intermediary between the human sender of a fax and the receiver of the fax, and only allows documents from voice biometric verified senders to be delivered to the receivers) (e.g. the receiving fax machine).
[0026] The voice biometric server 10 performs speaker verification. The voice 25 biometric server 10 may perform speaker identification. In speaker verification, the user claims an identity that must be verified as true or false. In speaker identification, the user provides a speech sample and then the voice biometric server 10 chooses which speaker within a closed set matches the user sample.
15 [0003] For positively authenticating the identity of the human originator of a facsimile transmission, various suggestions have been made as follows:
[0004] (1) PKI (Public Key Infrastructure) Smart Card enabled network devices:
A
user (i.e. sender) has a Smart Card or Token device holds the individuals private key and credentials. However, Smart Cards and Token devices can be stolen.
20 [0005] (2) Fax device user passwords/PINs (Personal Identification Numbers): A user (i.e. sender) is identified by a user code/key and a PINlPassword. However, passwords and PINS can be easily forgotten or guessed.
[0006] (3) Fax Server and Transmission Symmetric Key methods: A fax server or fax machine uses a cryptographic method for authenticating a sending fax device to a 25 receiving fax device. The cryptographic method can authenticate to, and exchange credentials between, the fax devices. However, the cryptographic method cannot authenticate the identity of a human operator in the sending fax.
[0007] It is therefore desirable to provide a new reliable system and method of authenticating the identity of an originator of a facsimile transmission.
SUMMARY OF THE INVENTION
[0008] It is an object of the present invention to provide a new system and method that obviates or mitigates at least one of the disadvantages of existing systems.
[0009] According to an aspect of the present invention, there is provided a server for authenticating the identity of an originator of a facsimile transmission, which includes: a voice biometric module for a speaker verification with a voiceprint; an intercepting module for automatically intercepting a fax request from the originator; a request module for requesting a voice reply to the originator; an authentication module for authenticating the originator in response to the speaker verification by the voice 1 o biometric module using the voice reply and the voiceprint; and means for allowing the originator the fax transmission in response to the authentication result.
[0010] According to a further aspect of the present invention, there is provided a method of authenticating the identity of an originator of a facsimile transmission, which includes the steps of generating a voiceprint based on voice sampling;
15 automatically intercepting a fax request from the originator; requesting a voice reply to the originator; verifying the originator based on the voice reply and voiceprint; and authenticating the originator in response to the verification, and allowing the originator the fax transmission.
[0011 ] According to a further aspect of the present invention, there is provided a 2o system for authenticating the identity of an originator of a facsimile transmission, which includes: a server provided between the originator and a receiving system and a fax system for the originator. The server includes: a voice biometric module for a speaker verification with a voiceprint; an intercepting module for automatically intercepting a fax request from the originator; a request module for requesting a voice 25 reply to the originator; an authentication module for authenticating the originator in response to the speaker verification by the voice biometric module using the voice reply and the voiceprint; and means for allowing the originator the fax transmission in response to the authentication result. The fax system for the originator includes: a fax machine for sending a fax document, and a telephony system for communicating with 3o the server.
[0012] This summary of the invention does not necessarily describe all features of the invention.
BRIEF DESCRIPTION OF THE DRAWllVGS
[0013] These and other features of the invention will become more apparent from the following description in which reference is made to the appended drawings wherein:
[0014] FIGURE 1 is a diagram showing a voice biometric server in accordance with an embodiment of the present invention;
[0015] FIGURE 2 is a flow chart showing enrollment and voice verification/authentication process in Figure 1;
[0016] FIGURE 3 is a flow chart showing verification/authentication process in a bank;
[0017] FIGURE 4 is a flow chart showing an example of verification/authentication process of Figure 3;
[0018] FIGURE 5 is flow chart showing an example of operation for acquiring a 1s unique identifier; and [0019] FIGURE 6 is a flow chart showing an example of operation for preventing user identity spoofing.
DETAILED DESCRIPTION
[0020] Figure 1 shows a server 10 in accordance with an embodiment of the present 2o invention. The voice biometric server 10 is a server with a faxboard. The voice biometric server 10 is an integrated hardware and software platform that verifies the identity of callers (a sender, a fax originator) with biometric voice verification, records voice transactions, and creates a secure audit trail of all interactions with a system.
[0021] The voice biometric server 10 may include a module for anti-spoofing, as 25 disclosed in Canadian Patent application No. 2,465,650, which is incorporated herein by reference. The voice biometric server 10 may include functionality disclosed in Canadian Patent Application Nos. 2,375,589, 2,327,610, 2,375,415, 2,375,165, 2,364,293, 2,352,001 and 2,393,561, which are incorporated herein by reference.
[0022] The voice biometric server 10 verifies/authenticates a fax originator before the fax originator sends a fax document to a receiving entity.
[0023] In Figure 1, a fax 16 and a telephone 18 are shown as example, which are connected to the voice biometric server 10 through a network 12. In Figure 1, a fax 22, a computer 24 and a printer 26 are shown as example, which are connected to the voice biometric server 10 through a network 14.
[0024] The voice biometric server 10 accepts faxes from fax machines (e.g. 16 of 1o Figure 1) with attached handsets or from those without attached handsets as long as there is a telephone (e.g. 18 of Figure 1) connected to the fax transmission line, e.g. a typical setup for SOHO (Small Office Home Office) users. It can also interface with various telephony configurations including analog and digital trunks, direct connections from the Telephone Central Office (CO) or from the customer's Private 15 Branch Exchange (PBX) (e.g. 20 of Figure 1), or Voice over Internet Protocol (VoIP) installations. The authenticated fax may be sent directly to a desktop Personal Computer (PC) (e.g. 24 of Figure 1), an attached printer (e.g. 26 of Figure 1), or to an existing fax infrastructure (e.g. 22 of Figure 1).
[0025] The voice biometric server 10 ensures the identity of the fax originator and 2o that the transmitted fax is routed to the correct receiving fax server. The voice biometric server 10 works as an intermediary between the human sender of a fax and the receiver of the fax, and only allows documents from voice biometric verified senders to be delivered to the receivers) (e.g. the receiving fax machine).
[0026] The voice biometric server 10 performs speaker verification. The voice 25 biometric server 10 may perform speaker identification. In speaker verification, the user claims an identity that must be verified as true or false. In speaker identification, the user provides a speech sample and then the voice biometric server 10 chooses which speaker within a closed set matches the user sample.
[0027] The speaker verification, speaker identification and a combination thereof in the voice biometric server 10 is text dependant or text independent. The voice biometric text dependent system uses a known utterance, for example, a password or combination digit sequence, which is predefined for each speaker. The voice biometric text independent system uses a different response for each identification attempt. In this case, the input may be a random response to a question.
[0028] Referring to Figure 2, the voice biometric speaker verification is performed in the following manner:
[0029] Enrolling process starts (Step S2). To enrol in a system administered by the to voice biometric server 10, a user (an originator, a caller or a sender) provides voice responses to several queries (Step S4). The user utterances are converted to a unique voiceprint for the user (Step S6). The voiceprint may be a digital voiceprint and may be stored in a database securely communicating with the voice biometric server 10.
The enrolling process ends (Step S8).
15 [0030] Successively, the user accesses the voice biometric speaker verification system in the voice biometric server 10, and provides a voice sample for verification of its identity (Step S 10). The voice biometric speaker verification system compares the new voice sample print against the voiceprint originally stored from an enrolment process in order to determine if the user is indeed who they claim to be (Step S 12).
20 [0031 ] If the voice pattern matches the stored voiceprint, then authentication is considered successful. However, if the voice pattern does not match, then the sender may be rejected to access network resourceslcomponents administered by the voice biometric server 10.
[0032] The voice biometric server 10 may be employed in government, financial (e.g., 25 bank), and security applications in order to control user access to computer networks, telephony applications, and/or buildings/restricted access areas.
[0033] Referring to Figure 3, the process of authenticating the originator of a facsimile transmission is now described in detail. It is assumed that the voice biometric server 10 is provided to a bank.
_5_ [0034] If a sender wants to fax wire transfer instructions to his or her bank, the sender calls the fax number of the bank (e.g., the number of the fax 22 in Figure 1) using either the handset on the fax machine (e.g. 16 of Figure 1) or on a separate telephone (e.g. 18 of Figure 1) attached in parallel with the fax machine (Step S20).
[0035] The fax call is automatically intercepted by the voice biometric server (i.e.l0 of Figure 1 ), and the sender is prompted to authenticate using voice biometrics (Step S22).
[0036] When the sender is verified as a person who has a right to access the bank system (e.g. fax 22, the computer 24 or the printer 26 of Figure 1) (Step S24), the sender receives authentication from the voice biometric server 10. The sender then presses a send button on the fax machine (e.g. 16 of Figure 1 ) (Step S26).
[0037] It is assumed that the fax sender will wish to have a transaction regarding a particular account number in the bank. Referring Figure 4, authentication and verification steps (e.g. Steps S24 and S26) may include the following steps:
[0038] The voice biometric server 10 automatically generates a message (inquiry) to the sender, such as "Please say your eight digit account number" (Step S30).
[0039] The sender receives the message from the voice biometric server 10, and orally replies to the voice biometric server 10 (Step S32), such as "123-456-78".
[0040] The voice biometric server 10 receivers the reply from the sender and sends a 2o message to the sender, such as: "Thank you. Please wait while I check your account information". The voice biometric server 10 verifies the reply from the sender (Step S34).
[0041] The voice biometric server 10 then sends a message (inquiry) to the sender (Step S36), such as "Okay, that's a valid account. Please say your callback telephone number so that I can verify your voice".
[0042] The sender receives the message from the voice biometric server 10, and orally replies to the voice biometric server 10 (Step S38), such as "902-446-3668".
[0043] The voice biometric server 10 verifies the reply from the caller (Step S40), while sending a message to the sender, such as "Please wait". In response to the verification, the voice biometric server 10 sends a message to the sender (Step S42), such as "Okay your voice has been verified. At the sound of the tone, press the send key on your fax machine".
[0044] The sender will press the send key on his fax machine (S26 of Figure 3). Fax is received by the voice biometric server 10 in an electronic form, and is either stored or forwarded to an existing bank of fax machines or fax servers. Each fax is preceded with a cover sheet containing information on the call characteristics as well as the 1o result of the biometric process. The cover sheet may be generated by the voice biometric server 10.
[0045] The system can be configured to allow any fax through, regardless of the result of the authentication process or to only allow faxes through from authenticated callers.
If the caller fails the voice biometric authentication process, the system can be 15 configured to still allow the fax to be transmitted and received. However, in this case, the fax transaction would indicate that the fax originator failed the authentication process and should therefore by verified via another method or process.
[0046] In the above example, the voice biometric server 10 requests the sender to utter the callback number to perform voice verification. However, it is not limited to 2o the callback number as a person skilled in the art could understand.
[0047] With the voice biometric server 10, banks are able to detect identity theft through enhanced verification and reduce losses from fraudulent financial transactions. The bank will also save costs in call centers, since there is a reduction in live agent intervention during the verification process.
25 [0048] The voice biometric server 10 receives fax in an electronic form and sends the fax to a destination. The voice biometric server 10 may be configured as a fax server as well in order to receive and re-transmit faxes to the final destination.
[0049] The voice biometric server 10 records speaker verification audit logs on system transactions. Audit logs are internal transaction logs that record all _7_ interactions with the system. For example, each log entry may contain date, time, caller line identification, dialled number identification, routing information, fax send/receive data etc. These logs are quired for audit purposes.
[0050] The voice biometric server 10 implements system security methods to protect confidentiality and integrity of system data and transactions. These security methods employ cryptography to encrypt/decrypt stored data and to protect the confidentiality of this data.
[0051 ] The voice biometric server 10 implements system administration security access control. The security access control methods ensure that only authorised users 1o have access to the server in order to administer it and/or change system settings.
[0052] Figure 5 shows one example of a process for acquiring a unique identifier.
Figure 6 shows one example of a process for preventing user identity spoofing.
A
module implementing these processes of Figures 5-6 may be embedded in the voice biometric server 10 of Figure 1. Fraudster attempts to impersonate a valid user 15 through identity spoofing, for example, by attempting to surreptitiously record a valid user speaking their utterances and then attempt to access the system by using the recorded utterances. The fraudster attempts to spoof the system by claiming the identity of a valid user and then playing the recorded utterances for the valid user when prompted by the voice biometric system.
20 [0053] The method of Figures 5-6 allows the voice verification and identification based biometric system ( 10 of Figure 1 ) to identify user utterances that are recordings of previous utterances and to detect identity spoofing to the voice biometric server ( 10 of Figure 1).
[0054] The method of Figures 5-6 derives a unique signature or representation of a 2s recorded voice utterance from a user, preferably a digital signal processing method.
[0055] Refernng to Figure 5, each time a user interacts with the voice biometric server (10) and provides an utterance either for enrollment or for verification, a unique characteristic identifier for the utterance is derived through signal processing methods _g_ by analyzing the frequency domain spectrum. This unique characteristic identifier is then stored with the utterance in the voice biometric system database.
[0056] Referring to Figure 6, a user provides an audio sample, which is received by the voice authentication system. A second unique identifier is generated for this audio sample by analyzing the frequency domain spectrum. This second identifier is compared to the first identifier which is stored in a database to determine whether there is a match or not.
[0057] It is apparent to a person skilled in the art that the method and system described in Figure 6 can be used both for the user verification or user identification, and can be either text dependant or text independent.
[0058] The analysis of the frequency domain spectrum and the calculation of the unique identifier can be performed, for example by a microprocessor, a digital signal processor or any other means known to those skilled in the art.
[0059] The module for implementing the processes of Figures 5-6 operates in real-time to detect user identity spoofing attempts to prevent fraudulent access.
The module for implementing the processes of Figures 5-6 can identify attempts to conduct identity spoofing with copied digital audio files, even when the audio data has been partially manipulated to inject noise or other spurious data.
[0060] According to the embodiment of the present invention, the voice biometric 2o server 10 may include text dependent and independent voice biometric system(s).
[0061 ] According to the embodiment of the present invention, the voice biometric server 10 performs voice biometric verification and identification system(s).
[0062] According to the embodiment of the present invention, the voice biometric server 10 operates with all types of originating facsimile transmission devices and all 25 types of receiving facsimile device(s). The facsimile devices include any fax device that can receive a standard facsimile transmission. These devices include, but are not limited to, stand-alone fax machines, fax servers, and fax-to-email services.
[0063] According to the embodiment of the present invention, the voice biometric server 10 authenticates the identity of a facsimile originator prior to facsimile transmission.
[0064] According to the embodiment of the present invention, the authentication process is automated through voice biometrics.
[0065] According to the embodiment of the present invention, the voice biometric server 10 can positively links the identity of the fax originator to the fax transmission.
[0066] The voice verification, the voice identification and the authentication of the present invention may be implemented by any hardware, software or a combination of hardware and software having the above described functions. The software code, either in its entirely or a part thereof, may be stored in a computer readable medium.
Further, a computer data signal representing the software code which may be embedded in a Garner wave may be transmitted via communication network. Such a computer readable medium and, a computer data signal and carrier wave are also within the scope of the present invention, as well as the hardware, software and the combination thereof.
[0067] The present invention has been described with regard to one or more embodiments. However, it will be apparent to person skilled in the art that a number of variations and modifications can be made without departing from the scope of the invention as defined in the claims.
- to -
[0028] Referring to Figure 2, the voice biometric speaker verification is performed in the following manner:
[0029] Enrolling process starts (Step S2). To enrol in a system administered by the to voice biometric server 10, a user (an originator, a caller or a sender) provides voice responses to several queries (Step S4). The user utterances are converted to a unique voiceprint for the user (Step S6). The voiceprint may be a digital voiceprint and may be stored in a database securely communicating with the voice biometric server 10.
The enrolling process ends (Step S8).
15 [0030] Successively, the user accesses the voice biometric speaker verification system in the voice biometric server 10, and provides a voice sample for verification of its identity (Step S 10). The voice biometric speaker verification system compares the new voice sample print against the voiceprint originally stored from an enrolment process in order to determine if the user is indeed who they claim to be (Step S 12).
20 [0031 ] If the voice pattern matches the stored voiceprint, then authentication is considered successful. However, if the voice pattern does not match, then the sender may be rejected to access network resourceslcomponents administered by the voice biometric server 10.
[0032] The voice biometric server 10 may be employed in government, financial (e.g., 25 bank), and security applications in order to control user access to computer networks, telephony applications, and/or buildings/restricted access areas.
[0033] Referring to Figure 3, the process of authenticating the originator of a facsimile transmission is now described in detail. It is assumed that the voice biometric server 10 is provided to a bank.
_5_ [0034] If a sender wants to fax wire transfer instructions to his or her bank, the sender calls the fax number of the bank (e.g., the number of the fax 22 in Figure 1) using either the handset on the fax machine (e.g. 16 of Figure 1) or on a separate telephone (e.g. 18 of Figure 1) attached in parallel with the fax machine (Step S20).
[0035] The fax call is automatically intercepted by the voice biometric server (i.e.l0 of Figure 1 ), and the sender is prompted to authenticate using voice biometrics (Step S22).
[0036] When the sender is verified as a person who has a right to access the bank system (e.g. fax 22, the computer 24 or the printer 26 of Figure 1) (Step S24), the sender receives authentication from the voice biometric server 10. The sender then presses a send button on the fax machine (e.g. 16 of Figure 1 ) (Step S26).
[0037] It is assumed that the fax sender will wish to have a transaction regarding a particular account number in the bank. Referring Figure 4, authentication and verification steps (e.g. Steps S24 and S26) may include the following steps:
[0038] The voice biometric server 10 automatically generates a message (inquiry) to the sender, such as "Please say your eight digit account number" (Step S30).
[0039] The sender receives the message from the voice biometric server 10, and orally replies to the voice biometric server 10 (Step S32), such as "123-456-78".
[0040] The voice biometric server 10 receivers the reply from the sender and sends a 2o message to the sender, such as: "Thank you. Please wait while I check your account information". The voice biometric server 10 verifies the reply from the sender (Step S34).
[0041] The voice biometric server 10 then sends a message (inquiry) to the sender (Step S36), such as "Okay, that's a valid account. Please say your callback telephone number so that I can verify your voice".
[0042] The sender receives the message from the voice biometric server 10, and orally replies to the voice biometric server 10 (Step S38), such as "902-446-3668".
[0043] The voice biometric server 10 verifies the reply from the caller (Step S40), while sending a message to the sender, such as "Please wait". In response to the verification, the voice biometric server 10 sends a message to the sender (Step S42), such as "Okay your voice has been verified. At the sound of the tone, press the send key on your fax machine".
[0044] The sender will press the send key on his fax machine (S26 of Figure 3). Fax is received by the voice biometric server 10 in an electronic form, and is either stored or forwarded to an existing bank of fax machines or fax servers. Each fax is preceded with a cover sheet containing information on the call characteristics as well as the 1o result of the biometric process. The cover sheet may be generated by the voice biometric server 10.
[0045] The system can be configured to allow any fax through, regardless of the result of the authentication process or to only allow faxes through from authenticated callers.
If the caller fails the voice biometric authentication process, the system can be 15 configured to still allow the fax to be transmitted and received. However, in this case, the fax transaction would indicate that the fax originator failed the authentication process and should therefore by verified via another method or process.
[0046] In the above example, the voice biometric server 10 requests the sender to utter the callback number to perform voice verification. However, it is not limited to 2o the callback number as a person skilled in the art could understand.
[0047] With the voice biometric server 10, banks are able to detect identity theft through enhanced verification and reduce losses from fraudulent financial transactions. The bank will also save costs in call centers, since there is a reduction in live agent intervention during the verification process.
25 [0048] The voice biometric server 10 receives fax in an electronic form and sends the fax to a destination. The voice biometric server 10 may be configured as a fax server as well in order to receive and re-transmit faxes to the final destination.
[0049] The voice biometric server 10 records speaker verification audit logs on system transactions. Audit logs are internal transaction logs that record all _7_ interactions with the system. For example, each log entry may contain date, time, caller line identification, dialled number identification, routing information, fax send/receive data etc. These logs are quired for audit purposes.
[0050] The voice biometric server 10 implements system security methods to protect confidentiality and integrity of system data and transactions. These security methods employ cryptography to encrypt/decrypt stored data and to protect the confidentiality of this data.
[0051 ] The voice biometric server 10 implements system administration security access control. The security access control methods ensure that only authorised users 1o have access to the server in order to administer it and/or change system settings.
[0052] Figure 5 shows one example of a process for acquiring a unique identifier.
Figure 6 shows one example of a process for preventing user identity spoofing.
A
module implementing these processes of Figures 5-6 may be embedded in the voice biometric server 10 of Figure 1. Fraudster attempts to impersonate a valid user 15 through identity spoofing, for example, by attempting to surreptitiously record a valid user speaking their utterances and then attempt to access the system by using the recorded utterances. The fraudster attempts to spoof the system by claiming the identity of a valid user and then playing the recorded utterances for the valid user when prompted by the voice biometric system.
20 [0053] The method of Figures 5-6 allows the voice verification and identification based biometric system ( 10 of Figure 1 ) to identify user utterances that are recordings of previous utterances and to detect identity spoofing to the voice biometric server ( 10 of Figure 1).
[0054] The method of Figures 5-6 derives a unique signature or representation of a 2s recorded voice utterance from a user, preferably a digital signal processing method.
[0055] Refernng to Figure 5, each time a user interacts with the voice biometric server (10) and provides an utterance either for enrollment or for verification, a unique characteristic identifier for the utterance is derived through signal processing methods _g_ by analyzing the frequency domain spectrum. This unique characteristic identifier is then stored with the utterance in the voice biometric system database.
[0056] Referring to Figure 6, a user provides an audio sample, which is received by the voice authentication system. A second unique identifier is generated for this audio sample by analyzing the frequency domain spectrum. This second identifier is compared to the first identifier which is stored in a database to determine whether there is a match or not.
[0057] It is apparent to a person skilled in the art that the method and system described in Figure 6 can be used both for the user verification or user identification, and can be either text dependant or text independent.
[0058] The analysis of the frequency domain spectrum and the calculation of the unique identifier can be performed, for example by a microprocessor, a digital signal processor or any other means known to those skilled in the art.
[0059] The module for implementing the processes of Figures 5-6 operates in real-time to detect user identity spoofing attempts to prevent fraudulent access.
The module for implementing the processes of Figures 5-6 can identify attempts to conduct identity spoofing with copied digital audio files, even when the audio data has been partially manipulated to inject noise or other spurious data.
[0060] According to the embodiment of the present invention, the voice biometric 2o server 10 may include text dependent and independent voice biometric system(s).
[0061 ] According to the embodiment of the present invention, the voice biometric server 10 performs voice biometric verification and identification system(s).
[0062] According to the embodiment of the present invention, the voice biometric server 10 operates with all types of originating facsimile transmission devices and all 25 types of receiving facsimile device(s). The facsimile devices include any fax device that can receive a standard facsimile transmission. These devices include, but are not limited to, stand-alone fax machines, fax servers, and fax-to-email services.
[0063] According to the embodiment of the present invention, the voice biometric server 10 authenticates the identity of a facsimile originator prior to facsimile transmission.
[0064] According to the embodiment of the present invention, the authentication process is automated through voice biometrics.
[0065] According to the embodiment of the present invention, the voice biometric server 10 can positively links the identity of the fax originator to the fax transmission.
[0066] The voice verification, the voice identification and the authentication of the present invention may be implemented by any hardware, software or a combination of hardware and software having the above described functions. The software code, either in its entirely or a part thereof, may be stored in a computer readable medium.
Further, a computer data signal representing the software code which may be embedded in a Garner wave may be transmitted via communication network. Such a computer readable medium and, a computer data signal and carrier wave are also within the scope of the present invention, as well as the hardware, software and the combination thereof.
[0067] The present invention has been described with regard to one or more embodiments. However, it will be apparent to person skilled in the art that a number of variations and modifications can be made without departing from the scope of the invention as defined in the claims.
- to -
Claims (16)
1. A server for authenticating the identity of an originator of a facsimile transmission, comprising:
a voice biometric module for a speaker verification with a voiceprint;
an intercepting module for automatically intercepting a fax request from the originator;
a request module for requesting a voice reply to the originator;
an authentication module for authenticating the originator in response to the speaker verification by the voice biometric module using the voice reply and the voiceprint; and means for allowing the originator the fax transmission in response to the authentication result.
a voice biometric module for a speaker verification with a voiceprint;
an intercepting module for automatically intercepting a fax request from the originator;
a request module for requesting a voice reply to the originator;
an authentication module for authenticating the originator in response to the speaker verification by the voice biometric module using the voice reply and the voiceprint; and means for allowing the originator the fax transmission in response to the authentication result.
2. A server according to claim 1, wherein the voice biometric module includes a module for enrolling the sender before the fax transmission and a module for forming the voiceprint based on voice sampling of a caller.
3. A server according to claim 2, wherein the voice biometric module includes a module for forming the voiceprint based on the voice sampling.
4. A server according to any one of claims 1 to 3, further comprising a receiver for receiving, in an electronic form, the fax from the originator.
5. A server according to any one of claims 1 to 4, further comprising a generator for generating a fax cover sheet containing information on the characteristics of the sender and the result of the biometric process.
6. A server according to any one of claims 1 to 5, further comprising a module for generating speaker verification audit logs on system transactions.
7. A server according to any one of claims 1 to 5, further comprising a module for protecting confidentiality and integrity of system data and transactions.
8. A server according to any one of claims 1 to 7, further comprising a module for performing a system administration security access control.
9. A method of authenticating the identity of an originator of a facsimile transmission, comprising the steps of:
generating a voiceprint based on voice sampling;
automatically intercepting a fax request from the originator;
requesting a voice reply to the originator;
verifying the originator based on the voice reply and voiceprint; and authenticating the originator in response to the verification, and allowing the originator the fax transmission.
generating a voiceprint based on voice sampling;
automatically intercepting a fax request from the originator;
requesting a voice reply to the originator;
verifying the originator based on the voice reply and voiceprint; and authenticating the originator in response to the verification, and allowing the originator the fax transmission.
10. A method according to claim 9, further comprising the step of sampling the voice of a caller and enrolling the caller.
11. A method according to claim 9 or 10, further comprising the step of receiving, in an electronic form, the fax from the originator.
12. A method according to any one of claims 9 to 11, further comprising the step of generating a fax cover sheet containing information on the characteristics of the sender and the result of the biometric process.
13. A method according to any one of claims 9 to 12, further comprising the step of generating speaker verification audit logs on system transactions.
14. A method according to any one of claims 9 to 13, further comprising the step of protecting confidentiality and integrity of system data and transactions.
15. A method according to any one of claims 9 to 14, further comprising the step of performing a system administration security access control.
16. A system for authenticating the identity of an originator of a facsimile transmission, comprising:
a server provided between the originator and a receiving system including:
a voice biometric module for a speaker verification with a voiceprint;
an intercepting module for automatically intercepting a fax request from the originator;
a request module for requesting a voice reply to the originator;
an authentication module for authenticating the originator in response to the speaker verification by the voice biometric module using the voice reply and the voiceprint; and means for allowing the originator the fax transmission in response to the authentication result, a fax system for the originator including:
a fax machine fox sending a fax document; and a telephony system for communicating with the server.
a server provided between the originator and a receiving system including:
a voice biometric module for a speaker verification with a voiceprint;
an intercepting module for automatically intercepting a fax request from the originator;
a request module for requesting a voice reply to the originator;
an authentication module for authenticating the originator in response to the speaker verification by the voice biometric module using the voice reply and the voiceprint; and means for allowing the originator the fax transmission in response to the authentication result, a fax system for the originator including:
a fax machine fox sending a fax document; and a telephony system for communicating with the server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA 2496357 CA2496357A1 (en) | 2005-02-04 | 2005-02-04 | Method and system for authenticating the originator of an electronic facsimile transmission |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA 2496357 CA2496357A1 (en) | 2005-02-04 | 2005-02-04 | Method and system for authenticating the originator of an electronic facsimile transmission |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2496357A1 true CA2496357A1 (en) | 2006-08-04 |
Family
ID=36764102
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA 2496357 Abandoned CA2496357A1 (en) | 2005-02-04 | 2005-02-04 | Method and system for authenticating the originator of an electronic facsimile transmission |
Country Status (1)
| Country | Link |
|---|---|
| CA (1) | CA2496357A1 (en) |
-
2005
- 2005-02-04 CA CA 2496357 patent/CA2496357A1/en not_active Abandoned
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU773107B2 (en) | Dual network system and method for online authentication or authorization | |
| US7870599B2 (en) | Multichannel device utilizing a centralized out-of-band authentication system (COBAS) | |
| US8082448B2 (en) | System and method for user authentication using non-language words | |
| US5940799A (en) | System and method for securing speech transactions | |
| CA2544059C (en) | Use of public switched telephone network for capturing electronic signatures in on-line transactions | |
| US20070220275A1 (en) | WEB AUTHORIZATION BY AUTOMATED INTERACTIVE PHONE OR VoIP SESSION | |
| WO2005107137A2 (en) | Method and apparatus for authenticating users using two or more factors | |
| AU2003231813A1 (en) | Use of public switched telephone network for authentication and authorization in on-line transactions | |
| JP2006525563A (en) | User and web site authentication method and apparatus | |
| JP2001505688A (en) | Speech recognition for information system access and transaction processing | |
| US8635454B2 (en) | Authentication systems and methods using a packet telephony device | |
| US9686270B2 (en) | Authentication systems and methods using a packet telephony device | |
| US20080301800A1 (en) | System and method for creating a virtual private network using multi-layered permissions-based access control | |
| JP2004185454A (en) | User authentication method | |
| CA2496357A1 (en) | Method and system for authenticating the originator of an electronic facsimile transmission | |
| JP3897299B2 (en) | Authentication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FZDE | Dead |