IL122023A - Non-transferable bio-metric token-based identification method and devices - Google Patents

Non-transferable bio-metric token-based identification method and devices

Info

Publication number
IL122023A
IL122023A IL122023A IL12202397A IL122023A IL 122023 A IL122023 A IL 122023A IL 122023 A IL122023 A IL 122023A IL 12202397 A IL12202397 A IL 12202397A IL 122023 A IL122023 A IL 122023A
Authority
IL
Israel
Prior art keywords
identification
voice
characteristic
holder
portable device
Prior art date
Application number
IL122023A
Other languages
Hebrew (he)
Other versions
IL122023A0 (en
Original Assignee
Enco Tone Ltd
Isaac J Labaton
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Enco Tone Ltd, Isaac J Labaton filed Critical Enco Tone Ltd
Priority to IL122023A priority Critical patent/IL122023A/en
Publication of IL122023A0 publication Critical patent/IL122023A0/en
Priority to EP98952949A priority patent/EP1031139A4/en
Priority to PCT/IB1998/001835 priority patent/WO1999022362A1/en
Priority to CA002307161A priority patent/CA2307161A1/en
Priority to AU10485/99A priority patent/AU1048599A/en
Publication of IL122023A publication Critical patent/IL122023A/en

Links

Classifications

    • GPHYSICS
    • G10MUSICAL INSTRUMENTS; ACOUSTICS
    • G10LSPEECH ANALYSIS TECHNIQUES OR SPEECH SYNTHESIS; SPEECH RECOGNITION; SPEECH OR VOICE PROCESSING TECHNIQUES; SPEECH OR AUDIO CODING OR DECODING
    • G10L17/00Speaker identification or verification techniques

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • Acoustics & Sound (AREA)
  • Multimedia (AREA)
  • Storage Device Security (AREA)

Description

A NON-TRANSFERABLE BIOMETRIC TOKEN BASED IDENTIFICATION METHOD AND DEVICES lira ^ ai (token) ΤΓΤΤ -ptt?a»a βη»·»» ooiaan uaisa ·η,ττ -nay -ntpaai nwu? mayn1? A Non-Transferable Bio-metric token-based Identification method and device Isaac J. Labaton Technical Field The present invention relates, generally, to the identification of persons which holds a non-transferable portable device, and more particularly to methods and apparatus for: Analyzing the voice characteristic of a person-to-be-identified , Storing in a portable device the said characteristic; and each time the identification of the portable device's Holder should be carried on: the portable device reproducing and transmitting to an Identification server the said characteristic and the Holder utters to such server whereas an Identification server will compare the portable device message carrying the voice characteristic of the person-to-be-identified with the Holder's voice characteristic and decide if both persons are the same or, otherwise, the Holder is an impostor.
Background Art and Technical Problems The technology by which the voice of a person can be characterized and the person can be recognized by mean of his/her voice analysis is already mature and we will refer to such technology as a Speaker ( identity) Verification Software, using the semantic in use in the Speaker Verification Application Programming Interface (SVAPI) projected standard.
Nevertheless, the usage of such technologies for Identification has several problems. First, the percent of error in the identification, estimated as about 3%, bring forth the conclusion that the said technology is non-reliable enough for financial transactions. Second, the fact that the Identification device needs a database whereas the person-to-be-identified's Voice Characteristic (in the following referred as VoicePrint) is stored for comparison purposes. The need of such databases at the Identification Node limits the usage of such technology for some of the applications.
Therefore, there is a need for a new methodology and devices, which will improve substantially the percent of success in the Identification, and reduce the error rate, in one side, but also, make such Identification doable without the need of a database at the decryption node or ID node.
Such new methodology is one of the objects of this invention.
Another object of this invention are devices in order to implement the said methodology, being such devices a) a Personalization Machine, B) a Token (electronic portable device) which will keep the VoicePrint or alternately, a chip (in a cellular phone or other device) or a chip card, and C) an ID Server which will receive the VoicePrint from the Token and the voice of the Token's Holder (or cellular's Holder) or several variations as we will describe later.
Summary of the Invention The method of this invention is designed for solving the identification problems of persons which hold a portable device referred as Bio-Token and the problem of certifications of voice documents (in the following the said person will be referred as the Device's Holder or just Holder).
The method consists of the use of Speaker (identity) Verification Software, which are commercially available, in order to obtain the VoicePrint of the Rightful owner of the portable device, referred in the following as the Device's Owner or just the Owner.
The method comprises the step of providing Owner's ID Data to the same device (see fig #1), which can include his or her name and or address and or driver license and or passport number and or any identity card, and/or the transaction data, and or amounts of money, like the credit limits (for Debit Card usage).
The method comprises the optional step of encrypting the VoicePrint and the Owner's identification data, being such encryption step referred, in the following, as the Static Encryption.
The method comprises also the steps of storing into a personal portable electronic device referred as Bio-Token, hold by the person-to-be-identified (the Holder), such VoicePrint and ID Data or the Static Encryption result.
The method also includes the steps of: distributing Identifications servers (or Identification software) whereas such servers have installed and have the capabilities to operate, among others capabilities, the same Speaker (identity) Verification Software previously used to create the VoicePrint at the Personalization procedure, and have the capability (software and keys) to Statically Decrypt VoicePrints and ID Data.
The identification method of this invention also includes the steps of: Each time that Device's Holder need to be identified, the Holder actuates the Bio-Token, optionally, by entering a PIN on such Bio-Token, whereas, the said Bio-Token will read from its electronic memory the Voice Print of the Authorized Device Owner, previously entered, and merge or concatenate such digits with a time stamp or use any other method in order to create a dynamic message (like a sequential method), whereas such dynamic message is encrypted by the Bio-Token (referred in the following as the Dynamic Encryption) , being the result of such Dynamic Encryption referred as the Cipher.
The method also includes an optional step of encoding such Cipher, into sound. The encoded Cipher will be referred in the following as the Acoustic Cipher The audio signals which represents the encoded version of the Cipher (acoustic Cipher.), in one side, and the voice of the owner, are received by the ID Server, directly on the spot or, indirectly, i.e. transmitted by any media of communication, like phone, Internet, data transmission lines, etc. reaching eventually, on line or off line, the ID Server.
The Cipher, encoded or not, should reach the ID Server, on-line or off-line, together with the voice of the Device's Holder, being such voice string, preferentially, the answer to a variable question or request, i.e.: "please repeat the words: Bill Clinton", or " say the date and time in minutes, hours, days and years" or "say, please the transaction data, if any, to be certified by this identification".
According with the method of this invention, the ID Server will decrypt the Cipher (the Dynamic Decryption) obtaining the Statically Encrypted VoicePrint and also, the ID Server will Statically Decrypt it recuperating the VoicePrint (in the following the Computed Result).
The method of this invention also includes the step of analyzing the said Voice string received by the ID Server (Device Holder response) by means of the said Speaker (identity) Verification Software and the comparison of such analysis results with the Computed Result.
Naturally, if both results are similar, within a pre-established tolerance, the ID Server will conclude that the Authorized Owner of the portable device is the present Device Holder, whose voice response has been analyzed. Due to the fact that the Cipher also includes the authorized owner's ID Data and/or the transaction data, like his name and or address and or driver license and or passport number, etc., etc., therefore the ID Server will have the said ID Data certified, with the absolute certainty that the data correspond to the said present Device Holder and avoiding the possibility that the Device Holder is an impostor.
In accordance with a further aspect of the present invention an alternative method for remote identification is presented by which the Bio-Token generates a sample of the owners voice. More precisely, the Bio-Token reproduces a sample of the Owner's voice, which was pre-recorded by the Personalization Machine, and stored into the Bio-Token during the personalization procedure. This sample is scrambled, before being converted into sound, by mixing it with an encoded number, being this number a variable number, with a very large cycle for repetitions, referred, in the following, as the pseudo random number.
The Owner's voice sample mixed with the pseudo random number is referred in the following as the scrambled Owner Voice Sample According with this alternative aspect of the present invention, each time the Bio-Token Holder need to identify himself against the ID Server, the Bio-Token computes a new dynamic password or digital signature, which carries embedded the Owner's ID Data and also the data how to compute the said pseudo random number for scrambling purposed, where, this last data is referred in the following as the pseudo random number's Seed or just Seed.
The Bio-Token encodes the dynamic password or digital signature and the scrambled Owner's Voice Sample into sound, referred in the following as the Scrambled Acoustic Message.
This Scrambled Acoustic Message reaches the ID Server, together with the Holder's voice, preferable, the same words of the Owner's voice sample. The ID Server decodes the dynamic password or digital signature and decrypts it recuperating the Owner's ID Data and the Seed. By means of the Seed the ID Server computes the pseudo random number and, with such information de-scrambled the received scrambled Owner's Voice Sample recuperating the Owner's voice sample. The ID Server now analyze such sample and the Holder's voice, by means of speaker verification software, concluding, by last, if they are similar or not.
In a positive case, the ID Server will display or transmit the owner's ID Data received.
The devices of this invention comprise systems composed by Personalization Machines, a multitude of Tokens, and a multitude of ID Servers.
The Personalization Machine is, essentially, a machine able: to read from one or several media, like Hard Disk, floppy disks, RAM, ROM, Dangles, PCMCIA, Chip cards or other; to record and analyze voice: to run Speaker (identity) Verification Software, to generate VoicePrints, to elaborate VoicePrints and to write onto Tokens memory.
The Tokens are portable electronic devices with memory, with the capability to read from the Token memory, to compute, to encrypt, and to encode results into sound.
The ID Servers are devices able to read from one or several media, like Hard Disk, floppy disks, RAM, ROM, Dangles, PCMCIA, Chip cards or other; to record, digitize and analyze voice; to run Speaker (identity) Verification Software, to generate VoicePrints, to elaborate such VoicePrints and to record, digitize and analyze Tokens generated Acoustic Messages including acoustic Ciphers.
Brief Description of the Drawing Figures The subject invention will hereinafter be described in conjunction with the appended drawing figures, wherein like numerals do not designate like elements, and: figure #1 represents the flow diagram of the Personalization Machine (PM) functionality, for one particular case referred in the following. figure #2 represents the flow diagram of the Personalization Machine (PM) functionality, for another case referred in the following, which include the Static Encryption. figure #3 represents the flow diagram of the Bio-Token functionality, for one particular case referred in the following. figure #4 represents the flow diagram of the Bio-Token functionality, for another case referred in the following, which include the Static Encryption, figure #6 represents the flow diagram of the Bio-Token functionality, for another case referred in the following, which include the Static Encryption and also includes the generation of calibration signals to correct distortion effects, figure #7 represents the flow diagram of the ID Server functionality, figure #8 represents the flow diagram of the ID Server functionality, with Static Encryption figure #9 represents the flow diagram of the ID Server functionality, with Static Encryption and also includes the use of calibration signals to correct distortion effects figure #10 represents the flow diagram of the identification process , the token and the ID Server working flow. figure #1 1 represents the flow diagram of the identification process , the token and the ID Server working flow, whereas .the ID Server reads the secrets keys from a chip-card figure #12 represents the flow diagram of the identification process , the token and the ID Server working flow, whereas ,the ID Server reads the secrets keys from a chip-card, and do Static decryption figure #13 represents a flow diagram of a portion of a chip software to be installed . One of the applications is in cellular phones , in order to eliminate the cloning fraud. figure #14 represents a flow diagram Debit-Card refilling machine functionality figure #15 represents the block diagram of the Bio-Token or the ROV-Bio-Token components figure #16 represents a model for the implementation of the method of the invention for a kind of Travelers Check application figure #17 represents a model for the implementation of the method of the invention for a kind of Debit-Card application figure #18 represents a block diagram for the implementation of the method of the invention for a kind of debit-Card application figure #19 represents a variation of the method of this invention , referred as ROV and specifically , the Personalization Machine. The Static Encryption is not shown in order to simplify the flow diagram of the functionality. figure #20 represents a variation of the method of this invention , referred as ROV and specifically , the Token. The Static Encryption is not shown in order to simplify the flow diagram of the functionality figure #21 represent a model for the scrambling of the Real Owner's Voice specimen, specifically , the computation of the samples of the SN figure #22 represents a variation of the method of this invention , referred as ROV and specifically , the ID-Server. The Static Encryption is not shown in order to simplify the flow diagram of the functionality figure #25 represent a model for the de-scrambling of the Real Owner's Voice specimen, and specifically , the computation of the samples of the SN at the ID-Server figure #26 represents a variation of the method of this invention , referred as ROV and specifically , an example of its application for a cellular anti-clone use. The Static Encryption is not shown in order to simplify the flow diagram of the functionality.
Detailed Description of Preferred Exemplary Embodiments A preferred embodiment of the identification scheme, which is the subject of the present invention, is conveniently described in the context of a remote identification system and methods; whereas the method of this invention is designed for solving the identification problems of persons which hold a portable device referred as Bio-Token or just "Token" (in the following the said person will be referred as the Device's Holder or just Holder). The method is also designed to solve the problem of certifications of utterances.
The method consists of the following steps: Personalizing the Bio-Token. This step includes the sub-steps of: entering the Bio-Token on a specific machine referred as a Personalization Machine, (see fig. 1) Entering the Owner's ID Data Capturing an Owner's utterance Generating the VoicePrint, by means of commercially available speech recognition software or Speaker Verification Software, Writing or registering into the Token's memory the said Owner's ID Data and VoicePrint (optionally, registering on a chip-card which will be inserted on the Token) and the step of proper identification of the Holder by the ID Server (see fig #10 and 11), step which includes the sub-steps of: the Token's Holder actuates the Bio-Token (see fig 3) and utters whereas the ID Server receives the Acoustic Message generated by the Bio-Token and the Holder's voice (see fig 7) and makes comparisons.
This methodology, in the most basic case (case #1) can be described, in blocks, with the help of fig 10 where the identification flow is shown.
Referring now to fig #3. When the Token is switched on, the Holder should enter a Personal Identification Number (optional), and the Token will read from the Token's memory the VoicePrint and the Owner's ID Data, or, alternatively, it can read from a chip card where the VoicePrint and/or the Owner's ID Data are stored. The Token encrypts the VoicePrint, the Owner's ID Data and the Generation Time (i.e.: present GMT time and date) into a Cipher, in a way such that each and any Cipher is distinct from the previous one, and the repetition cycle is very large( i.e.: tents of years). A preferred encryption scheme is such described in US patent 5,524,072 (PCT/US92/10492).
Due to the fact that two main features which this invention requests for this step, are that the Cipher should carry the time and date of the moment of computing the Cipher referred as Generation Time, (i.e.; GMT) and consequently that the Cipher should be variable, we will refer to this encryption step as the Dynamic Encryption (see block #4 on fig.3).
Optionally, the Token can encode the Cipher into sound (Acoustic Cipher) using MODEM techniques or any other method of encoding digits into sound (see blocks #5 and 6 on fig.3).
Referring now to the ID Server functionality, as described in fig 7: The method includes, for the basic case, the steps of: The ID Server receiving the Acoustic Message from the Token and the Holder's voice, and registering the time of arrival of such Acoustic Message (referred in the following as the Capture Time) decrypting the Dynamic Encryption recuperating the VoicePrint, the ID Data and the Generation Time analyzing the Holder's utterance by means of the said commercially available soft comparing the VoicePrint, received within the Cipher, with the results of the said analysis, and, if they are similar according with pre-established tolerances, then checking the Capture Time against the recuperated Generation Time transmitted embedded with the Cipher, in order to avoid intercepted Acoustic Messages, and, eventually, if OK , proceed with the display or/and transmission of the Owner' s ID Data.
A variation of the method of this invention is also designed for solving the identification problems of persons, which hold a Bio-Token, and the problem of certifications of voice documents.
The method consists of the steps of: Personalizing the Bio-Token, step that includes the sub-steps of, (see fig. 2): Loading the Personalization machine with encryption keys entering the Bio-Token on the Personalization Machine entering the Owner's ID Data Capturing the Owner's voice Generating the VoicePrint, Optionally, compressing, and/ or mathematically elaborating such VoicePrint, like averaging it, or/and hashing it Encrypting the VoicePrint, and/or the ID Data, using system's keys, i.e.: using a system's private key for the VoicePrint and or using a private key (referred as SSPrK#1) for encrypting the Owner's name and address; using a private key (referred as SSPrK#2) for encrypting the Owner's Driver license data; using a private key (referred as SSPrK#3) for encrypting the Owner's passport data, using a private key (referred as SSPrK#4) for encrypting the Owner's Credit Card data; using a private key ( referred as SSPrK#5)for encrypting the Owner's Social Security number, and so on, for Security agencies, encrypting pertinent data about the Owner ( say SSPr#n ).
In order to differentiate such fix and no-time-variable encrypting step from the previously defined Dynamical encryption; we will refer to this step as the Static Encryption, and the keys as System's Static Encryption Keys The method includes the step of writing or registering into the Token memory the said Statically Encrypted Owner's ID Data and VoicePrint and the step of proper identification of the Holder by the ID Server (see fig #12), step which includes the sub-steps of : the Token's Holder actuates the Bio-Token (see fig 4) and speaks and the ID Server receives the Acoustic Message generated by the Bio-Token and the Holder's voice (see fig 8).
This methodology, (case#2) can be described, in blocks, with the help of fig 12 where the identification flow is shown.
We will refer now to fig #4. When the Token is switched on, the Holder should enter a Personal Identification Number (optional), and the Token will read from the Token's memory the said Statically Encrypted VoicePrint and Owner's ID Data, or, alternatively, it can read from a chip card where the VoicePrint and/or the Owner's ID Data are stored. The Token Dynamically encrypts the VoicePrint, the Owner's ID Data and the Generation Time as said before into a Cipher.
Optionally, the Token can encode the Cipher into sound (Acoustic Cipher).
Referring now to the ID Server functionality, as described in fig 8: The method includes, the steps of: The ID Server receiving the Acoustic Message from the Token and the Holder's utterance, and registering the Capture Time, decrypting the Dynamic Encryption recuperating the said Statically Encrypted VoicePrint , the ID Data and the Generation Time, Statically decrypting the VoicePrint (i.e.: using the system's public key) analyzing the Holder's voice comparing the VoicePrint, with the results of the said analysis, and, if they are similar according with pre-established tolerances, then checking the Capture Time against the recuperated Generation Time transmitted embedded with the Cipher, in order to avoid intercepted Acoustic Messages, and, eventually, if OK , proceed with the Static Decryption as follows: using the correspondent key( i.e. the public key to SSPr#j j=1 ,,,n)) , according with the ID Server level of data accessibility, or keys availability (i.e.: Police Department's ID Servers may have all the public keys) , in order to access to different levels of Owner's ID data, (i.e.: if the ID Server holds only the Static System's Public Keys #1 and 2 ( referred as SSPuK#1and SSPuK#2) will be able to Statically Decrypt only the Owner's name and address (using SSPuK#1) and the Owner's Driver license (using the public key referred as SSPuK#2) ). The method also includes the optional step of displaying or/and transmitting the available portion of the Owner' s ID Data .
In accordance with a further aspect of the present invention an alternative method for remote identification is presented by which the Bio-Token utters a specific Owner's Voice specimen or utterance.
More precisely, the said Bio-Token referred as the Real Owner's Voice(ROV) Storing and Scrambling Token, or ROV-Bio-Token reproduces or utters an specimen of the Owner's voice, which was pre-recorded by the PM (Personalization Machine), and stored into the ROV-Bio-Token during the personalization procedure (see fig. 19, where the optional Static Encryption was not included in order to simplify the explanation).
The said Real Owner's Voice specimen is scrambled by the ROV-Bio-Token, before being uttered ( the result of this step is referred as the Scrambled Real Owner's Voice specimen or Scrambled ROV Specimen).
The said scrambling step is a variable-result-scrambling-step in order to avoid misuse or fraud , like the recording and posterior usage of the Scrambled Real Owner's Voice specimen in order to impersonate the Owner. According with this aspect of the method of this invention, in spite that the Real Owner's Voice specimen is constant, due to the fact that is scrambled using a different scrambling factor each time, factor which become obsolete soon after the use of it the consequence is that the Scrambled Real Owner's Voice specimen also becomes obsolete soon after being uttered.
More precisely , the Real Owner's Voice specimen is stored in the token's memory as digits( samples) , being this samples the result of the digitization made in the Personalization Machine.
Now a variable number (referred as the Scrambling Number or SN) computed by the token's CPU is converted into digits as a first step towards its encodification into sound, ( referred as SN Samples). After the said conversion, the SN Samples will become a large set of hex-digits which represents the analog wave sound samples, as the one which would be obtained if the SN was in DTMF tones and is being digitized (a possible method for accomplishing such conversion in a chip is described in a 1993 document of Microchip Technology Inc referred as AN543).
In order to further clarify this scrambling aspect of this invention, let assume, as an example (see fig 21 and 25), that we are after the computation of the variable number SN in hex-digits, i.e.: SN=567fa34590b5278c7ff45639a567fa34590b5278c7ff45639a Now, each one of the numbers will be converted by the token in a concatenation of digits (Samples, referred as SN Samples), whereas, each digit represents the amplitude of the analog sound wave sample, being this sound wave the sound wave resulting of the conversion of the number into DTMF, as an example.
Following with the example, the first digit of SN, the number 5, can be converted in a sound wave, according with the DTMF standard, which consists of 2 frequencies | and f2, Converted to -> A sin ( 2 π fi t + φ i) + B sin ( 2 π f2 1 + φ 2) with a duration of 75 miliseconds and a pause of 10 miliseconds.
Therefore if the sampling rate is 8000 samples per second, the "digitation of the number" will consist of 680 samples ( hex-digits).
Now , if we do the same for each one of the 50 numbers constituting SN, we will have 34000 samples , totaling 4.25 seconds.
According to the method of this invention, the digitaized Real Owner's Voice specimen before being converted into sound by the token is scrambled using the 34000 samples , periodically, that is , for each 4.25 sec of the duration of the Real Owner's Voice specimen.
As an example, this scrambling procedure can be as simple as the sum of the correspondent samples of the specimen and SN samples: Scrambled ROV Specimen Samplep) - ROV Specimen Sample(i) + SN Sample (I) And like this for each /, from 1 to 34000, and starting again if the duration of the Real Owner's Voice specimen, is more than 4.25 sec.
Therefore the scrambling procedure can be accomplished by means of the superposition of the specimen with an encoded number. One example can be as the sum, sample by sample, of the 2 set of numbers, whereas, one of the said sets represent a received and digitaized Scrambled Real Owner's Voice specimen Samples and the other the Scrambling Number samples, preferably, but not necessary, made with the same sampling rate (i.e.: 8000 samples/sec) see fig 21 One fundamental condition of this aspect of the method of this invention is that, in spite that the Real Owner's Voice specimen , stored in the token, is constant and non-timely variable, the Scrambled Real Owner's Voice specimen is constantly variable and will never repeat over a large period of time. Further, due to the fact that the Dynamical Message , which is going concatenated with the Scrambled Real Owner's Voice specimen, also carried the Generation time and date, the recording and posterior usage of the Acoustic message is prevented.
Now according with this aspect of the method, the ROV-Bio-Token computes the SN from a Seed number, a distinct number each time, being this Seed number transmitted embedded with the Acoustic Message, in a way such that, the ROV-ID-Server can recuperate the Seed and re-compute the SN.
The data needed to compute the Scrambling Number is referred in the following, as the Scrambling Number's Seed or just Seed.
The ROV-ID-Server, having the SN, (see fig 25) can compute the SN Samples and deduct such samples from the received and digitaized Scrambled Real Owner's Voice specimen Samples, and, with it, recuperate the Real Owner's Voice specimen Samples. i.e.: ROV Specimen Sample(i) = Scrambled ROV Specimen Sample(i) SN Sample (I) Having recuperate the Real Owner's Voice specimen Samples, the ROV-ID-Server can continue with the Identification procedure as described (as blocks' flow diagram) in fig.22.
As it should be clear, all the numbers and the way of scrambling described above are a way to exemplify the said aspect of the method of this invention.
Another preferred way to exemplify this aspect, is using Modem technology in order to transmit the Acoustic Message whereas the scrambling procedure can be the XORing of the ROV Specimen samples with the SN samples Coming back to fig22, the utterance generated by the token reaches the ID server where is recorded and de-scrambled.
More precisely, and according with this alternative aspect of the present invention, each time the ROV-Bio-Token Holder need to identify himself against the ROV-ID Server, the ROV-Bio-Token computes a new Dynamic Message, which carries embedded the Owner's ID Data, the Generation Time, and also the Seed (see fig 20).
The Bio-Token encodes the Dynamic Message and the Scrambled Owner's Voice Specimen into sound, generating an Acoustic Message referred in the following as the Scrambled Acoustic Message or ROV Acoustic Message.
This Scrambled Acoustic Message reaches the ROV-ID Server, as well as the Holder's voice utterance, which also reaches the ROV-ID Server, whereas, the said utterance's words are preferably, the same words of the Owner's voice specimen. The ROV-ID Server decodes the Dynamic Message and decrypts it recuperating the Owner's ID Data, the Generation Time and the Seed. By means of the Seed the ID Server computes the Scrambling Number and, with such information de-scrambled the received Scrambled Owner's Voice Specimen recuperating the Owner's voice specimen. The ID Server now analyzes such specimen and the Holder's voice, by means of Speaker Verification Software, concluding, by last, if the Holder's voice and Owner's voice utterance (emitted by the token) are similar or not.
In a positive case, the ID Server will display or transmit the owner's ID Data received.
A way to overcome drift problems is presented here, by which 2 or more acoustic messages will be requested by the ID Server, during the session, in a way such that the time elapsed between the Acoustic messages will be set by the ID-Server, and therefore, preventing the possibility of using pre-recorded Acoustic Messages A further variation of the method of this invention is as described before with the addition of: The Bio-Token concatenates to the Acoustic Message a Frequency -Response-Correction- Signals in order to correct the possible distortion due to lack of linearity. These deformations are usually caused by the sound-to-analog electric signal conversion at microphones as well as by the transmission and amplification generated distortions.
The Frequency -Response- Correction- Signals, i.e.: a sample of frequencies with the same amplitude, timely concatenated, can be added at the time the Personalization Machine records the Owner's voice and or at the time of generating the Acoustic Message by the token, (see fig #6 and 9) The information about the complete transmission complex characteristic (gain vs. frequency) can be inferred from the said signals concatenated to the Cipher. This information can be used by the Identification server (ID Server) in order to correct the distortion of the Holder's voice, created by the said transmission complex (including microphone, transmission lines, amplifiers, etc.) According with a further variation of the method of this invention, the Holder can voice a message (i.e.: oral payment order or instructions to his/her broker) and transmit 2 or more acoustic messages (i.e.: at the beginning and at the end of the verbal instructions) in order to avoid potential "session stealing problems" According with a further variation of the method of this invention, the Bio-Token device can be used as a Debit Card.
A method for Acoustic Confirmation based on the comparision of the Owners VoicePrint with the Holder's Voice is presented (see fig 18) Instead of the Personalization Machine process, a Debit Card re-filling process is described by which, an amount of money, to be added to the Debit Card- Bio-Token credit's, is registered in the Token memory (i.e.: $1 ,000.00) (see fig. 14) Now the owner can pay an amount (i.e.: $55 dollars) entering such amount (55) into a keypad equipped Bio-Token device according to the method described in fig 17 whereas, just in order to simplify, we do not include the Static encryption, which is an option. The Bio-Token will transmit the encoded Cipher to the Debiting Machine (ID Server like). This Cipher will include the amount to be paid, Dynamically Encrypted, together with the VoicePrint but not necessarily the Owner's ID data. As before, the Dynamic encryption prevents interception, recording and posterior usage of the acoustic message.
This encrypted amount stored on the Debiting Machine will, per se, be converted to cash at a later time. Continuing with the said example, in the Token's memory it will remain the credit balance of $945.00 for future usage.
According with a further improvement of the method an Acoustic Travelers' Check" hereby is presented: a method, as before, whereas the said Cipher will include the amount paid, doubly encrypted, together with the VoicePrint and necessarily the Owner's ID data. This is to say the transaction is not anonymous, like in a debit card, but an identified transaction, like in a Travelers' Check.
The Debiting Machine will decrypt only one step of the double encryption, and, use part of the result (referred as pseudo-random number) as a seed number for generating a Challenge as described in fig 16 whereas, just in order to simplify, we do not include the optional Static encryption.
The Debiting Machine will display or voice the Challenge, and the Holder will voice the Challenge (to be checked by the Debiting Machine) and also enter the challenge into the Token. Now the Token will generate a Confirmation Acoustic Message carrying the Transaction Confirmation Number (TCN) coherent with the first, and the Token will deduct from the balance (in the Token) the amount paid. Just if the Debiting Machine received such Confirmation Acoustic Message with the correct TCN will relate to the transaction as completed.
As before this Cipher and the Transaction Confirmation Number, both stored on the Debiting Machine will, per se, converted to cash at a later time.
The audio signals which represents the encoded version of the Cipher (Acoustic Cipher), and the voice of the owner (Holder's utterance), are received by the ID Server, directly on the spot or, indirectly, i.e. transmitted by any media of communication, like phone, Internet, data transmission lines, etc. reaching eventually, on line or off line, the ID Server. Preferably, in the case in which the acoustic message reaches the ID Server off line, the Holder's utterance should be a response to a variable challenge.
The Cipher, encoded or not, should reach the ID Server, on-line or off-line, together with the voice of the Device's Holder, being such voice string, preferentially, the answer to a variable question or request, i.e.: "please repeat the words: Bill Clinton", or " say the date and time in minutes, hours, days and years" or "utter , please the transaction data, if any, to be certified by this identification".
This Holder's utterance can be analyzed, also, by a Speech Recognition software, in order to check, not only the Speaker identity, but also, the degree of coherency of the response to the challenge, in order to avoid any intent to use pre-recorded strings of the Owner's voice in order to impersonate him/her.
The method of this invention also includes the step of analyzing the said utterance received by the ID Server (Device's Holder response) by means of the said Speaker (identity) Verification Software and the comparison of such analysis results with the Computed Result.
It should be clear that the VoicePrint can be compressed, or averaged, or hashed or weight averaged or any kind of mathematical elaboration in order to reduce the amount of memory places need to store it and the time elapsed during the transmission.
Naturally, if both results are similar, within a pre-established tolerance, the ID Server will conclude that the Authorized Owner of the portable device is the present Device Holder, whose voice response has been analyzed. Due to the fact that the Cipher also includes the authorized owner's ID Data and/or the transaction data, like his name and or address and or driver license and or passport number, etc., etc., therefore the ID Server will have the said ID Data certified, with the absolute certainty that the data corresponds to the said present Device Holder and avoiding the possibility that the Device Holder is an impostor.
Another preferred application of this method and device is on the field of telecommunications for fighting against impersonation fraud of the caller for calling cards and or cellular phones.
Referring now to the prevention of the cellular phone abuse due to cloning fraud, the method and devices of this invention can contribute substantially to the said prevention. Further, due to the easy implementation of this invention method and devices, which is inferred from the facts: first, the ID Server does not need a Database in order to identify the caller, and second, due to the fact the caller sustains a conversation, in any case , and the utterance can be any string of the caller conversation ,as well as the dialing by voice feature, i.e.: if the callers responds to the dial-tone by uttering the destination phone number.
Naturally the implementation can be made in a dedicated chip in the cellular phone or as a software masked or embedded in an existent chip (see fig 13 and 26).
Referring now to the calling Card Application the Bio-Tokens distributed to callers working in conjunction with one or several ID Servers can provide to be a user friendly solution for the identification of the callers. The same can be accomplished with the ROV Bio-Tokens and the ROV ID Servers In principle , each time the caller intents to place a call, he/she will dial an access number and will reach the ID Server, will send the Acoustic Message and will become identified or rejected when speaks or responds to a challenge.
Referring now to military or security agencies applications, the methods and devices of this invention can provide a way to accomplish the distribution and usage of non-transferable ID cards or passports. In this way, at any relevant gate, an ID Server / ROV ID Server can be installed which will identify the holders of Bio- Tokens and /or ROV Bio Tokens.
All the examples presented here with the Bio-Token are easily extrapolable for the variation referred as ROV-Bio-Token , with little adaptation due to the differences of the Acoustic Cipher and the Acoustic Message which carries the Scrambled ROV Specimen.
The device of this invention comprises systems composed by Personalization Machines, a multitude of Tokens, and a multitude of ID Servers.
The Personalization Machine is essentially a PC machine, with special slots, able: to read from one or several media, like Hard Disk, floppy disks, RAM, ROM, Dangles, PCMCIA cards , Chip cards or other; to record , digitize and analyze sound; to run Speaker (identity) Verification Software, and or Speak recognition Soft; to generate VoicePrints, to elaborate VoicePrints ; to write onto Tokens memory.
The Tokens are portable electronic devices with memory, similar to the ones described in US patent 5,524,072 (PCT/US92/10492), with the capability : to read from a keypad ( specially PINs), (optionally from chip-cards), to read from the Token memory, to compute, to encrypt, to scramble , to display , to measure time and to encode results into sound, (see fig 15 for a block design of the tokens).
According with an another aspect of this invention the tokens will also feature a display for instructing the user about procedures through prompts and announcements, like, "enter password", the necessity of replace (some of) the batteries, etc.
According with another aspect of this invention, the tokens, will feature accounting capabilities i.e. storing transactions amounts / produce balances, etc.
According with another aspect of this invention, the token suitable comprises a central processing unit (CPU), a display , a keyboard , a card slot ,from where the card is inserted and extracted. Such slot feature a read-write capabilities on chip-card or PCMCIA card , or magnetic card .
The token also comprises an alarm or alteratively a voice generator, a power supply , a ROM , a RAM and suitable data, address, and control busses referred generically as bus . Alternatively, the functional blocks comprising the token may be suitable integrated into a single customized chip, like an integrated circuit chip.
A serial input is suitably configured to permit the direct connection of the token with an standard PC or any other device in order to enter data and to discharge data, like the personalization data .stored transaction data and the said serial input is configured to accommodate any convenient communication interface , like RS232 , optical or the like.
Display , voice generator or alarm in one hand, and keypad and / or serial input on the other, permit the user to enter information into token in response to prompts and / or instructions.
CPU my comprise any suitable general purpose processor. ROM will store software statements in a conventional manner, which where introduced via serial input or keypad, or through any other alternative way. The said software will include system level supervisory programs and instructions.
According with another aspect of this invention, the holder can activate the token using the said PASSWORD and the token will write the said information into card which is into the token at that moment.
A further preferred embodiment of the Token of this invention comprises capabilities as detection of fingerprints, and or voice recognition as a way to identify the user, instead, or as a complement of the password.
When actuated the Bio-Token device computes the Dynamic Encrypted version of the VoicePrint digits representing the characteristic of the voice of the Device Owner (statically encrypted or not), and, if required, any other data like the owner's ID Data and/or card ID Data , and/or any data entered by the owner before the transaction (in the following referred collectively as the Cipher). Then, the Bio-Token device encodes the Cipher (or the Scrambled Acoustic Message in the case of the ROV- Bio-Token) into sound generating the audio signals, which represents the encoded version of the Cipher referred as Acoustic Cipher The ID Servers are (preferable PC based) devices, able to: read from one or several media, like Hard Disk, floppy disks, RAM, ROM, Dangles, PCMCIA, Chip cards or other; to record, digitize and analyze sound; to run Speaker (identity) Verification Software ; to run Speak Recognition Soft ; to generate VoicePrints; to elaborate such VoicePrints and to record, digitize and analyze Tokens generated Acoustic Messages including Acoustic Ciphers; to de-scramble Scrambled ROV Specimens; and to measure time.
The audio signals which represents the encoded version of the Cipher (acoustic Cipher), in one side, and the voice of the owner, are received by the ID Server, directly on the spot or, indirectly, i.e. transmitted by any media of communication, like phone, Internet, data transmission lines, etc. reaching eventually, on line or off line, the ID Server.
The ID Server decodes the audio signals which represents the encoded version of digits (the Cipher) and decrypts the said digits recuperating the characteristic of the voice (the VoicePrint) of the specific Bio-Token device' owner, together with the additional data sent, if any, within the Cipher.
The ID Server also receives the voice of the owner. The ID Server analyzes the said voice string with the same type of Voice Recognition- Speaker Verification software used in the PM machine and compares the results. That is, it compares voice analysis result with the relevant part of the result of the decryption of the Cipher generated by the Token. If both results are similar, according to certain, pre established, tolerances, thus the ID Server will conclude that the Holder of the device is the right authorized owner.
Otherwise, the Holder can be an impostor.
Although the devices of this invention has been described herein using the case of the Bio-Token, it should be clear that a ROV-Bio-Token implementation of the methodology presented here does not represent a significant hardware change or departure from the device descriptions as set forth here.
A possible variation of the devices of this invention are the same devices as above but communicating by IR , optical , electromagnetic, or in any other way, instead of, or beside of sound.
A possible variation is a portable device able to accomplish the functions of both : the Token and the ID server, being such device a Two Way Identificator, able to identify the owner against other devices and also to identify holders of other devices.
Albeit the invention has been described herein using acoustic transmission, it should be clear that a chip-card or PCMCIA implementation of the methodology presented here does not represent a departure from the spirit of the invention as set forth here. The same is stated here for alterations of the sequential order of the steps or sub-steps used to explain the methodology presented.
Although the invention has been described herein in conjunction with the appended drawing figures, those skilled in the art will appreciate that the scope of the invention is not so limited. Various modifications in the selection and arrangement of the various components , method and steps discussed herein may be made without departing from the spirit of the invention as set forth above.

Claims (3)

Isaac Labaton Page 20 122023/2 We claims
1. - an identification method for identifying the holder of a portable , self contained storing and transmission device comprising the steps of: Analyzing the characteristic of the voice of the rightful owner of the said portable device and expressing such characteristic by means of a string of digits, or bits; digitally storing the said characteristic on the portable device; And every time the identification should be executed: the said portable device dynamically encrypts the said characteristic and transmits the said dynamically encrypted characteristic to an identification device, and, the said holder of the portable device utters words to the said identification device whereas the identification device receives the transmission from the portable device and decrypts the dynamically encrypted characteristic received, verifies that the Generation Time is within tolerances rejecting the case if negative or, eventually, if positive capturing the voice of the said holder, and analyzes the voice received and compares the result of the said analysis with the characteristic received and decides if the utterance belongs to the same rightful owner of the portable device or not.
2. - an identification method for identifying the holder of a portable self contained storing and transmission device comprising the steps of: Analyzing the characteristic of the voice of the rightful owner of the portable device and expressing such characteristic by means of a string of digits, or bits; digitally storing the said characteristic together with rightful owner's identification data on the portable device; And every time the identification should be executed: Isaac Labaton Page 21 122023/2 the said portable device dynamically encrypts the said characteristic and identification data and transmits the said dynamically encrypted characteristic and data to an identification device, and the said holder of the portable device utters words to the said identification device whereas the identification device receives the transmission from the portable device and decrypts the dynamically encrypted characteristic and data received, verifies that the Generation Time is within tolerances rejecting the case if negative or , eventually, if positive captures the voice of the said holder, and analyzes the voice received and compares the result of the said analysis with the characteristic received and decides if the utterance belongs to the same rightful owner of the portable device or not and, eventually, if positive displays, reveals and/or delivers the rightful owner's identification data.
3.- .- an identification method for identifying the holder of a portable self contained storing and transmission device comprising the steps of: digitally recording the voice of the rightful owner of the portable device; digitally storing the said recording together with rightful owner's identification data on the portable device; And every time the identification should be executed: the said portable device dynamically scrambles the said characteristic and identification data and transmits the said dynamically scrambled characteristic and data to an identification device, and the said holder of the portable device utters words to the said identification device whereas the identification device Isaac Labaton Page 22 122023/2 receives the transmission from the portable device and de- scrambles the dynamically scrambled recording and data received, verifies that the Generation Time is within tolerances rejecting the case if negative or , eventually, if positive captures the voice of the said holder, and analyzes the voice received and compares the result of the said analysis with the characteristic received and decides if the utterance belongs to the same rightful owner of the portable device or not and, eventually, if positive displays, reveals and/or delivers the rightful owner's identification data.
IL122023A 1997-10-26 1997-10-26 Non-transferable bio-metric token-based identification method and devices IL122023A (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
IL122023A IL122023A (en) 1997-10-26 1997-10-26 Non-transferable bio-metric token-based identification method and devices
EP98952949A EP1031139A4 (en) 1997-10-26 1998-10-26 Non-transferable bio-metric token-based identification methods and devices
PCT/IB1998/001835 WO1999022362A1 (en) 1997-10-26 1998-10-26 Non-transferable bio-metric token-based identification methods and devices
CA002307161A CA2307161A1 (en) 1997-10-26 1998-10-26 Non-transferable bio-metric token-based identification methods and devices
AU10485/99A AU1048599A (en) 1997-10-26 1998-10-26 Non-transferable bio-metric token-based identification methods and devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
IL122023A IL122023A (en) 1997-10-26 1997-10-26 Non-transferable bio-metric token-based identification method and devices

Publications (2)

Publication Number Publication Date
IL122023A0 IL122023A0 (en) 1998-03-10
IL122023A true IL122023A (en) 2007-06-17

Family

ID=11070777

Family Applications (1)

Application Number Title Priority Date Filing Date
IL122023A IL122023A (en) 1997-10-26 1997-10-26 Non-transferable bio-metric token-based identification method and devices

Country Status (5)

Country Link
EP (1) EP1031139A4 (en)
AU (1) AU1048599A (en)
CA (1) CA2307161A1 (en)
IL (1) IL122023A (en)
WO (1) WO1999022362A1 (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
IL127569A0 (en) 1998-09-16 1999-10-28 Comsense Technologies Ltd Interactive toys
US6607136B1 (en) 1998-09-16 2003-08-19 Beepcard Inc. Physical presence digital authentication system
EP1116155A2 (en) 1998-10-02 2001-07-18 Comsense Technologies Ltd. Card for interaction with a computer
US8019609B2 (en) 1999-10-04 2011-09-13 Dialware Inc. Sonic/ultrasonic authentication method
US7013393B1 (en) 1999-12-21 2006-03-14 Pierre Stevens Universal intelligent card for secure access to system functions
EP1209663A1 (en) * 2000-11-27 2002-05-29 Siemens Aktiengesellschaft Device and method for access control
US9219708B2 (en) 2001-03-22 2015-12-22 DialwareInc. Method and system for remotely authenticating identification devices
US6944627B2 (en) 2002-04-23 2005-09-13 International Business Machines Corporation Content management system and methodology employing a tree-based table hierarchy featuring arbitrary information retrieval from different locations in the hierarchy
US6999966B2 (en) 2002-04-23 2006-02-14 International Business Machines Corporation Content management system and methodology for implementing a complex object using nested/recursive structures
US6947948B2 (en) 2002-04-23 2005-09-20 International Business Machines Corporation Version-enabled, multi-typed, multi-targeting referential integrity relational database system and methodology
US7035854B2 (en) 2002-04-23 2006-04-25 International Business Machines Corporation Content management system and methodology employing non-transferable access tokens to control data access
US7082455B2 (en) 2002-04-23 2006-07-25 International Business Machines Corporation Method and apparatus of parameter passing of structured data for stored procedures in a content management system
US6938050B2 (en) 2002-04-23 2005-08-30 International Business Machines Corporation Content management system and methodology employing a tree-based table hierarchy which accomodates opening a dynamically variable number of cursors therefor
US7467386B2 (en) 2004-01-16 2008-12-16 International Business Machines Corporation Parameter passing of data structures where API and corresponding stored procedure are different versions/releases
DE102004013860A1 (en) * 2004-03-16 2005-10-06 Deutsche Telekom Ag Digital video, sound and or voice information encryption method, whereby a spoken key is used for encryption and if decryption is incorrect, the video and or sound track is played back in an incorrect manner
WO2011066844A1 (en) * 2009-12-02 2011-06-09 Agnitio, S.L. Obfuscated speech synthesis

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
BE787377A (en) * 1971-08-09 1973-02-09 Waterbury Nelson J SECURITY CARDS AND SYSTEM FOR USING SUCH CARDS
US4731841A (en) * 1986-06-16 1988-03-15 Applied Information Technologies Research Center Field initialized authentication system for protective security of electronic information networks
US4827518A (en) * 1987-08-06 1989-05-02 Bell Communications Research, Inc. Speaker verification system using integrated circuit cards
US4993068A (en) * 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system
US5414755A (en) * 1994-08-10 1995-05-09 Itt Corporation System and method for passive voice verification in a telephone network

Also Published As

Publication number Publication date
CA2307161A1 (en) 1999-05-06
IL122023A0 (en) 1998-03-10
WO1999022362A1 (en) 1999-05-06
AU1048599A (en) 1999-05-17
EP1031139A4 (en) 2000-10-18
EP1031139A1 (en) 2000-08-30

Similar Documents

Publication Publication Date Title
US9231944B2 (en) Method and apparatus for the secure authentication of a web site
US7142091B2 (en) Self-authenticating identification substrate with encoded packet output
US10446134B2 (en) Computer-implemented system and method for identifying special information within a voice recording
KR100471508B1 (en) A portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
TW394894B (en) Portable acoustic interface for remote access to automatic speech/speaker recognition server
IL122023A (en) Non-transferable bio-metric token-based identification method and devices
US7310042B2 (en) System and method for biometric-based fraud protection
US7861092B2 (en) Personal communication apparatus capable of recording transactions secured with biometric data
US7231025B2 (en) Acoustic encoding of dynamic identification codes
EP0598469A2 (en) Interactive credit card fraud control process
Çabuk et al. A Proposal on initial remote user enrollment for IVR-based voice authentication systems
KR20070103816A (en) Voice credit card information transferring system and its method
WO2009124562A1 (en) Method of generating a temporarily limited and/or usage limited means and/or status, method of obtaining a temporarily limited and/or usage limited means and/or status, corresponding system and computer readable medium
KR20040001075A (en) Methods and Apparatus for Real Time Payment Processing Using Biller's IVR System

Legal Events

Date Code Title Description
FF Patent granted
KB Patent renewed
KB Patent renewed
MM9K Patent not in force due to non-payment of renewal fees