TR2023015412A2 - AN AUTHENTICATION SYSTEM AND METHOD - Google Patents

Abstract

The invention relates to an authentication system (10) and method for a user (50) to perform a corporate transaction remotely via a user terminal. Figure 1

Description

DESCRIPTION AN AUTHENTICATION SYSTEM AND METHOD TECHNICAL FIELD The invention relates to an authentication method and system for a user to perform an enterprise transaction via a remote user terminal. PREVIOUS ART Authentication systems are technologies and methods used to determine and verify the identities of users. These systems are used in various applications, computer systems, banking, healthcare services, security, internet services, building entrances and many other areas. Currently, many techniques are used for authentication. One of the mentioned techniques is the information factor containing the username and password combination. However, this method is a weak method compared to other methods since it is easy to solve in terms of security. Another authentication technique; biometric verification is done by using unique physical or behavioral characteristics of users such as fingerprint, facial recognition, retina scan. This method offers a more secure and user-friendly option. Another authentication technique is second-factor authentication, which requires users to use more than one factor to verify their identity. In this method, for example, users first enter their passwords and then enter a verification code sent to their mobile phones to perform the authentication process. This technique increases security and makes unauthorized access difficult. Another authentication technique is card-based authentication, which provides authentication using physical cards such as magnetic stripe cards, smart cards, or RFID cards. These cards allow users to enter certain systems or areas. The variety of authentication methods offers solutions that are suitable for the needs and application requirements of the users. Effective application of these methods can increase information security and ensure the protection of the privacy of the users by preventing unauthorized access. Traditional authentication methods generally offer information-based solutions. Another person with extensive information about the customer can easily pass these checks. For example, during a bank authentication process, if the user is verified by asking general questions such as mother's name, father's name, mother's maiden name, etc., the bank transaction is carried out. This situation can cause fraud, theft, etc. in bank transactions, since the mentioned information is general information that can be accessed by everyone. As a result, all the problems mentioned above have made it necessary to make an innovation in the relevant technical field. BRIEF DESCRIPTION OF THE INVENTION The present invention is an authentication system and method to eliminate the above-mentioned disadvantages and to bring new advantages to the relevant technical field. One object of the invention is to provide an authentication system and method that enables a user to perform a corporate transaction remotely in a secure manner. In order to achieve all the purposes mentioned above and that will emerge from the detailed description below, the present invention is an authentication method for a user to perform a corporate transaction remotely via a user terminal. Accordingly, receiving a user data containing the user's voice and personal information from the user terminal, detecting the authenticity of the voice information received from the user terminal by means of an artificial intelligence-based voice recognition process, sending a security notification to a security unit in case the voice is detected to be artificial, accessing a blockchain network containing at least one data block in each of which customer data containing the voice and personal information of at least one customer of an institution is stored in case the voice is detected to be real, comparing the customer data in the said blockchain network with the user data received from the user terminal, receiving the institutional transaction information from the user in case the user data is detected to be in a data block, receiving a permission approval from the user in order to record the user data in the blockchain network in case the user data is detected not to be in a data block, and depending on the permission approval, the blockchain The creation of a data block in the network, recording user data in the created data block. Thus, the identity verification step applied for the realization of a remote corporate transaction is completed securely. This prevents the verification of information as a result of imitating the person with voices produced by artificial intelligence etc. and ensures that transactions are carried out securely. The feature of a possible embodiment of the invention is that, in the event that user data is detected in a data block, it includes the steps of obtaining institutional transaction information from the user in order to perform the institutional transaction, then performing the institutional transaction, recording the performed institutional transaction in the data block. Another possible embodiment of the invention is that it includes the steps of creating a data block for each customer of each institution registered in the blockchain network, recording the customer data including the voice and personal information of the customer in the data block, before the step of accessing a blockchain network containing at least one data block in each of which customer data including the voice and personal information of at least one customer of an institution is stored in case the voice is detected to be genuine. Another possible embodiment of the invention is that it includes the steps of creating a data block for each customer of an institution, recording the customer data including the voice and personal information of the customer in each of which customer data including the voice and personal information of at least one customer of an institution is stored in the data block; It includes a processor unit to ensure that the authenticity of the voice information is detected by means of an artificial intelligence-based voice recognition process by providing access to the said block chain network in case the voice is detected to be authentic and the said customer data is compared with the said user data, in case the user data is detected to be in a data block, the corporate transaction information is obtained from the user in order to perform the corporate transaction, in case the user data is detected to be not in a data block, the user data is recorded in a data block created in the block chain network depending on the receipt of a permission approval from the user. Another possible embodiment of the invention is that it includes a security unit to transmit a security notification in case the voice associated with the said processor unit is detected to be artificial. Another possible embodiment of the invention is that the processor unit is configured to create a data block for each customer of each institution and to record customer data including the customer's voice and personal information in the data block. Another possible embodiment of the invention is that the processor unit is configured to record customer information of each institution in an encrypted manner in the blockchain network. Another possible embodiment of the invention is that the processor unit is configured to obtain approval from other institutions in the blockchain network for an institution to be added to the blockchain network. Another possible embodiment of the invention is that the processor unit is configured to enable decryption and reading of customer data stored in an encrypted form in the blockchain network. Another possible embodiment of the invention is that the processor unit is configured to enable writing of customer data in an encrypted form to the blockchain network. BRIEF DESCRIPTION OF THE FIGURES A representative view of the working scenario of the authentication system is given in Figure 1. DETAILED DESCRIPTION OF THE INVENTION In this detailed description, the subject of the invention is explained only with examples that will not create any limiting effect for a better understanding of the subject. The invention relates to an authentication system (10) and method for a user (50) to perform an institutional (40) transaction remotely via a user (50) terminal. In a possible embodiment of the invention, the institution (40) mentioned may be a bank, a company, etc. In a possible embodiment of the invention, a mobile device such as a telephone may be used as the user (50) terminal. In a possible embodiment of the invention, transactions are carried out as a result of a user (50) calling the bank system by telephone. The authentication system (10) includes a processor unit (20) for carrying out the transaction steps. The processor unit (20) enables the execution of the transaction steps of the authentication method by reading artificial intelligence-based computer commands. There is a block chain network (30) associated with the processor unit (20) in a way that data can be read and/or written. Said block chain network (30) includes at least one data block (31) in each of which customer data containing the voice and personal information of at least one customer of an institution (40) is stored. Said data blocks are interconnected. The data in the data blocks are stored in an encrypted manner. The processor unit (20) can add a new institution (40) to the block chain network (30). Before the processor unit (20) adds an institution (40) to the block chain network (30), the institution (40) to be added must have accepted the predetermined protocols in order for other institutions (40) to access the information of the institution (40). The authentication system (10) includes a security unit for transmitting a security notification in case the voice associated with the Processor unit (20) is detected to be artificial. In a possible embodiment of the invention, the security unit mentioned may be an interface that can be accessed by security control teams such as the police, gendarmerie, etc. The processor unit ensures that a user (50) data containing the voice and personal information of the user (50) is received from the user (50) terminal and the authenticity of the voice information is determined by means of an artificial intelligence-based voice recognition process; in case the voice is determined to be authentic, it provides access to the said block chain network (30) and compares the said customer data with the said user (50) data; in case the user (50) data is determined to be in a data block (31), it obtains the corporate (40) transaction information from the user (50) in order to perform the corporate (40) transaction; in case the user (50) data is determined not to be in a data block (31), it records the user (50) data in a data block (31) created in the block chain network (30) upon receipt of a permission approval from the user (50). The processor unit (20) ensures that a data block (31) is created for each customer of each institution (40). The processor unit (20) also ensures that customer data, including the customer's voice and personal information, is recorded in the data block (31). The processor unit (20) is configured to ensure that customer information of each institution (40) is recorded in an encrypted manner in the blockchain network (30). The processor unit (20) is configured to ensure that the approval of other institutions (40) in the blockchain network (30) is obtained for an institution (40) to be added to the blockchain network (30). The processor unit (20) is configured to enable decryption and reading of customer data stored in encrypted form in the blockchain network (30). The processor unit (20) is configured to enable writing of customer data to the blockchain network (30) in encrypted form. The authentication method is to receive a user (50) data containing the voice and personal information of the user (50) from the user (50) terminal, to detect the authenticity of the voice information received from the user (50) terminal by means of an artificial intelligence-based voice recognition process, to send a security notification to a security unit in case it is detected that the voice is artificial, to create a data block (31) for each customer of each institution (40) registered in the block chain network (30), to record the customer data containing the voice and personal information of the customer in the data block (31), to access a block chain network (30) containing at least one data block (31) in each of which a customer data containing the voice and personal information of at least one customer of an institution (40) is stored, to connect the customer data in the block chain network (30) with the user The process steps include comparing the user (50) data received from the terminal (50), obtaining institutional (40) transaction information from the user (50) in order to perform the institutional (40) transaction in case it is detected that the user (50) data is in a data block (31), performing the institutional (40) transaction, recording the performed institutional (40) transaction in the data block (31), obtaining a permission approval from the user (50) in order to record the user (50) data in the block chain network (30) in case it is detected that the user (50) data is not in a data block (31), creating a data block (31) in the block chain network (30) depending on the said permission approval, recording the user (50) data in the created data block (31). The process steps of the authentication method are carried out by means of the processor unit (20). The authentication method is explained to be implemented in the authentication system (10). An example working scenario of the invention is explained as follows. In case a user (50) wants to perform a corporate (40) transaction, a user (50) is connected to the authentication system (10) via the terminal. The processor unit (20) ensures that the process steps of the authentication method are carried out in order in the authentication system (10). The processor unit (20) ensures that the customer information of the institutions (40) is recorded in data blocks. The processor unit (20) ensures that the authenticity of the voice information received from the user (50) terminal is determined by means of the artificial intelligence-based voice recognition process. The processor unit (20) ensures that a security notification is sent to a security unit if it detects that the voice is artificial. Thus, the security control units are able to detect people who want to perform transactions using the user (50) information through the security unit. This allows fraudsters to be detected. The processor unit (20) provides access to the block chain network (30) if it detects that the voice is real. The processor unit (20) ensures that the customer data stored in the data blocks in the block chain network (30) is compared with the user (50) data received from the user (50) terminal. If the processor unit (20) detects that the user (50) data is in a data block (31), it ensures that the institutional (40) transaction information is received from the user (50) in order to perform the institutional (40) transaction. The processor unit (20) ensures that the corporate (40) transaction is carried out according to the corporate (40) transaction information received. The processor unit (20) ensures that the corporate (40) transaction carried out is recorded in the said data block (31). Thus, the transactions made by means of the processor unit (20) are stored for later control. In case the processor unit (20) detects that the user (50) data is not in a data block (31), it ensures that a permission approval is obtained from the user (50) in order to ensure that the user (50) data is recorded in the block chain network (30). Depending on the approval of the said permission, the processor end ensures that a data block (31) is created in the block chain network (30). The processor unit (20) ensures that the user (50) data is recorded in the created data block (31). Thus, the user (50) is ensured to be a customer of the institution (40). The scope of protection of the invention is specified in the claims given in the appendix and cannot be limited to what is explained in this detailed explanation for the purpose of example. Because it is clear that a person skilled in the art can present similar structures in the light of what is explained above without deviating from the main theme of the invention.TR TR TR TR TR