WO2001015369A1 - System and method of user verification - Google Patents

System and method of user verification Download PDF

Info

Publication number
WO2001015369A1
WO2001015369A1 PCT/US2000/023312 US0023312W WO0115369A1 WO 2001015369 A1 WO2001015369 A1 WO 2001015369A1 US 0023312 W US0023312 W US 0023312W WO 0115369 A1 WO0115369 A1 WO 0115369A1
Authority
WO
WIPO (PCT)
Prior art keywords
individual
identification number
destination
selected destination
identification
Prior art date
Application number
PCT/US2000/023312
Other languages
French (fr)
Inventor
Andrew R. Mark
Original Assignee
Smart Tone, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Smart Tone, Inc. filed Critical Smart Tone, Inc.
Priority to AU70718/00A priority Critical patent/AU7071800A/en
Publication of WO2001015369A1 publication Critical patent/WO2001015369A1/en

Links

Classifications

    • GPHYSICS
    • G10MUSICAL INSTRUMENTS; ACOUSTICS
    • G10LSPEECH ANALYSIS OR SYNTHESIS; SPEECH RECOGNITION; SPEECH OR VOICE PROCESSING; SPEECH OR AUDIO CODING OR DECODING
    • G10L17/00Speaker identification or verification
    • G10L17/22Interactive procedures; Man-machine interfaces
    • G10L17/24Interactive procedures; Man-machine interfaces the user being prompted to utter a password or a predefined phrase
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • This invention relates to biometric user verification in which an entered biometric feature is processed to yield an alpha numeric coded sequence representing its attributes. For increased security this coded sequence may then be encrypted in a manner specific to both the user and to the specific destination for which authorization is sought.
  • Biometrics is the science of identifying a person through the electronic examination of his or her physical characteristics (e.g. fingerprints, voice, or retina patterns). These methods are extraordinarily useful as protections against fraud as well as an impediment to unauthorized electronic access to data networks.
  • Biometric systems allow only those persons possessing the biological characteristic equated with them to present themselves as the authentic person in a non-face to face transaction over the telephone or a computer network. Normally, the biometric process involves a comparison of a "live" personal characteristic with one that has been stored on a database. However, the existence of these databases provokes great concern. Not only can a biometric characteristic be used for authentication, it can be used as a tool to track and monitor a person's movements and transactions. Knowledge of such can lead to further information obtained about the person's likes, dislikes, political viewpoints, sexual habits, and health records. The use of biometric systems can therefore potentially effect Constitutionally protected areas of a person's life.
  • HMMs hidden Markov models
  • the present invention performs cursory analysis of a user's inputted biometric characteristic for authentication. It compensates for any loss of security by incorporating a user device into its functioning that transmits dynamically changing device identity data to a platform.
  • the invention authenticates a user's own special device as well as the user's voice pattern, thus reducing the need for high levels of specificity in voice verification.
  • Fig. 1 is a graphic representation of the relationship of the desired level of security as a function of the number of security measures employed.
  • Fig. 2 is a flowchart depicting the present invention's processing of inputted speech for both the initial approval of a password and the subsequent use of that spoken password in verifying the speaker.
  • Fig. 3 is a front view of a control panel of the preferred embodiment of the present invention.
  • Figs. 4, 5 and 6 are charts each illustrating an utterance of a spoken password and the resulting code sequences generated by the preferred embodiment of the present invention.
  • Fig. 7 is a chart illustrating the determination of the identification number by the preferred embodiment of the present invention.
  • Figs. 8A, 8B and 8C are tables illustrating the determination of code parameters which are defined for ranges of three attributes of inputted speech.
  • Fig. 9 is a chart illustrating the correspondence between the phoneme identification number determined by the preferred embodiment of the present invention and the spoken phoneme.
  • Fig. 10 is a block diagram indicating an alternative embodiment of the present invention in which additional levels of encryption occur prior to the User ID being received by the ultimate destination.
  • An important feature of the present invention is that both the biometric element and the physical object (a user device) are converted into coded sequences. Accordingly, the only stored data that are used as models for the verification comparison are these codes. Thus, a high level of security is achieved and the user's privacy interests are protected.
  • this combination of two different types of data permits the present invention to offer different levels of security. Reliance on device data alone will provide adequate level reliability for authentication. A combination of the two types, with a greater portion coming from the user device, would provide medium security. Alternatively, a combination of the two, with a greater portion of data extracted from the biometric, would provide high level security. Variations on these combination levels could provide an increased number of security levels. Further, as depicted in Fig. 1 with respect to the preferred embodiment of the preferred invention, additional device features could be employed to further increase the level of security attained.
  • the present invention utilizes a user's voice as the biometric.
  • the invention performs cursory analysis of a person's voice pattern for authentication. That is, this analysis is not as critical as conventional methods such as HMM analysis. Consequently, it is less likely in the present invention that a given user will be falsely rejected.
  • the present invention compensates for any loss of security by incorporating a user device that transmits dynamically changing personal identification data to a platform. That is, the present invention authenticates a user's own special device as well as the user's voice pattern, thus reducing the need for high levels of specificity in voice verification.
  • the voice authentication process of the preferred embodiment begins with a registration phase which includes an analysis of an individual's utterances of a proposed pass-phrase. This step is performed before the phrase is ever used for authentication purposes. In one embodiment of the invention, this evaluation entails having the person speak the passphrase three times. As depicted in Fig. 2, the system (1) examines the utterance for its phonetic content and derives values based on those components; (2) Normalizes the utterance based on "System Adjustment Tones" and derives values based on these modified components; and, (3) Imposes wire-line impairments on the normalized utterance and again derives the values.
  • these frequency and volume level range values are settable by use of system switches, as depicted in Fig. 3.
  • the system next performs the same analysis for each phoneme after determined adjustments are applied to the speech signal ("Normalization"). Examples of such adjustments are background noise and type of microphone.
  • Fig. 3 illustrates an alternative embodiment of the invention in which these parameters are either enabled or disabled by use of simple switches.
  • a third analysis is then performed for each phoneme based upon the above Normalized utterance further modified by wireline impairments.
  • impairments include identification of cellular versus wireline communication.
  • Fig. 3 again illustrates an alternative embodiment wherein these impairments are selected by use of switch mechanisms.
  • Fig. 4 illustrates the effects of the Normalization process and the addition of wireline impairments on both the speech pattern to be analyzed and the resulting quantified values obtained. It further illustrates an important feature of the present invention.
  • the values obtained for certain phonemes change as the speech pattern to be analyzed is modified in the manner described above. Conversely, certain phonemes are resilient to these variations. These latter phonemes are candidates to be included within an identification number to be used to identify this user.
  • the system examines all the derived values and determines which values are consistent among each of the three versions and are therefore the most reliable information for authentication purposes. Inconsistent values will be ignored. Any remaining consistent values are strung together to form an identification number. Specifically, the codified phoneme ID#s, durations, and frequency values are appended to yield such an identification number, in this example, 27-B-05-01-A-01- 15-E-08. Should the system not yield sufficient resilient phonemes, the user would be directed to select a different candidate pass-phrase. Once the system determines that the resulting number is sufficiently robust for identification purposes, it notifies the user that the chosen pass-phrase is acceptable for use as an identifier in an authentication. That is, the system determines that the distinctive elements present in the proposed pass-phrase will be discernible regardless of the alterations which may be imposed on it during normal usage (such as type of microphone, background noise, etc.).
  • a user may perform a voice authentication with any destination.
  • a voice prompt will ask the user to speak the same pass- phrase with which the user registered.
  • the platform hears the same utterances by the user, it should decode the utterance into the same bracketed results as during registration.
  • the platform After the person speaks the passphrase into a microphone or other input device, the platform, as during the evaluation process, shall break down the sentences into syllables and assign values to the phonetic components (phonemes) as it did during registration.
  • these components include: (1) an identification number for each syllable; (2) a value for the duration of each syllable; (3) values for the frequency ranges of the syllables; (4) values for average volume of the phonemes; and, (5) a ranking of the frequency levels.
  • both in the speech area and relating to other biometrics permit variations in the number of such elements to be considered thereby achieving corresponding variations in the level of security attained.
  • the result is a number string that represents a person's voice pattern as alphanumeric values.
  • the State Machine STI
  • the destination system If the destination system has no record of the identification values being transmitted, the destination will perform a manual authentication which requires the person to input personal information to identify the person as someone authorized to make any transaction. When the destination recognizes the person, it will equate the identification number with that person.
  • This dynamic signature is combined with the alpha numeric voice string and the result, when encrypted for the intended destination, creates a device specific user identification number (DSUID).
  • DSUID device specific user identification number
  • the DSUID makes it very difficult for the specific user to be monitored as to other transactions he conducts independent of those performed at this destination.
  • the user device provides yet an additional feature. It generates specific tones and transmits these tones as a reference signal to thereby be used by the State Machine to normalize the communication channel. That is, by analysis of a received reference signal, the system can adjust for various communication channel variations such as, but not limited to, type of microphone and type of communication path (e.g., cellular versus wireline).
  • a State Machine a. that acts as a user-specific utterance evaluator which determines upon registration:
  • a proposed utterance can produce consistent and reliable values repeatedly derived from the phonetic composition of the utterance (i.e., it contains robust elements which can survive impairments caused by voice channel transmission and their subsequent normalization so that the same values may be derived from them reliably over time); (ii) Whether the impaired iterations contain the same phonetically identifiable elements as the unimpaired elements; and, (iii) If all the modified and unmodified utterances of the user's proposed pass- phrase derive the same values; AND b. which during every authentication:
  • An alternative embodiment of the present invention uses the automatic number identification (ANI) capability of the phone system to identify the number of the calling party.
  • ANI automatic number identification
  • Such a capability is well known and includes the ability to identify the particular phone used when it is serviced by a local or private telephone switching system.
  • a user can elect to have the ANI number of his home or business phone used in place of the code generated by his "SmartKey".
  • the system simple combines the ANI number to create the DSUID to be used for identification.
  • access to the system from a "foreign phone” would require use of the individual's SmartKey.
  • FIG. 10 A yet another alternative embodiment of the present invention is depicted in Fig. 10 in which an additional level of encryption occurs at Step 3.
  • This additional encryption still further protects the identity of the user and the security of any transactions he performs at other destinations. That is, the encrypted user ID received in Step 4 identifies the user to that particular destination. Even if an interloper attains the actual identity of the user associated with that destination ID, without knowledge of the encryption which occurs at each level, he cannot use this destination ID to track or monitor transactions of the user at other destinations.

Abstract

This invention relates to biometric user verification in which an entered biometric feature is processed to yield an alpha numeric coded sequence representing its attributes. For increased security this coded sequence may then be encrypted in a manner specific to both the user and to the specific destination for which authorization is sought.

Description

Title: SYSTEM AND METHOD OF USER VERIFICATION
Inventor: Andrew R. Mark
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to biometric user verification in which an entered biometric feature is processed to yield an alpha numeric coded sequence representing its attributes. For increased security this coded sequence may then be encrypted in a manner specific to both the user and to the specific destination for which authorization is sought. 2. Description of Related Art
Biometrics is the science of identifying a person through the electronic examination of his or her physical characteristics (e.g. fingerprints, voice, or retina patterns). These methods are extraordinarily useful as protections against fraud as well as an impediment to unauthorized electronic access to data networks. Biometric systems allow only those persons possessing the biological characteristic equated with them to present themselves as the authentic person in a non-face to face transaction over the telephone or a computer network. Normally, the biometric process involves a comparison of a "live" personal characteristic with one that has been stored on a database. However, the existence of these databases provokes great concern. Not only can a biometric characteristic be used for authentication, it can be used as a tool to track and monitor a person's movements and transactions. Knowledge of such can lead to further information obtained about the person's likes, dislikes, political viewpoints, sexual habits, and health records. The use of biometric systems can therefore potentially effect Constitutionally protected areas of a person's life.
Further, each type of biometric used brings with it its own special variances and features that must be taken into consideration. For example, many voice verification systems used "hidden Markov models" (HMMs) to identify the speech pattern of a particular person. HMMs relate to very detailed features or nuances of an individual's speech pattern. However, their use increases the rate of false rejections of an authentic user because a person's voice pattern changes according to, among other things, health and mood.
Therefore, for useful voice verification to take place, it becomes necessary to reduce the specificity in analysis of an entered biometric characteristic — but in a manner that does not diminish the system's security and effectiveness. Further, it is highly preferable to the users that a biometric system operates in a manner that can accommodate privacy interests. The present invention fulfills these goals.
SUMMARY OF THE INVENTION
The present invention performs cursory analysis of a user's inputted biometric characteristic for authentication. It compensates for any loss of security by incorporating a user device into its functioning that transmits dynamically changing device identity data to a platform. In the preferred embodiment, the invention authenticates a user's own special device as well as the user's voice pattern, thus reducing the need for high levels of specificity in voice verification.
These and other features of the invention will be more fully understood by reference to the following drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
Fig. 1 is a graphic representation of the relationship of the desired level of security as a function of the number of security measures employed.
Fig. 2 is a flowchart depicting the present invention's processing of inputted speech for both the initial approval of a password and the subsequent use of that spoken password in verifying the speaker.
Fig. 3 is a front view of a control panel of the preferred embodiment of the present invention.
Figs. 4, 5 and 6 are charts each illustrating an utterance of a spoken password and the resulting code sequences generated by the preferred embodiment of the present invention. Fig. 7 is a chart illustrating the determination of the identification number by the preferred embodiment of the present invention.
Figs. 8A, 8B and 8C are tables illustrating the determination of code parameters which are defined for ranges of three attributes of inputted speech. Fig. 9 is a chart illustrating the correspondence between the phoneme identification number determined by the preferred embodiment of the present invention and the spoken phoneme.
Fig. 10 is a block diagram indicating an alternative embodiment of the present invention in which additional levels of encryption occur prior to the User ID being received by the ultimate destination.
DETAILED DESCRIPTION OF THE INVENTION
During the course of this description, like numbers will be used to identify like elements according to different figures which illustrate the invention. It is well known in the security art to employ one or more of the following elements in designing a security system: (1) require the user seeking access to have some physical object (e.g., a door key), (2) require the user to have knowledge of a code or password (e.g., a PIN number to access his bank account information), and (3) require that a biometric physical characteristic of the user match a stored model of that user's characteristic. In combining these elements, a high level of security can be attained.
An important feature of the present invention is that both the biometric element and the physical object (a user device) are converted into coded sequences. Accordingly, the only stored data that are used as models for the verification comparison are these codes. Thus, a high level of security is achieved and the user's privacy interests are protected.
In addition, this combination of two different types of data permits the present invention to offer different levels of security. Reliance on device data alone will provide adequate level reliability for authentication. A combination of the two types, with a greater portion coming from the user device, would provide medium security. Alternatively, a combination of the two, with a greater portion of data extracted from the biometric, would provide high level security. Variations on these combination levels could provide an increased number of security levels. Further, as depicted in Fig. 1 with respect to the preferred embodiment of the preferred invention, additional device features could be employed to further increase the level of security attained.
In the preferred embodiment, the present invention utilizes a user's voice as the biometric. The invention performs cursory analysis of a person's voice pattern for authentication. That is, this analysis is not as critical as conventional methods such as HMM analysis. Consequently, it is less likely in the present invention that a given user will be falsely rejected. The present invention compensates for any loss of security by incorporating a user device that transmits dynamically changing personal identification data to a platform. That is, the present invention authenticates a user's own special device as well as the user's voice pattern, thus reducing the need for high levels of specificity in voice verification.
The voice authentication process of the preferred embodiment begins with a registration phase which includes an analysis of an individual's utterances of a proposed pass-phrase. This step is performed before the phrase is ever used for authentication purposes. In one embodiment of the invention, this evaluation entails having the person speak the passphrase three times. As depicted in Fig. 2, the system (1) examines the utterance for its phonetic content and derives values based on those components; (2) Normalizes the utterance based on "System Adjustment Tones" and derives values based on these modified components; and, (3) Imposes wire-line impairments on the normalized utterance and again derives the values.
A specific example of this analysis will now be discussed in which the word "SPAGHETTI" is uttered three times. As depicted in Fig. 4, the first utterance results in a matrix of numbers. The initial "S" sound is recognized and, using a table lookup such as the one depicted in Fig. 9, this sound is quantified as phoneme ID# 29. This "S" sound is also quantified as to other parameters as well. That is, the duration, frequency range, and average volume level are similarly quantified by use of range values similar to the ones depicted in Figs. 8C, 8B and 8A, respectively. This analysis is also performed on each of the remaining phonemes that appear in the uttered word. In an alternative embodiment, these frequency and volume level range values are settable by use of system switches, as depicted in Fig. 3. In the preferred embodiment the system next performs the same analysis for each phoneme after determined adjustments are applied to the speech signal ("Normalization"). Examples of such adjustments are background noise and type of microphone. Fig. 3 illustrates an alternative embodiment of the invention in which these parameters are either enabled or disabled by use of simple switches.
In the preferred embodiment, a third analysis is then performed for each phoneme based upon the above Normalized utterance further modified by wireline impairments. Examples of such impairments include identification of cellular versus wireline communication. Fig. 3 again illustrates an alternative embodiment wherein these impairments are selected by use of switch mechanisms.
Fig. 4 illustrates the effects of the Normalization process and the addition of wireline impairments on both the speech pattern to be analyzed and the resulting quantified values obtained. It further illustrates an important feature of the present invention. The values obtained for certain phonemes change as the speech pattern to be analyzed is modified in the manner described above. Conversely, certain phonemes are resilient to these variations. These latter phonemes are candidates to be included within an identification number to be used to identify this user.
The above analysis which related to the user's first utterance of the password "SPAGHETTI" is then repeated for the second and third utterance of this word, as depicted in Figs. 5 and 6, respectively. The summary of the results obtained for all of the utterances is displayed in Fig. 7. It can readily be seen that a phoneme that was characterized as resilient in one utterance (e.g., "E" in the 1st utterance) was not deemed so in another utterance (e.g., "E" in the 2nd utterance). The identification number for this user is obtained by utilizing only those phonemes which were deemed resilient in all three of the utterances.
That is, the system examines all the derived values and determines which values are consistent among each of the three versions and are therefore the most reliable information for authentication purposes. Inconsistent values will be ignored. Any remaining consistent values are strung together to form an identification number. Specifically, the codified phoneme ID#s, durations, and frequency values are appended to yield such an identification number, in this example, 27-B-05-01-A-01- 15-E-08. Should the system not yield sufficient resilient phonemes, the user would be directed to select a different candidate pass-phrase. Once the system determines that the resulting number is sufficiently robust for identification purposes, it notifies the user that the chosen pass-phrase is acceptable for use as an identifier in an authentication. That is, the system determines that the distinctive elements present in the proposed pass-phrase will be discernible regardless of the alterations which may be imposed on it during normal usage (such as type of microphone, background noise, etc.).
In the preferred embodiment, once this evaluation is complete, a user may perform a voice authentication with any destination. As depicted in Fig. 2, when the user makes the connection to the State Machine platform of the present invention (a non-secure state machine), a voice prompt will ask the user to speak the same pass- phrase with which the user registered. When the platform hears the same utterances by the user, it should decode the utterance into the same bracketed results as during registration. The likelihood of the appearance of the same robust phoneme selections, cadences, frequency ranges and relative phoneme levels in combination with full word text recognition provides a excellent, high-security means of user specific verification.
After the person speaks the passphrase into a microphone or other input device, the platform, as during the evaluation process, shall break down the sentences into syllables and assign values to the phonetic components (phonemes) as it did during registration. In the embodiment depicted in this example, these components include: (1) an identification number for each syllable; (2) a value for the duration of each syllable; (3) values for the frequency ranges of the syllables; (4) values for average volume of the phonemes; and, (5) a ranking of the frequency levels. Alternative embodiments, both in the speech area and relating to other biometrics permit variations in the number of such elements to be considered thereby achieving corresponding variations in the level of security attained.
The result is a number string that represents a person's voice pattern as alphanumeric values. The State Machine (STI) then encrypts the number string with a special algorithm used only for that particular destination and that particular user. In the preferred embodiment, this result is then transmitted to the end destination which then re-encrypts the number string a second time. This second encryption produces the identification values that the destination uses to authenticate a person as the person he or she claims to be.
If the destination system has no record of the identification values being transmitted, the destination will perform a manual authentication which requires the person to input personal information to identify the person as someone authorized to make any transaction. When the destination recognizes the person, it will equate the identification number with that person.
In the future, when the values delivered match what the destination has recorded as an authorized person's values, an authentication may take place. If they do not match, access to the destination's system would be denied to the user. If the values presented are notably similar to the values on record, yet not identical, the system could request personal information from the user via voice prompt (social security number, date of birth, etc.) which would provide the extra security to allow the transaction to be completed. In the preferred embodiment, additional security is provided by having the individual access the State Machine through a user device which transmits a dynamic signature. Such a device is described in U.S. Patent 5,583,933 issued to Applicant,
Andrew Mark, on December 10, 1996, which patent is hereby incorporated by reference. Such a device is designated "SmartKey" in Step 1 of Fig. 10. In the preferred embodiment this dynamic signature is combined with the alpha numeric voice string and the result, when encrypted for the intended destination, creates a device specific user identification number (DSUID). This DSUID provides a high level of security by minimizing the likelihood of a false verification occurring.
Further, the DSUID makes it very difficult for the specific user to be monitored as to other transactions he conducts independent of those performed at this destination.
This maintenance of user confidentiality is an important feature of the present invention.
The user device provides yet an additional feature. It generates specific tones and transmits these tones as a reference signal to thereby be used by the State Machine to normalize the communication channel. That is, by analysis of a received reference signal, the system can adjust for various communication channel variations such as, but not limited to, type of microphone and type of communication path (e.g., cellular versus wireline).
By way of summary the preferred embodiment of the present invention contains the following elements: A. A State Machine a. that acts as a user-specific utterance evaluator which determines upon registration:
(i) If a proposed utterance can produce consistent and reliable values repeatedly derived from the phonetic composition of the utterance (i.e., it contains robust elements which can survive impairments caused by voice channel transmission and their subsequent normalization so that the same values may be derived from them reliably over time); (ii) Whether the impaired iterations contain the same phonetically identifiable elements as the unimpaired elements; and, (iii) If all the modified and unmodified utterances of the user's proposed pass- phrase derive the same values; AND b. which during every authentication:
(i) Normalizes the communication channels to eliminate transmission (including microphone and line) variances;
(ii) Evaluates the utterances into phonetic elements (identifies phonemes, bracketed frequencies and duration levels); and (iii) Converts identified elements into numerical coefficients; B. A destination specific encryption of the derived device ID; and, C. A numeric description of the user which is destination specific.
An alternative embodiment of the present invention uses the automatic number identification (ANI) capability of the phone system to identify the number of the calling party. Such a capability is well known and includes the ability to identify the particular phone used when it is serviced by a local or private telephone switching system. In this alternative embodiment, at registration a user can elect to have the ANI number of his home or business phone used in place of the code generated by his "SmartKey". The system simple combines the ANI number to create the DSUID to be used for identification. In this embodiment access to the system from a "foreign phone" would require use of the individual's SmartKey.
A yet another alternative embodiment of the present invention is depicted in Fig. 10 in which an additional level of encryption occurs at Step 3. This additional encryption still further protects the identity of the user and the security of any transactions he performs at other destinations. That is, the encrypted user ID received in Step 4 identifies the user to that particular destination. Even if an interloper attains the actual identity of the user associated with that destination ID, without knowledge of the encryption which occurs at each level, he cannot use this destination ID to track or monitor transactions of the user at other destinations.
While the invention has been described with reference to the above alternative embodiments thereof, it will be appreciated by those of ordinary skill in the art that various modifications can be made to the structure and function of the individual parts of the system without departing from the sprit and scope of the invention as a whole.

Claims

I CLAIM:
1. A security method for verifying the identity of an individual seeking access to a destination, said method using at least one inputted biometric characteristics of that individual, comprising the steps of: receiving said at least one inputted biometric characteristics, each characteristic having a plurality of elements associated with it; assigning values to a predetermined subset of said elements; and, converting said assigned values into an identification number.
2. The method of claim 1 further comprising the steps of: encrypting of the identification number in a manner that is specific to the destination; transmitting said encrypted identification number to the destination; and, authenticating the identity of the individual at the destination by determining whether there exists a previous record of the transmitted encrypted identification number in a destination data base.
3. The method of claim 2 wherein the authenticating step further comprises the steps of: performing manual verification of the identity of the individual by an operator in the event no previous record of the transmitted encrypted identification number exists; and, adding the transmitted encrypted identification number to the destination data base.
4. The method of claim 3 wherein only one biometric characteristic is inputted and that biometric characteristic is the individual's voice pattern contained in a pass- phrase spoken by the individual.
5. The method of claim 4 wherein the elements associated with the voice biometric is chosen from the group consisting of phoneme duration, phoneme frequency, and phoneme volume level.
6. The method of claim 5 wherein, prior to its use in said authentication step, the pass-phrase spoken by the individual is selected from a set of one or more proposed pass-phrase spoken by the individual.
7. The method of claim 6 wherein said each spoken proposed pass-phrase is evaluated by assigning values to said elements in the original spoken pass-phrase and in altered versions of that spoken pass-phrase to determine distinctive elements present in the proposed pass-phrase that will be recognizable regardless of impairments which may be present during spoken inputting of that pass-phrase.
8. The method of claim 7 wherein said impairments comprise background noise, variations in microphone type and quality, and variations in cellular or wireline transmission quality.
9. The method of claim 8 further comprising the steps of: receiving a identification string identifying a device used by the individual; and incorporating said identification string in the identification number.
10. The method of claim 9 wherein said incorporating step combines the identification string with the identification number to thereby yield the minimal amount of data required to attain the desired security sought.
11. The method of claim 10 wherein said authentication step is performed after a second encryption is performed upon the identification number.
12. The method of claim 11 wherein the identification string is the automatic number identification ANI of the user's phone.
13. The method of claim 11 wherein the identification string is a dynamic signature alpha-numeric string transmitted from a transmitter used by the individual.
14. The method of claim 13 further comprising the steps of: receiving one or more reference signals transmitted by said transmitter; and, normalizing the received pass-phrase spoken by the individual.
15. The method of claim 3 further comprising the steps of: receiving a identification string identifying a device used by the individual; and incorporating said identification string in the identification number.
16. The method of claim 15 wherein said incorporating step combines the identification string with the identification number to thereby yield the minimal amount of data required to attain the desired security sought.
17. The method of claim 16 wherein said authentication step is performed after a second encryption is performed upon the identification number.
18. The method of claim 17 wherein the identification string is the automatic number identification ANI of the user's phone.
19. The method of claim 17 wherein the identification string is a dynamic signature alpha-numeric string transmitted from a transmitter used by the individual.
20. The method of claim 19 further comprising the steps of: receiving one or more reference signals transmitted by said transmitter; and, normalizing the received at least one inputted biometric characteristic.
21. A security method for verifying the identity of an individual seeking access to a selected destination of a plurality of destinations, said method using at least one inputted biometric characteristics of that individual, comprising the steps of: receiving said at least one inputted biometric characteristics, each characteristic having a plurality of elements associated with it; assigning values to a predetermined subset of said elements; converting said assigned values into an identification number; encrypting of the identification number in a manner that is specific to the selected destination; transmitting said encrypted identification number to the selected destination; and, authenticating the identity of the individual at the selected destination by determining whether there exists a previous record of the transmitted encrypted identification number in a data base contained at the selected destination.
22. The method of claim 21 wherein said selected destination is selected by the individual using vocally inputted data.
23. The method of claim 21 wherein said transmitting of the encrypted identification number to the selected destination does not permit use of said selected destination's date base from being used to identify the individual, or any of his associated data base records, at any of the plurality of destinations which are not the selected destination.
24. The method of claim 22 further comprising the step of generating a billing record for said transmitting the encrypted identification number to the selected destination.
25. An authentication gateway apparatus for verifying the identity of an individual seeking access to a selected destination of a plurality of destinations, comprising: receiving means for receiving at least one biometric characteristics of the individual, each characteristic having a plurality of elements associated with it; assigning means for assigning values to a predetermined subset of said elements; converting means for converting said assigned values into an identification number; encrypting means for encrypting of the identification number in a manner that is specific to the selected destination; transmitting means for transmitting said encrypted identification number to the selected destination; and, authenticating means for authenticating the identity of the individual at the selected destination by determining whether there exists a previous record of the transmitted encrypted identification number in a data base contained at the selected destination.
PCT/US2000/023312 1999-08-24 2000-08-24 System and method of user verification WO2001015369A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU70718/00A AU7071800A (en) 1999-08-24 2000-08-24 System and method of user verification

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US37993599A 1999-08-24 1999-08-24
US09/379,935 1999-08-24

Publications (1)

Publication Number Publication Date
WO2001015369A1 true WO2001015369A1 (en) 2001-03-01

Family

ID=23499302

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/023312 WO2001015369A1 (en) 1999-08-24 2000-08-24 System and method of user verification

Country Status (2)

Country Link
AU (1) AU7071800A (en)
WO (1) WO2001015369A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2816554A3 (en) * 2013-05-28 2015-03-25 Samsung Electronics Co., Ltd Method of executing voice recognition of electronic device and electronic device using the same

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5153918A (en) * 1990-11-19 1992-10-06 Vorec Corporation Security system for data communications
US5280527A (en) * 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5534855A (en) * 1992-07-20 1996-07-09 Digital Equipment Corporation Method and system for certificate based alias detection
US5548647A (en) * 1987-04-03 1996-08-20 Texas Instruments Incorporated Fixed text speaker verification method and apparatus
US5636282A (en) * 1994-06-20 1997-06-03 Paradyne Corporation Method for dial-in access security using a multimedia modem
US5787154A (en) * 1996-07-12 1998-07-28 At&T Corp Universal authentication device for use over telephone lines

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5548647A (en) * 1987-04-03 1996-08-20 Texas Instruments Incorporated Fixed text speaker verification method and apparatus
US5153918A (en) * 1990-11-19 1992-10-06 Vorec Corporation Security system for data communications
US5280527A (en) * 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5534855A (en) * 1992-07-20 1996-07-09 Digital Equipment Corporation Method and system for certificate based alias detection
US5636282A (en) * 1994-06-20 1997-06-03 Paradyne Corporation Method for dial-in access security using a multimedia modem
US5787154A (en) * 1996-07-12 1998-07-28 At&T Corp Universal authentication device for use over telephone lines

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2816554A3 (en) * 2013-05-28 2015-03-25 Samsung Electronics Co., Ltd Method of executing voice recognition of electronic device and electronic device using the same

Also Published As

Publication number Publication date
AU7071800A (en) 2001-03-19

Similar Documents

Publication Publication Date Title
US8812319B2 (en) Dynamic pass phrase security system (DPSS)
US9524719B2 (en) Bio-phonetic multi-phrase speaker identity verification
US6477500B2 (en) Text independent speaker recognition with simultaneous speech recognition for transparent command ambiguity resolution and continuous access control
US7240007B2 (en) Speaker authentication by fusion of voiceprint match attempt results with additional information
US6510415B1 (en) Voice authentication method and system utilizing same
US5717743A (en) Transparent telephone access system using voice authorization
US6480825B1 (en) System and method for detecting a recorded voice
US7386448B1 (en) Biometric voice authentication
US6119084A (en) Adaptive speaker verification apparatus and method including alternative access control
US20030149881A1 (en) Apparatus and method for securing information transmitted on computer networks
US5677989A (en) Speaker verification system and process
EP0983587B1 (en) Speaker verification method using multiple class groups
US20050071168A1 (en) Method and apparatus for authenticating a user using verbal information verification
JP2006505021A (en) Robust multi-factor authentication for secure application environments
JPH0354600A (en) Method of verifying identity of unknown person
US8433569B2 (en) Method of accessing a dial-up service
US7630895B2 (en) Speaker verification method
JP3601631B2 (en) Speaker recognition system and speaker recognition method
JPH10173644A (en) Identity authentication method
WO2001015369A1 (en) System and method of user verification
Marinov Text dependent and text independent speaker verification system: Technology and application
Ho et al. A dual-factor authentication system featuring speaker verification and token technology
US20060190735A1 (en) Method of entering a security code for a network apparatus
Mark The development of destination-specific biometric authentication
US9978373B2 (en) Method of accessing a dial-up service

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP