WO2016144806A2 - Signature vocale numérique de transactions - Google Patents

Signature vocale numérique de transactions Download PDF

Info

Publication number
WO2016144806A2
WO2016144806A2 PCT/US2016/021011 US2016021011W WO2016144806A2 WO 2016144806 A2 WO2016144806 A2 WO 2016144806A2 US 2016021011 W US2016021011 W US 2016021011W WO 2016144806 A2 WO2016144806 A2 WO 2016144806A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
voice
text
record
transaction
Prior art date
Application number
PCT/US2016/021011
Other languages
English (en)
Other versions
WO2016144806A3 (fr
Inventor
Sajit Bhaskaran
Original Assignee
Ack3 Bionetics Private Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US14/644,129 external-priority patent/US9767807B2/en
Application filed by Ack3 Bionetics Private Ltd. filed Critical Ack3 Bionetics Private Ltd.
Publication of WO2016144806A2 publication Critical patent/WO2016144806A2/fr
Publication of WO2016144806A3 publication Critical patent/WO2016144806A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/18Information format or content conversion, e.g. adaptation by the network of the transmitted or received information for the purpose of wireless delivery to users or terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/082Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying multi-factor authentication

Definitions

  • a person may travel to a foreign country, and attempt to use a credit card, only to find that her own credit card company has blocked the transaction for her own protection; and since she may not have call roaming when in the foreign country because of the high cost involved, the credit card company's attempts to reach her by phone to authenticate a transaction will fail.
  • the end result is that a business transaction involving an authentication attempt by phone was not able to be fulfilled.
  • repudiation is the refusal of an individual to acknowledge that certain commitments (financial or otherwise) have been accrued upon a transaction. This problem is exacerbated in verbal transactions.
  • Some complex biometric types of authentication can be repudiated because it is difficult for normal human beings to verify them without the aid of experts or a computer.
  • the argument of forgery has been successfully used in some cases of repudiating a previously executed business transaction. For instance, the practice of hand-written signatures on documents like checks is susceptible to forgery. A would-be thief can learn how to copy the victim's signature quite easily.
  • a Three Factor Identification and Authentication System for Personal Roaming is described for performing highly secure, fast and cost-less or low cost roaming transactions, anywhere in the world, using a mobile device.
  • 3FID System a Three Factor Identification and Authentication System for Personal Roaming
  • the roaming user is tied to a specific device she may use (e.g. fixed smartphone with a fixed phone number).
  • the user is free to borrow someone else's computer, or rent a pre-paid phone in another country - there is no dependence on a fixed phone-number association with a user.
  • a method for signing of transactions using one's voice is introduced, which solves the problem of attempted forgery in many cases, and also allows most transactions to enjoy a strong non-repudiation capability.
  • a computer-implemented method to authenticate a user through a triple factor authentication in one step includes receiving, by a server, an access request sent to a network address of a resource server from a user using a user device.
  • the access request includes a unique record identifier, placing a call to the user device, receiving from the user a response to a prompt for the user; receiving a voice sample of the user, and comparing the voice sample of the user with a selected voice biometrics record.
  • some embodiments include converting the voice sample into a speech-to-text phrase and comparing the speech-to-text phrase against a stored secret text phrase to verify that the speech-to-text phrase matches an answer to the silent security question.
  • a method for signing a transaction includes collecting a plurality of voice samples from a user during a transaction and converting each of the plurality of voice samples to a corresponding text file.
  • the method includes concatenating the plurality of voice samples into a single sound file, matching the single sound file with a text independent voice biometric record, and computing a signature of the transaction.
  • FIG. 1 is a diagram of a 3FID Personal Roaming System Architecture, according to some embodiments.
  • Fig. 2 illustrates an outline of schematic for printed circuit board: 3FID Personal Roaming Device, according to some embodiments.
  • Fig. 3 shows the State Transition Diagram for indicating presence of a 3FID user and also for automatically shutting off power when the user has completed transaction or when the user abandons transaction and becomes idle, according to some embodiments.
  • FIG. 4 is a detailed block diagram of the communication packet format used in a method for 3FID process, according to some embodiments.
  • Fig. 5 shows the process for administrator secret key initialization in order to make key invisible to a non-admin user, according to some embodiments.
  • Fig. 6 shows a process for enrolling a 3FID device by a user, according to some embodiments.
  • Fig. 7 is a method for digital voice signatures in a VICS gateway transaction record computation, and non-repudiation audit record, according to some embodiments.
  • Fig. 8 depicts the 3FID end user single click/touch procedure, according to some embodiments.
  • Fig. 9 is a method for enrolling a user with an IVCS server as disclosed herein including an implied security question.
  • Fig. 10 is a method for verifying a user identity in a transaction with an IVCS server as disclosed herein, including an implied security question.
  • some of the mobile devices used to access the private account may be provisory devices that are not registered with the private network server.
  • the user may attempt to access a private network account from a desktop computer, a laptop computer, or even an unsecure computer device, when no other option is available. It is desirable that the user has access to the private network account even under these circumstances.
  • embodiments disclosed herein provide a device that couples with the mobile user terminal when the mobile user terminal is used to access a private network account.
  • the device is configured to exchange information with a network server that verifies user identity, enabling the user to access the private network account
  • Embodiments as disclosed herein include a device having a memory circuit storing a unique identifier, a processor circuit, and a radio-frequency antenna configured to communicate with a mobile computer device.
  • the device includes a switch coupled to the antenna, the switch configured to provide one of a first state (e.g., IDENTIFY state) and a second state (e.g., AUTHENTICATE state) to the mobile computer device.
  • the processor circuit is configured to communicate with the mobile computer device via an application programming interface (API) installed in the mobile computer device, and provide commands causing the mobile computer device to transmit the unique identifier to a network server.
  • API application programming interface
  • a computer-implemented method to authenticate a user through a triple factor authentication in one step includes receiving, by a server, an access request sent to a network address of a resource server from a user using a user device, the access request comprising a unique record identifier.
  • the method may also include placing a call to the user device, receiving from the user a voice response to a generic prompt associated with an implied security question for the user, comparing the voice response of the user with a selected voice biometrics record; converting the voice response into a speech-to-text phrase, and comparing the speech-to-text phrase against a stored secret text phrase to verify that the speech-to-text phrase matches an answer to the implied security question.
  • the implied security question is one of a plurality of security questions stored in a memory of the server.
  • a method for signing a transaction includes collecting a plurality of voice samples comprising information elements from a user during a transaction, concatenating the plurality of voice samples into a single sound file; matching the single sound file with a text independent voice biometric record, and computing a signature of the transaction comprising the information elements, the single sound file, and a result of the matching of the single sound file with the text independent voice biometric record.
  • Fig. 1 is a diagram of a 3FID Personal Roaming System Architecture, according to some embodiments.
  • the system architecture may include a VICS gateway 300 communicating with a mobile user terminal 200 via a network 500.
  • Mobile user terminal 200 communicates with network 500 via a WiFi or cellular mobile link 700.
  • link 700 may include a 3G, a 4G, or an LTE network link.
  • the system architecture may include a 3FID personal roaming device 100 coupled to mobile user terminal 200 via a wireless link 600.
  • VICS Gateway 300 may be a server including a processor and a memory. The processor may be configured to execute commands stored in the memory such that VICS Gateway 300 performs steps described in methods consistent with the present disclosure.
  • mobile user terminal 200 may include a processor and a memory.
  • the memory in mobile user terminal 200 may store commands which, when executed by the processor in mobile user terminal 200, cause the mobile user terminal 200 to perform at least some steps as described in methods consistent with the present disclosure.
  • mobile user terminal 200 may in fact be a desktop computer device in a remote location, and link 700 may be an unsecure link to network 500.
  • 3FID device 100 may establish a secure identification and authentication link with VICS Gateway 300.
  • a network server hosting a private network account for the user if 3FID device 100 may transmit and receive information with the user through the secure channel established between VICS Gateway 300 and 3FID device 100, regardless of the specific capabilities of mobile user terminal 200 and network link 700.
  • a system as disclosed herein includes a 3FID device that communicates with VICS Gateway 300.
  • Complementing smartphones, tablet devices or laptop computers, which are expensive and susceptible to theft, Personal Roaming 3FID Device 100 may be a small, wearable or clip-on device which can be built to retail for less than $10. Its use for secure transactions by a user is tied to additional personal security and identification information stored on the VICS gateway.
  • 3FID device 100 essentially strengthens the security of an in-band Voice over Internet communications path between VICS gateway 400 and mobile user device 200.
  • VICS gateway 300 avoids the usual high roaming charges incurred by the user's cell phone service provider even when receiving a call.
  • 3 Factors in a Single Step call back authentication feature 400 includes communicating directly with a voice over Internet application on the Wi Fi interface of the mobile user device.
  • the mobile user with a 3FID device incurs zero cost when doing a highly secure 3 Factor in 1 Step authentication as part of a secure business transaction. These transactions can also be payment transactions where money is moved.
  • Embodiments of a 3FID system as disclosed herein enable highly secure transactions to be performed in a fast and low-cost manner, throughout the world, using a mobile computing device that the user is able to access.
  • a method for securely authenticated voice over Internet calls in combination with the 3FID Device and a function call application programming interface (API), is described. This allows any user with a mobile computing device to make and receive securely authenticated phone calls.
  • SIP secure session initiation protocol
  • a method of 3 factor authentication in 1 step, using the mechanism of a silent, or implied, security question, is described.
  • the present disclosure does away with a non-empty challenge message; effectively a phone, uniquely associated with a user, merely rings and the user just answers the ring, and speaks the answer to an implied security question, that is, a silent security question. This has the effect of a significant improvement to the security of the overall access control system.
  • a method for digital voice signatures for securing the integrity and non-repudiation of these transactions, using the VICS Gateway features of voice biometrics and voice-conveyed exact text secrets, as disclosed in US Patent Application Number US 13/076,261 titled "Integrated Voice Biometrics Cloud Security Gateway", is a part of this disclosure.
  • Voice is an optimal vehicle for non-repudiation because a number of human witnesses without any special training can listen to a voice playback and confirm that the audio recording of a voice is indeed spoken by a known person.
  • Voice can also convey information that can be computer verified against a database, unlike other forms of biometrics such as face-picture, finger-print or retina-scan.
  • a system of 3 Factor in One Step Identification/ Authentication for Personal Roaming "3FID System,” the system including any one of the following features:
  • a Voice Integrated Cloud Security Gateway augmented with a 3FID Server process, which authenticates and maintains the presence of an identity
  • a method for computing, recording and playback of digital voice signatures of transactions comprising:
  • Fig. 2 illustrates an outline of a schematic for printed circuit board including 3FID Personal Roaming Device 100, according to some embodiments.
  • this is a small form- factor, lightweight, low battery power device that is used as a wearable or clip-on element in a multi factor authentication system, such as the Integrated Voice Biometrics Cloud Security Gateway described in US Patent Application Number US 13/076,261 titled "Integrated Voice Biometrics Cloud Security Gateway", henceforth referred to as a VICS gateway in this document.
  • the device 100 in Fig 1 - henceforth referred to as the 3FID Device is depicted in greater detail in Fig 2.
  • it can be a plastic case containing a printed circuit board (PCB).
  • PCB printed circuit board
  • the PCB has a hardware "unique serial number" semiconductor chip 110 (cf. Maxim DS2401, data sheet for Silicon Serial Number integrated circuit chip) working in conjunction with a microcontroller 120 (e.g. Atmel 32 bit family).
  • 3FID device 100 may include a plurality of memory circuits, such as a NAND flash memory 130 and a DRAM memory 140.
  • a microcontroller 120 when powered, executes a continuously running computer program that communicates on a low power wireless channel such as Bluetooth - see channel 600 in Fig 1 - with a mobile user computing device 200.
  • microcontroller 120 may be configured to execute commands stored at least partially in any one of NAND flash 130 and DRAM memory 140.
  • microcontroller 120 may cause 3FID device to perform at least partially any one of the steps in methods as disclosed herein, upon execution of commands stored in NAND flash 130 and DRAM memory 140.
  • the communications channel could be provided by a Bluetooth chip 150 connected to a tiny antenna 160.
  • the user initiates an IDENTIFY/ AUTHENTICATE action before any secure transaction by consciously enabling the IDENTIFY switch 190.
  • power is always on, an example being devices where ambient light is sufficient to power the device.
  • the IDENTIFY switch being pressed results in encrypted or non-encrypted packet communications signals being to the VICS Gateway to indicate that the user is present, not absent, and can be reached.
  • the use of encryption is configurable by the user, but will be performed by default unless explicitly disabled.
  • the 3FID with IDENTIFY switch can also be used by the user to bypass a web authentication sequence in certain contexts, which is time consuming and involves many steps (launch browser, type, click or touch screen etc.). For instance, to authenticate with a phone service or other service provider, the user just needs to press the button, and it will initiate the 3 Factor in Single Step Callback authentication procedure - the user just has to use her voice to answer the call to complete the transaction.
  • the 3FID Agent Application 800 in Fig 1 when needed, transmits packets on its Wi-Fi or cellular channel 700 in order to communicate with the VICS Gateway, on behalf of the 3FID Device, as when the user wishes to perform a secure transaction or when the user wants to make her presence known to the VICS Gateway.
  • a 3FID device detect packet constructed using UDP/IP, is encapsulated by the 3FID Agent Application inside a standard HTTPS/TCP/IP packet.
  • Standard TLS/SSL/HTTPS see Request for Comments: RFC 5246, Aug 2008, Internet Engineering Task Force Transport Layer Security (TLS) Protocol Version 1.2
  • TLS/SSL/HTTPS see Request for Comments: RFC 5246, Aug 2008, Internet Engineering Task Force Transport Layer Security (TLS) Protocol Version 1.2
  • TLS/SSL/HTTPS see Request for Comments: RFC 5246, Aug 2008, Internet Engineering Task Force Transport Layer Security (TLS) Protocol Version 1.2
  • TLS/SSL/HTTPS see Request for Comments: RFC 5246, Aug 2008, Internet Engineering Task Force Transport Layer Security (TLS) Protocol Version 1.2
  • TLS/SSL/HTTPS see Request for Comments: RFC 5246, Aug 2008, Internet Engineering Task Force Transport Layer Security (TLS) Protocol Version 1.2
  • TLS/SSL/HTTPS see Request for Comments: RFC
  • a 3FID Device presence is securely made known to the VICS Gateway.
  • the method described here enables encryption and authentication between the 3FID Device and the 3FID Server with zero-configuration of keys and other complex information on the part of the end user.
  • the 3FID Server or the 3FID Device can initiate a communication by sending a date, a time and a random string, or a proper subset of any of these, in the clear. After this step, each side computes an identical secret key using the decentralized algorithm described here.
  • serial number chip In the case of the serial number chip, a globally unique and fixed (e.g. 64 bit or 128 bit in size, depends on the specific hardware chip, longer strings than 128 bits are also possible) number, or character string, is read from it into the microcontroller's computer program. It is then combined with a calendar date specifically picked in the natural course of the transaction, represented as a 32 bit number in hexadecimal characters. Example: the date 25 th Feb 1988 is represented as hex 25- 02-19-88, a 32 bit number. If the chip produces a 128 bit unique number, the combination with the 32 bit date produces a new and globally unique 160 bit number, which will be used as a secret key as described later.
  • a globally unique and fixed (e.g. 64 bit or 128 bit in size, depends on the specific hardware chip, longer strings than 128 bits are also possible) number, or character string is read from it into the microcontroller's computer program. It is then combined with a calendar date specifically picked in the natural course of the transaction, represented as
  • the combination can be based on any number of methods of combining two bit strings that produce a combined bit string whose length in bits is the sum of the lengths of the component bit strings. It is also done with the ability for both ends of a communication to calculate the same number independently and using the same mathematical algorithm. For example, the algorithm could be a well-defined permutation which can be reversed to produce the original components.
  • Important examples of dates that occur naturally in the course of transactions, and can be used in conjunction with the hardware serial number are, without limitation, (a) personal roaming 3FID device initialization or first time registration date, or (b) user reset date. On each of these events a new secret can be generated.
  • the hardware 64 bit code is stored and encrypted in a file on the VICS Gateway (300 in Fig 2), and it is associated with a user identity (e.g. name and address of a person, or a telephone number).
  • the date of register is stored on both the personal roaming device 100 and the VICS gateway 400.
  • a date and a time can also be used, for example the computer system time-stamp of an event during the transaction, which is typically also recorded as a natural part of performing the transaction.
  • an optional random string of some length can be used in addition to the date, to strengthen the security of the secret key.
  • the optional random string and date are stored in some permanent area of storage, as in the NAND Flash 130.
  • Multiple organizations may own and operate a 3FID roaming system.
  • a set of devices is assigned to an organization and a process of administrator initialization is performed. This could be performed by the administrator using a tablet or laptop computer 4000 (see Fig 5) having both a Bluetooth interface (for connecting to the new 3FID Device) and an Ethernet or USB interface (for connecting to the VICS Gateway at the same time).
  • the initialization date and the unique serial number and the initial shared secret key are then stored on this computer 4000, which will then be placed off-line and disconnected from any public network, for the complete security that the values of the hardware serial numbers cannot be stolen by Internet methods.
  • the initial secret key along with an administratively assigned 3FID Device Serial Number, is also written into a secure area of permanent storage on the VICS Gateway, along with the date of initialization.
  • the Admin Serial Number and the Date of Initialization are stored:
  • the VICS Gateway of US Patent Application Number US 13/076,261 titled “Integrated Voice Biometrics Cloud Security Gateway”, has a process for enrolling personal user identification/authentication information, such as:
  • Fig. 6 shows a process for administrator secret key initialization in order to make key invisible to a non-admin user, according to some embodiments. Steps in Fig. 6 may be performed at least partially by a processor executing commands stored in a memory, the processor and the memory included in a 3FID Device consistent with the present disclosure (e.g., 3 FID Device 100). In some embodiments, steps in Fig. 6 are performed at least partially by a processor and a memory included in a mobile user device as disclosed herein (e.g., mobile user device 200). Further, in some embodiments steps in Fig. 6 are performed at least partially by a processor and a memory included in a VICS Gateway server as disclosed herein (e.g., VICS Gateway 100).
  • a processor and a memory included in a VICS Gateway server as disclosed herein (e.g., VICS Gateway 100).
  • Embodiments consistent with the present disclosure may include a method having at least one, but not all, of the steps illustrated in Fig. 6. Furthermore, in some embodiments consistent with the present disclosure a method may include steps as illustrated in Fig. 6 but performed in a different order, or even overlapping in time.
  • the 3FID Agent Application on the mobile user terminal starts communicating with the 3FID Server, and it fetches the admin serial number and date of initialization from the 3FID Device and relays these information elements, securely and encrypted, to the 3FID Server.
  • the 3FID can retrieve the secret key from its database of initialized 3FID Devices.
  • the 3FID Server then sends an Enrolment MD5 Authentication Challenge to the 3FID Device, which then computes the correct MD5 response after reading the serial number chip. See 5060.
  • MD5 mechanisms are known to persons of ordinary skill in the art.
  • the VICS Gateway 3FID Server receives the correct MD5 response, it can inform the user that Enrolment was successful. Detect and Record Presence of a 3FID User at VICS Gateway
  • the VICS 3FID server may decide to disconnect or un-register a 3FID device.
  • the idle timer is a useful mechanism also for conserving power on the user mobile terminal and the 3FID device; when the timeout event occurs at the VICS Gateway 3FID server, a communications sequence takes place which ends with the power on the 3FID device turning off.
  • the VICS Gateway will implement a SIP/SDP and RTP direct i.e. end-to-end IP based voice call to the user mobile terminal, as part of its Single Step Call Back.
  • the user mobile terminal can optionally be required to get a dynamically computed authentication string to establish SIP/SDP communications - the usual packet sequence being
  • the method involves the 3FID server first computing a random string, and sending it encrypted to the 3FID device, right after presence was successfully registered.
  • the key or authentication string is dynamic because a new one is computed with each new presence event. It is computed automatically without user or administrator manual intervention.
  • the 3FID server and device can use the random string in combination with the shared secret key on the 3FID Device, to compute a new secret key or string.
  • This string can be delivered to the 3FID Agent (or any application running on the user mobile terminal) by a standard API function call and response: E.g. get_secure_auth_string() as in a C program routine.
  • the user mobile terminal when sending the SIP REGISTER packet to the VICS Gateway, can then use this new key or authentication string as part of the secure SIP authentication standardized process, which does include the MD5 standard.
  • This process if followed greatly increases the security of the system and prevents denial of service attacks in the form of a flood of phone calls being triggered by malicious Internet traffic targeting the VICS Gateway. Because no transition to SIP INVITE, SIP CALL ESTABLISHED can take place until a SIP REGISTER is successful, this 3FID hardware assisted method prevents the user's phone from even ringing in the case of a malicious Internet originated attack. And since it involves a push of a button, such highly secure phone calling is extremely easy to use, unlike software implemented methods, which tend to be complex.
  • the 3FID Agent when it receives any SIP REGISTER or SIP INVITE packet, can send an ACK with a SIP Authentication Required Parameter; the subsequent communication may make use of the correct authentication string computed at presence detection time. In this way and using the methods we outlined above, the 3FID Server will be allowed to make calls in to the 3FID Device.
  • Fig. 8 depicts the 3 FID end user single click/touch procedure, according to some embodiments. Steps in Fig. 8 may be performed at least partially by a processor executing commands stored in a memory, the processor and the memory included in a 3FID Device consistent with the present disclosure (e.g., 3 FID Device 100). In some embodiments, steps in Fig. 8 are performed at least partially by a processor and a memory included in a mobile user device as disclosed herein (e.g., mobile user device 200). Further, in some embodiments steps in Fig. 8 are performed at least partially by a processor and a memory included in a VICS Gateway server as disclosed herein (e.g., VICS Gateway 100).
  • Embodiments consistent with the present disclosure may include a method having at least one, but not all, of the steps illustrated in Fig. 8. Furthermore, in some embodiments consistent with the present disclosure a method may include steps as illustrated in Fig. 8 but performed in a different order, or even overlapping in time.
  • VICS Gateway intercepts login request as described
  • the callback method configured for the user is Secure SIP
  • the 3FID shared secret from the hardware chip is used to compute a dynamic authentication string, as described above for SIP communications.
  • a user with a valid 3FID Key can be called, and if no successful SIP Register completed, then this login attempt terminates unsuccessfully.
  • a successful SIP register allows the normal 3 factors in one step to proceed: (1) outbound call (2) voice biometric match (3) text secret in data base match with voice conveyed information.
  • the 3FID server will issue an authentication challenge with a random string, e.g. the MD5 method, to the 3FID Device thought to be associated with this claimed user, and using the shared secret key that is stored in the hardware chip.
  • the response is calculated by the 3FID device using the standard technique e.g. MD5, and relayed back to the 3FID server. This response should be correct, else the authentication attempt is blocked and declared a failure.
  • the outbound and unsecured SIP call i.e. a SIP INVITE, is allowed and triggered.
  • a phone number is pre-enrolled and associated with the claimed user in the VICS authentication database.
  • VICS Gateway intercepts login request as described
  • the 3FID server will issue an authentication challenge with a random string, e.g. the MD5 method, to the 3FID device thought to be associated with this claimed user, and using the shared secret key that is stored in the hardware chip.
  • the challenge message comprises an encrypted string that is de-codified by a secret key stored in the hardware chip in the roaming device. This is communicated using the methods i.e. UDP and HTTPS, described in Figs 1 and 4.
  • the response is calculated by the 3FID device using the standard technique e.g. MD5, and relayed back to the 3FID server. This response should be correct, else the authentication attempt is blocked and declared a failure.
  • the outbound call get allowed and triggered.
  • the user may be in possession of the phone number in order to answer the call and proceed further with authentication.
  • each user enrolls a text independent voice record/model
  • Fig. 7 is a method for digital voice signatures in a VICS Gateway transaction record computation, and non-repudiation audit record, according to some embodiments.
  • a digital voice signature the steps in Fig 7 are performed totally by a processor executing commands stored in memory, the processor and memory included in the VICS Gateway 100 that has been disclosed herein.
  • Steps in Fig. 7 may be performed at least partially by a processor executing commands stored in a memory, the processor and the memory included in a 3FID Device consistent with the present disclosure (e.g., 3 FID Device 100).
  • steps in Fig. 7 are performed at least partially by a processor and a memory included in a mobile user device as disclosed herein (e.g., mobile user device 200). Further, in some embodiments steps in Fig. 7 are performed at least partially by a processor and a memory included in a VICS Gateway server as disclosed herein (e.g., VICS Gateway 100). Embodiments consistent with the present disclosure may include a method having at least one, but not all, of the steps illustrated in Fig. 7. Furthermore, in some embodiments consistent with the present disclosure a method may include steps as illustrated in Fig. 7 but performed in a different order, or even overlapping in time.
  • steps 6000, 6010, 6020, 6030 and 6040 describe 3 processes: [0112] a. Computation of a digital voice signature [0113] b. Verification of a digital voice signature
  • the information elements include the payee, the payment amount, the payer bank and account number, etc.
  • each sentence in the letter is an associated information element.
  • a digital voice signature verification can be performed, as depicted below, by (a) collecting associated voice samples or files, for each information element
  • Info 1, Info 2, ... ., Info N these voice samples occurring naturally in the course of a transaction that requires voice confirmation, and possibly at different times during the transaction (b) converting any specific subset of information Info p,.., Info q that is required by policy from speech to text and storing both the original sound files and converted text data text(p), text(q) as part of the transaction record (c ), and concatenating the N files into a single sound file Y, then (d) doing an authentication verification of the computed file Y against text independent voice record X for the user - the last step producing a "signature accepted" or "signature rejected result.
  • the transaction then has a record - computed as shown in Fig 6 - 6030, and is allowed to proceed if the digital voice signature in 6020 as we have defined it, is correctly verified with a "signature accepted" result. Also, as shown in Step 6040 of Fig 6, a Non Repudiation Audit Trail Record associated with this specific transaction is created and stored in a database for possible future reference.
  • a predetermined length or duration of a sound file may be set to exceed a length that is sufficient to reach a desired value of a confidence level in the user authentication process. For example, in some embodiments it is desirable that the confidence level in the user authentication process be greater than 95%.
  • the confidence level in the user authentication process be greater than 99%, or 99.9%, or even 99.99%.
  • the time length or duration of the sound file may be adjusted accordingly, depending on the power and capabilities of the voice biometric verification engine used in the user authentication process, and the quality of the sound file itself.
  • the computer based and text independent voice verification procedure used in forming the digital voice signature can also be repeated at any time in the future, as part of audit trail verification with the same result every time. This is because a computer processing algorithm, which does not change, is used on the same set of files that were defined above in computing the digital voice signature, obtaining the same result every time, at authenticate time and at audit or court testimony time.
  • Voice is a convenient vehicle for non-repudiation, because a number of human witnesses without any special training can listen to a voice playback and confirm that the audio recording of a voice is indeed spoken by a known person. Voice can also convey information that can be computer verified against a data base, unlike other forms of biometrics such as face-picture, fingerprint or retina-scan.
  • Fig. 9 is a method 900 for enrolling a user with an IVCS server as disclosed herein including an implied (or 'silent') security question.
  • Method 900 may be performed by the IVCS server when the user enrolls in the service.
  • Step 902 includes receiving a user selection of a plurality of security questions to be stored in the server. Accordingly step 902 includes receiving from the user a list of N possible security questions, N being at least equal to 1.
  • Step 904 includes receiving a plurality of answers to each of the plurality of security questions, associating each answer in the plurality of answers to a question, and storing the plurality of answers in the server.
  • Step 906 includes receiving and storing in the server the spoken utterance from the user associated with each of the plurality of answers as sound files, for each answer. Accordingly, step 906 includes computing and storing this enrolled voice sample as an internal voice biometrics record, using any well-known text-dependent voice biometrics algorithm. If N security questions and answers were enrolled in the text data base, then N voice biometrics records that correspond to the answers may also be enrolled.
  • Step 908 includes receiving a selection from the user of one of the plurality of security questions as the implied security question. For example, if there are N security questions, the user may nominate one of them as the Implicit Security Question.
  • the IVCS system may select one question at random, or by some other method, out of N possible candidates, as the Implicit Security Question, and merely inform the user which one is designated as Implicit Security Question, so as to be prepared to answer correctly that particular question at verification time.
  • the end result of step 908 is that the IVCS system has an internal database record indicating which question out of N questions is the Implied Security Question.
  • Fig. 10 is a method 1000 for verifying a user identity in a transaction with an IVCS server as disclosed herein, including an implied security question.
  • Method 1000 is performed at verification time, when the user attempts to access the IVCS server to perform a transaction.
  • Step 1002 includes placing a call to the user terminal.
  • Step 1004 includes providing a prompt for the user to issue a spoken utterance corresponding to the answer to the implied question.
  • the VBVS sends a challenge message to user terminal and prompts user to respond to challenge by voice into user device microphone.
  • This prompt on the user device can be a stored voice playback, or a simple text prompt that alerts the human user at the device.
  • the prompt in step 1004 is simply an implied prompt including a single beep or a generic message such as "the system is ready to receive your answer.”
  • the callback mode includes NO challenge message to the user terminal, only a phone ring with optional beep, prompts user to respond, to the implied security question, by voice into user device microphone.
  • Step 1006 includes receiving the spoken utterance from the user associated with the answer to the implied security question.
  • Step 1008 includes verifying the spoken utterance according to a voice biometrics information.
  • step 1008 includes the IVCS gateway performing a 3FID process as disclosed herein.
  • step 1008 may include checking and verifying the user voice sample from the spoken utterance against stored voice biometrics information, and converting the user response using speech-to-text and compare resulting text phrase with stored secret text phrase.
  • the received user voice sample is checked and verified against the unique stored voice biometrics record that corresponds to the Implied Security Question.
  • the IVCS gateway converts the user response using speech-to-text and compares the resulting text phrase with the stored secret text phrase that corresponds to the answer to the Implied Security Question.
  • Step 1010 includes granting the user access to the IVCS server to perform the transaction when the verification is approved.

Abstract

L'invention concerne un procédé qui consiste à recevoir, par un serveur, une requête d'accès envoyée à une adresse de réseau d'un serveur de ressource par un utilisateur à l'aide d'un dispositif d'utilisateur, la requête d'accès comprenant un identificateur d'enregistrement unique. Le procédé consiste à passer un appel au dispositif d'utilisateur, à recevoir, de l'utilisateur, une réponse vocale à un message-guide associé à une question de sécurité implicite pour l'utilisateur, à comparer la réponse vocale de l'utilisateur à un enregistrement d'attribut biométrique de voix sélectionné, à convertir la réponse vocale en une expression parole-texte et à comparer l'expression parole-texte à une expression de texte secrète et stockée pour vérifier que l'expression parole-texte correspond à une réponse à la question de sécurité silencieuse. L'invention concerne également un procédé pour signer une transaction, comprenant la collecte d'une pluralité d'échantillons vocaux auprès d'un utilisateur pendant une transaction et la concaténation de la pluralité d'échantillons vocaux en un seul fichier son.
PCT/US2016/021011 2015-03-10 2016-03-04 Signature vocale numérique de transactions WO2016144806A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14/644,129 2015-03-10
US14/644,129 US9767807B2 (en) 2011-03-30 2015-03-10 Digital voice signature of transactions

Publications (2)

Publication Number Publication Date
WO2016144806A2 true WO2016144806A2 (fr) 2016-09-15
WO2016144806A3 WO2016144806A3 (fr) 2016-11-24

Family

ID=56879161

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2016/021011 WO2016144806A2 (fr) 2015-03-10 2016-03-04 Signature vocale numérique de transactions

Country Status (1)

Country Link
WO (1) WO2016144806A2 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108074310A (zh) * 2017-12-21 2018-05-25 广东汇泰龙科技有限公司 基于语音识别模块的语音交互方法及智能锁管理系统
CN108713348A (zh) * 2018-06-05 2018-10-26 北京小米移动软件有限公司 信息上报方法、装置、终端及存储介质
US10791222B2 (en) 2018-06-21 2020-09-29 Wells Fargo Bank, N.A. Voice captcha and real-time monitoring for contact centers

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7676439B2 (en) * 2001-06-18 2010-03-09 Daon Holdings Limited Electronic data vault providing biometrically protected electronic signatures
KR100418113B1 (ko) * 2001-09-07 2004-02-11 주식회사 엠보이스텔레소프트 음성인식을 이용한 별정통신 시스템 및 그를 이용한별정통신 서비스 제공방법
US8255223B2 (en) * 2004-12-03 2012-08-28 Microsoft Corporation User authentication by combining speaker verification and reverse turing test
US8095368B2 (en) * 2008-12-04 2012-01-10 At&T Intellectual Property I, L.P. System and method for voice authentication over a computer network
US9412381B2 (en) * 2010-03-30 2016-08-09 Ack3 Bionetics Private Ltd. Integrated voice biometrics cloud security gateway

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108074310A (zh) * 2017-12-21 2018-05-25 广东汇泰龙科技有限公司 基于语音识别模块的语音交互方法及智能锁管理系统
CN108074310B (zh) * 2017-12-21 2021-06-11 广东汇泰龙科技股份有限公司 基于语音识别模块的语音交互方法及智能锁管理系统
CN108713348A (zh) * 2018-06-05 2018-10-26 北京小米移动软件有限公司 信息上报方法、装置、终端及存储介质
WO2019232698A1 (fr) * 2018-06-05 2019-12-12 北京小米移动软件有限公司 Procédé de signalement d'informations, appareil, terminal, et support d'informations
CN108713348B (zh) * 2018-06-05 2022-07-08 北京小米移动软件有限公司 信息上报方法、装置、终端及存储介质
US11438950B2 (en) 2018-06-05 2022-09-06 Beijing Xiaomi Mobile Software Co, . Ltd. Reporting of information regarding denial of connection request
US10791222B2 (en) 2018-06-21 2020-09-29 Wells Fargo Bank, N.A. Voice captcha and real-time monitoring for contact centers
US11445065B1 (en) 2018-06-21 2022-09-13 Wells Fargo Bank, N.A. Voice captcha and real-time monitoring for contact centers

Also Published As

Publication number Publication date
WO2016144806A3 (fr) 2016-11-24

Similar Documents

Publication Publication Date Title
US9767807B2 (en) Digital voice signature of transactions
US10764043B2 (en) Identity and content authentication for phone calls
US8396711B2 (en) Voice authentication system and method
CN101051908B (zh) 动态密码认证系统及方法
US9412381B2 (en) Integrated voice biometrics cloud security gateway
US8385888B2 (en) Authentication of mobile devices over voice channels
US20070220275A1 (en) WEB AUTHORIZATION BY AUTOMATED INTERACTIVE PHONE OR VoIP SESSION
JP5739008B2 (ja) 通信セッションを検証する方法、装置、およびシステム
US10425407B2 (en) Secure transaction and access using insecure device
US8904489B2 (en) Client identification system using video conferencing technology
CN109325342A (zh) 身份信息管理方法、装置、计算机设备和存储介质
KR20140005306A (ko) 모바일 디바이스에 대한 계속적 음성 인증
US20190068594A1 (en) End-To-End Realtime Telephony Authentication Using Biometrics And Cryptography
US20180151182A1 (en) System and method for multi-factor authentication using voice biometric verification
US9882719B2 (en) Methods and systems for multi-factor authentication
EP2334111A1 (fr) Authentification de dispositifs mobiles sur des canaux vocaux
US20150067808A1 (en) Client Identification System Using Video Conferencing Technology
CN104065648B (zh) 一种语音通话的数据处理方法
US8635454B2 (en) Authentication systems and methods using a packet telephony device
WO2016144806A2 (fr) Signature vocale numérique de transactions
US20220030435A1 (en) Techniques for call authentication
KR101243101B1 (ko) 스마트폰에서 음성정보를 이용한 일회용 패스워드 기반 사용자 인증 시스템
US9686270B2 (en) Authentication systems and methods using a packet telephony device
Pampori et al. Securely eradicating cellular dependency for e-banking applications
KR101310043B1 (ko) 스마트폰에서 음성정보를 이용한 일회용 패스워드 기반 사용자 인증 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16762249

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 18/12/2017)

122 Ep: pct application non-entry in european phase

Ref document number: 16762249

Country of ref document: EP

Kind code of ref document: A2