Biometric-based system and method for enabling authentication of electronic messages sent over a network
First Claim
1. A system for enhancing data and user authentication using biometric means, comprising:
- i. at least one network enabled client device for sending data to a network;
ii. at least one biometric data input mechanism on said client device for capturing biometric data; and
iii. an authentication server for enabling remote real time data and user authentication at said authentication server side and at said client device side.
1 Assignment
0 Petitions
Accused Products
Abstract
A network based mechanism for real time verification and authentication of data and user identities. The present invention enables a method whereby biometric elements, such as voice prints, are utilized to enhance the Public Key Infrastructure as a means to decrypt data and verify data authenticity, such that the user'"'"'s private key is authenticated remotely on a one-time basis. The present invention comprises an authentication server (25) with various software modules that enable authentication of user identity, secure user access to data, digital signatures, secure messaging and secure online transactions.
-
Citations
41 Claims
-
1. A system for enhancing data and user authentication using biometric means, comprising:
-
i. at least one network enabled client device for sending data to a network;
ii. at least one biometric data input mechanism on said client device for capturing biometric data; and
iii. an authentication server for enabling remote real time data and user authentication at said authentication server side and at said client device side. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for enhancing data and user authentication using a biometric mechanism, comprising the steps of:
-
i. enabling secure biometric remote registration by at least one user; and
ii. authenticating user identity, by an authentication server, by means of a secure data access procedure. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A method for digital signature verification by a message sender, comprising the steps of:
-
a. voice signing a message for sending to a network, wherein the message sender executes a Voice Authentication session;
b. connecting a Request number from said session to the message sender'"'"'s PCID, PIN and Voice print;
c. receiving said Request number as a number identifying a present signing session, by the message sender, using a Digital Signature module;
d. sending said request number as a token to the message sender, to initiate a signing session;
e. executing private key sealing and public key unsealing of a Hash Digest, by the message sender;
f. using a one-time private key to digitally sign and seal said Hash Digest, by the message sender;
g. sending a public key to an authentication server, by the message sender; and
h. computing a session encryption key out of an authenticated signer'"'"'s voice print password, encrypting and decrypting a whole document envelope. - View Dependent Claims (32)
-
-
33. A method for authenticating user identity of a remote user in real time, comprising the steps of:
-
i. authenticating a user in real time;
ii. creating a roaming diskette for said user; and
iii. performing authentication actions in real time on any compatible computing device, using said diskette.
-
-
34. A method for enabling an authenticated user to access data securely, comprising the steps of:
-
i. providing a memory unit for storing information, said information including a stored voice print and an identity of each of a plurality of individuals, said stored voice print of each of said plurality of individuals being generated from corresponding voice data thereof;
ii. collecting information provided by a user, said information being for verifying that said user is identified as a specific individual among said plurality of individuals;
iii. processing temporary voice data collected from said user into a temporary voice print;
iv. comparing said temporary voice print with said stored voice print of each of at least a portion of said plurality of individuals including said specific individual; and
v. granting said user one-time access to content, only if said temporary voice print is similar to said stored voice print of said specific individual.
-
-
35. A method for enabling verification of a digital signature in real time, comprising the steps of.
i. entering the filename of the document to be signed; -
ii. requesting of a user to enter said user PIN number and to say prompted number combinations;
iii. obtaining an envelope for said document, such that said envelop facilitates hashing of said document;
iv. sending encrypted document; and
v. combining said encrypted hash and said voice print to become said user'"'"'s digital signature of a message.
-
-
36. A method for enabling secure messaging by biometric means, comprising the steps of:
-
i. authenticating a voice sample of a message receiver in real time;
ii. one-time matching of recipient personal information with information specified by said sender; and
iii. opening said message.
-
-
37. A method for enabling the execution of secure network-based transactions, using existing Clearing-House Infrastructure, comprising the steps of:
-
i. entering a biometric sample into an input mechanism, such that said sample is digitized and sent to an authentication server;
ii. if said sample matches pre-registered sample, executing a one-time authentication of a user identity;
iii. encrypting said sample to form a biometric key, such that said biometric key is prepared in a format accepted by Credit Card companies;
iv. inserting said biometric key into purchase form on a merchant site, and submitting form for authorization;
v. receiving said purchase form by a merchant, and processing transaction;
vi. sending said transaction to a card issuer, by said merchant, in order to receive clearance;
vii. matching said biometric key from said merchant and said user;
viii. charging said transaction to a real credit card number of said user. - View Dependent Claims (38)
-
-
39. A method for enabling secure access to network based data, said secure access being achieved without the need to incorporate application specific software or hardware, comprising the steps of:
-
i. submitting a phone number in a relevant Web page, using a network enabled computing device, by a user;
ii. calling said user on said phone number, and requesting said user to perform a voice authentication procedure;
iii. if the authentication is successful, receiving a one-time password, by said user, said password being delivered by the means selected from the group consisting of voice or SMS. iv. entering said one-time password in a Web page;
v. accessing the network based data, from said network enabled computing device.
-
-
40. A system for enhancing the PKI security infrastructure, comprising:
-
i. a client-server architecture; and
ii. a public key and private key pair, said pair being certified in real-time for each transaction, said PKI security infrastructure including a biometric authentication procedure.
-
-
41. A method for enhancing the PKI data security infrastructure, comprising the steps of:
-
i. encrypting a message using a symmetric key, such that said symmetric key can be used to decrypt said message;
ii. encrypting said message and said symmetric key using a recipients public key, in order for a sender to identify a recipient, such that said encryption is the asymmetric pair of said private key of said recipient;
iii. digitally signing said message using said sender'"'"'s private key, such that said private key is the asymmetric pair of said public key of said sender;
iv. certifying sender'"'"'s private/public key pair in real-time, for each time said sender remotely authenticates said sender'"'"'s identity, using biometric means. v. acknowledging said digital signature of a sender of a message, using said sender'"'"'s public key, by said receiver;
vi. decrypting said message and a symmetric key; and
vii. decrypting original message with said symmetric key.
-
Specification