USING AUDIO IN N-FACTOR AUTHENTICATION

US 20080141353A1
Filed: 12/08/2006
Published: 06/12/2008
Est. Priority Date: 12/08/2006
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating an access request for restricted content, the method comprising:

receiving a login request from a user over a network;

generating a passphrase for the user;

converting the passphrase to a voice message using a voice that was previously selected by the user;

transmitting voice message to a voice message address, the voice message including the passphrase; and

receiving the passphrase from the user over the networkgranting the login request if an input passphrase received from the user matches the generated passphrase.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A multi-factor authentication solution implements a recognizable voice in conjunction with a user address to increase login security and reduce user inconvenience. A user creates an online account, providing an address such as a telephone number or email address to which voice messages may be sent. The user selects a recognizable voice such as the user'"'"'s own voice or the voice of a famous or well-known figure. When the user attempts to login to the online account, a random passphrase is generated and converted to a voice message employing the user'"'"'s pre-selected voice and the voice message is sent to the user'"'"'s address. The user listens to the voice message and if the user recognizes the voice rendering the passphrase the user'"'"'s login request is granted.

108 Citations

26 Claims

1. A method of authenticating an access request for restricted content, the method comprising:
- receiving a login request from a user over a network;
  
  generating a passphrase for the user;
  
  converting the passphrase to a voice message using a voice that was previously selected by the user;
  
  transmitting voice message to a voice message address, the voice message including the passphrase; and
  
  receiving the passphrase from the user over the networkgranting the login request if an input passphrase received from the user matches the generated passphrase.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising storing a user profile associated with a user, the user profile comprising a username and the voice message address.
  - 3. The method of claim 2, further comprising storing the user'"'"'s selection of the voice in the user profile.
  - 4. The method of claim 1, wherein the pre-selected voice comprises one or more of a user'"'"'s voice, a voice of somebody known personally by the user, a famous voice, or a recognizable voice.
  - 5. The method of claim 1, further comprising recording the voice.
  - 6. The method of claim 1, wherein granting the login request further comprises granting access to restricted content.
  - 7. The method of claim 6, wherein the restricted content comprises one or more of a user'"'"'s name, social security number, date of birth, driver license number, credit card account number, bank account number, or account information.
  - 8. The method of claim 1, further comprising denying the login request if the input passphrase does not match the generated passphrase.
  - 9. The method of claim 1, wherein the voice message address comprises one or more of an email address, a telephone number and a pager number.
  - 10. The method of claim 1, wherein the passphrase is a single use passphrase

11. A method for using audio in multi-factor authentication, the method comprising:
- receiving input from a user selecting a voice, wherein the voice is used during subsequent login requests by the user for authentication;
  
  sending a username provided by a user to a website for entry in a login request;
  
  receiving a voice message at a device, the voice message generated in response to the username and including a passphrase;
  
  rendering the voice message to the user such that the user can determine the passphrase and ascertain that the voice of the voice message is the same as the voice previously selected by the user; and
  
  receiving the passphrase from the user, wherein the passphrase is used in the login request to gain access to restricted content on the website.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The method of claim 11, wherein the voice comprises one or more of the user'"'"'s voice, the voice of somebody known personally by the user, a famous voice, or a recognizable voice.
  - 13. The method of claim 12, further comprising the user or somebody known personally by the user reciting aloud a set of alphanumeric characters to record the voice.
  - 14. The method of claim 11, wherein receiving a voice message at a device comprises one or more of:
    - receiving a voice message directly on a communication device, the voice message comprising the voice message;
      
      receiving an email message including an attachment comprising the voice message;
      
      receiving an email message comprising a link to the voice message;
      
      receiving a short message service message comprising instructions to call an interactive voice response server to retrieve the voice message;
      
      orreceiving a page comprising instructions to call a telephone number to retrieve the voice message.
  - 15. The method of claim 11, wherein rendering the voice message to the user comprises one or more of:
    - using a mobile phone, personal digital assistant, or smartphone connected to a cellular communication network to access the voice message; and
      
      using a mobile phone, personal digital assistant, smartphone, laptop computer or personal computer connected to a packet-switched data network to access the voice message.
  - 16. The method of claim 11, wherein the passphrase comprises one or more alphanumeric characters.
  - 17. The method of claim 11, wherein the restricted content comprises one or more of a user'"'"'s name, social security number, date of birth, driver license number, credit card account number and bank account number.
  - 18. The method of claim 11, wherein the passphrase is a single use passphrase.

19. A system for authenticating a user requesting access to electronic data, the system comprising:
- a user database for storing information about a plurality of users, the information including registration information;
  
  a voice database from which the users select a voice that is used in a multi-factor authentication process;
  
  a password generator for generating random or pseudo random passphrases in response to a login request received from a user; and
  
  a text-to-voice engine for converting passphrases into passphrase voice messages that are transmitted to the user, wherein the user completes a login request by entering the passphrase into the login request.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
- - 20. The system of claim 19, further comprising a server communicably connected to one or more communication devices and one or more computing devices, wherein a user accesses electronic data over a computing device and receives the passphrase voice messages over a communication device.
  - 21. The system of claim 19, further comprising at least one of a wireless communication network and a packet-witched data network.
  - 22. The system of claim 19, wherein the passphrases comprise one or more alphanumeric characters.
  - 23. The system of claim 19, further comprising restricted content to which one or more users desire access.
  - 24. The system of claim 23, wherein the restricted content comprises one or more of a user'"'"'s name, social security number, driver'"'"'s license number, credit card account number and bank account number.
  - 25. The system of claim 19, wherein the registration information about a plurality of users comprises a username associated with each user, a voice message address associated with each user and identification of a voice selected by each user.
  - 26. The system of claim 19, further comprising a voice capture engine for recording new voices when the voice selected by a user is to be recorded.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Smith Micro Software Incorporated
Original Assignee
Core Mobility (Smith Micro Software Incorporated)
Inventors
Brown, Gerry A.

Granted Patent

US 8,151,326 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/7
CPC Class Codes

G06F 21/42   using separate channels for...

G10L 13/00   Speech synthesis; Text to s...

H04L 63/0853   using an additional device,...

H04L 63/18   using different networks or...

H04M 3/53316   Messaging centre selected b...

H04M 7/0024   Services and arrangements w...

USING AUDIO IN N-FACTOR AUTHENTICATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

108 Citations

26 Claims

Specification

Use Cases

Quick Links

Others

USING AUDIO IN N-FACTOR AUTHENTICATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

108 Citations

26 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others