Techniques for voice-based user authentication for mobile access to network services
First Claim
1. A method of granting access on a first network providing a network service to a user of a mobile device including a microphone, the method comprising the computer-implemented steps of:
- determining a first identification uniquely associated with a registered user having a registered voiceprint that matches a voiceprint of the user;
determining a second identification uniquely associated with the mobile device;
determining whether to grant access based on the first identification and the second identification; and
if it is determined to grant access, granting access on the first network to the mobile device;
wherein determining the first identification further comprises receiving first data indicating the first identification from a first process executing on a network infrastructure element in the first network, wherein the first process derives the voiceprint of the user from second data indicating a spoken message generated at the microphone of the mobile device.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for granting access on a network having a network service to a user of a mobile device having a microphone includes determining a first identification uniquely associated with a registered user having a registered voiceprint that matches a voiceprint of the user of the mobile device. A second identification uniquely associated with the mobile device is also determined. It is then determined whether to grant access based on the first identification and the second identification. If it is determined to grant access, access is granted on the network to the user. Various aspects of the invention allow a user to be authenticated separately of the mobile device by the voice of the user, and granted access to a network service based on both the user'"'"'s identity and the identity of the mobile device. Both the user'"'"'s voice and the device identity are provided using the current capabilities of wireless telephones. Obtaining the first identification and second identification within a specified time interval makes confidently practical the technique of verifying that a certain user controls a certain mobile device, and then allowing access by that device to protected services.
229 Citations
67 Claims
-
1. A method of granting access on a first network providing a network service to a user of a mobile device including a microphone, the method comprising the computer-implemented steps of:
-
determining a first identification uniquely associated with a registered user having a registered voiceprint that matches a voiceprint of the user; determining a second identification uniquely associated with the mobile device; determining whether to grant access based on the first identification and the second identification; and if it is determined to grant access, granting access on the first network to the mobile device; wherein determining the first identification further comprises receiving first data indicating the first identification from a first process executing on a network infrastructure element in the first network, wherein the first process derives the voiceprint of the user from second data indicating a spoken message generated at the microphone of the mobile device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A method of obtaining access on a network having a network service by a user of a mobile device including a microphone, the method comprising the steps of:
-
establishing a connection between the mobile device and the network that forwards the user'"'"'s voice to a first process associated with the network service; speaking into the mobile device to provide a voiceprint of the user in the first process; sending data from the mobile device indicating a unique identification for the mobile device to a second process associated with the network service; and obtaining access on the network only if a registered user associated with the voiceprint by the first process is also associated with the unique identification in a data structure stored on the network. - View Dependent Claims (19, 20, 21)
-
-
22. A method of granting access on a first network having a network service to a user of a mobile device including a microphone, the method comprising the computer-implemented steps of:
-
receiving first data generated at the microphone of the mobile device; deriving a first voiceprint from the first data; determining whether to send second data indicating the user is a registered user to a first process on the network based at least in part on the first voiceprint; and if it is determined to send the second data, sending the second data to the first process for determining whether to authorize the user for access on the first network; wherein the steps are performed by one or more processes executing on a network infrastructure element in the first network. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A computer-readable medium carrying one or more sequences of instructions for granting access on a network having a network service to a user of a mobile device including a microphone, which instructions, when executed by one or more processors, cause the one or more processors to carry out the steps of:
-
determining a first identification uniquely associated with a registered user having a registered voiceprint that matches a voiceprint of the user; determining a second identification uniquely associated with the mobile device; determining whether to grant access based on the first identification and the second identification; and if it is determined to grant access, granting access on the first network to the user; wherein of determining the first identification further comprises receiving first data indicating the first identification from a first process executing on a network infrastructure element in the first network, wherein the first process derives the voiceprint of the user from second data indicating a spoken message generated at the microphone of the mobile device.
-
-
34. An apparatus for granting access on a first network having a network service to a user of a mobile device including a microphone, comprising:
-
means for determining a first identification uniquely associated with a registered user having a registered voiceprint that matches a voiceprint of the user; means for determining a second identification uniquely associated with the mobile device; means for determining whether to grant access based on the first identification and the second identification; and means for granting access on the first network to the user if it is determined to grant access; wherein said means for determining the first identification further comprises means for receiving first data indicating the first identification from a first process executing on a network infrastructure element in the first network, wherein the first process comprises means for deriving the voiceprint of the user from second data indicating a spoken message generated at the microphone of the mobile device. - View Dependent Claims (35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
-
-
51. A system for granting access on a first network to a user, comprising:
-
a mobile device including a microphone employed by the user for communicating with a public network; a network device that is coupled to the first network and the public network for limiting access to the first network; one or more processors connected to the first network; one or more stored sequences of instructions which, when executed by the one or more processors, cause the one or more processors to carry out the steps of; determining a first identification uniquely associated with a registered user having a registered voiceprint that matches a voiceprint of the user; determining a second identification uniquely associated with the mobile device; determining whether to grant access based on the first identification and the second identification; and if it is determined to grant access, causing the network device to grant access to the user for the first network; wherein determining the first identification further comprises receiving first data indicating the first identification from a first process executing on a network infrastructure element in the first network, wherein the first process derives the voiceprint of the user from second data indicating a spoken message generated at the microphone of the mobile device. - View Dependent Claims (52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67)
-
Specification