Digital voice signature of transactions

US 9,767,807 B2
Filed: 03/10/2015
Issued: 09/19/2017
Est. Priority Date: 03/30/2011
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method performed in a server comprising:

receiving, by a server, an access request sent to a network address of a resource server from a user using a user device, the access request comprising a unique record identifier, wherein the unique record identifier is transmitted to the user device by a roaming device, is recognizable by the server, the unique record identifier being encrypted between the server and the roaming device to be opaque to the user device;

establishing a secure communication between the user device and the server when the unique record identifier is recognized by the server;

placing a call to the user device using the secure communication;

receiving from the user a voice response to a generic prompt associated with an implied security question for the user, wherein the implied security question is one of a plurality of security questions stored in a memory of the server;

verifying that the voice response of the user matches a selected voice biometrics record;

converting the voice response into a speech-to-text phrase; and

comparing the speech-to-text phrase against a stored secret text phrase to verify that the speech-to-text phrase matches an answer to the implied security question.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method that includes receiving, by a server, an access request sent to a network address of a resource server from a user using a user device, the access request comprising a unique record identifier is provided. The method includes placing a call to the user device, receiving from the user a voice response to a prompt associated with an implied security question for the user, comparing the voice response of the user with a selected voice biometrics record, converting the voice response into a speech-to-text phrase, and comparing the speech-to-text phrase against a stored secret text phrase to verify that the speech-to-text phrase matches an answer to the silent security question. A method for signing a transaction, including collecting a plurality of voice samples from a user during a transaction and concatenating the plurality of voice samples into a single sound file is also provided.

119 Citations

13 Claims

1. A computer-implemented method performed in a server comprising:
- receiving, by a server, an access request sent to a network address of a resource server from a user using a user device, the access request comprising a unique record identifier, wherein the unique record identifier is transmitted to the user device by a roaming device, is recognizable by the server, the unique record identifier being encrypted between the server and the roaming device to be opaque to the user device;
  
  establishing a secure communication between the user device and the server when the unique record identifier is recognized by the server;
  
  placing a call to the user device using the secure communication;
  
  receiving from the user a voice response to a generic prompt associated with an implied security question for the user, wherein the implied security question is one of a plurality of security questions stored in a memory of the server;
  
  verifying that the voice response of the user matches a selected voice biometrics record;
  
  converting the voice response into a speech-to-text phrase; and
  
  comparing the speech-to-text phrase against a stored secret text phrase to verify that the speech-to-text phrase matches an answer to the implied security question.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The computer-implemented method of claim 1, wherein the memory of the server stores at least one sound file and one text file with an answer to each of the plurality of security questions.
  - 3. The computer-implemented method of claim 1, further comprising granting an access to the server to perform a transaction when at least one of the selected voice biometrics record or the stored secret text phrase match the voice response received from the user.
  - 4. The computer-implemented method of claim 1, further comprising providing a challenge message to the user through the secure communication with the user device and to determine at least one of an identity of the user or an authentication of a user transaction based on a response to the challenge message received from the user through the secure communication with the user device.
  - 5. The computer-implemented method of claim 4, wherein establishing a secure communication protocol with the user device comprises de-codifying an encrypted string that includes the unique record identifier.
  - 6. The computer-implemented method of claim 5, wherein establishing a secure communication protocol with the user device comprises dynamically computing an authentication string for the user device.
  - 7. The computer-implemented method of claim 1, further comprising detecting whether a switch in the roaming device is set into an identification state or into an authentication state, and issuing an authentication challenge for the user when the switch in the roaming device is in the authentication state, the authentication challenge comprising the unique record identifier.
  - 8. The computer-implemented method of claim 1, further comprising disabling the secure communication when detecting, by the server, one of a security breach or a pre-determined time-out without activity from the roaming device.
  - 9. The computer-implemented method of claim 1, wherein comparing the voice response of the user with a selected voice biometrics record comprises comparing the voice response of the user with a selected voice biometrics record having a length greater than a predetermined time period.
  - 10. The computer-implemented method of claim 1, further comprising validating the voice response of the user when a confidence level of a comparison with the selected voice biometrics record is greater than 99%.
  - 11. The computer-implemented method of claim 1, further comprising storing a sound file with a user utterance and a text file from the user utterance as a non-repudiation document for a transaction.

12. A system comprising:
- a network interface circuit configured to couple with a user device through a network;
  
  a memory configured to store data and a plurality of commands, the data comprising an implied security question to a user of the user device and a response to the implied security question, wherein the implied security question is one of a plurality of security questions stored in the memory;
  
  a processor configured to execute the plurality of commands and cause the system to;
  
  receive from the user device a request to access a service, the request comprising a unique record identifier that is transmitted to the user device by a roaming device that is recognizable by the processor, the unique record identifier being encrypted between the server and the roaming device to be opaque to the user device;
  
  establish a secure communication protocol with the user device when the unique record identifier is recognized by the system;
  
  place a call to the user device within the secure communication protocol;
  
  prompt the user to provide a voice response to the implied security question;
  
  verify that the voice response matches a selected voice biometric record;
  
  convert the voice response into a speech-to-text phrase; and
  
  compare the speech-to-text phrase against a stored secret text phrase to verify that the speech-to-text phrase matches the response to the implied security question.

13. A non-transitory, computer readable medium storing instructions which when executed by a processor in a server, cause the server to perform a method comprising:
- receiving, by a server, an access request sent to a network address of a resource server from a user using a user device, the access request comprising a unique record identifier, wherein the unique record identifier is transmitted to the user device by a roaming device, is recognizable by the server, the unique record identifier being encrypted between the server and the roaming device to be opaque to the user device;
  
  establishing a secure communication protocol between the user device and the server when the unique record identifier is recognized by the server;
  
  placing a call to the user device using the secure communication protocol;
  
  receiving from the user a voice response to a generic prompt associated with an implied security question for the user, wherein the implied security question is one of a plurality of security questions stored in a memory of the server;
  
  verifying that the voice response of the user matches a selected voice biometrics record;
  
  converting the voice response into a speech-to-text phrase; and
  
  comparing the speech-to-text phrase against a stored secret text phrase to verify that the speech-to-text phrase matches an answer to the implied security question.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ack3 Bionetics Pte Limited
Original Assignee
Ack3 Bionetics Pte Limited
Inventors
Bhaskaran, Sajit
Primary Examiner(s)
Sirjani, Fariba

Application Number

US14/644,129
Publication Number

US 20150187359A1
Time in Patent Office

924 Days
Field of Search

None
US Class Current
CPC Class Codes

G07C 9/25   using biometric data, e.g. ...

G10L 15/26   Speech to text systems G10L...

G10L 17/04   Training, enrolment or mode...

G10L 17/08   Use of distortion metrics o...

G10L 17/24   the user being prompted to ...

Digital voice signature of transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

119 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Digital voice signature of transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

119 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links