System and method using personal identification numbers and associated prompts for controlling unauthorized use of a security device and unauthorized access to a resource

US 5,745,555 A
Filed: 06/07/1996
Issued: 04/28/1998
Est. Priority Date: 08/05/1994
Status: Expired due to Term

First Claim

Patent Images

1. A security method for controlling unauthorized access to a resource, comprising the steps of:

requesting an authorized user of a security device to select a set of N PINs and N distinct phrases, each one of the N distinct phrases including at least one word, each one of the N distinct phrases being associated with a corresponding one of the N PINs for identifying the corresponding one of the N PINs and for acting as a prompt to remind the authorized user of the corresponding one of the N PINs, wherein N is a positive integer;

storing in the security device the N PINs and the associated N distinct phrases;

transmitting an encoded signal from the security device to a verification service, the encoded signal representing the N PINs and the associated N distinct phrases;

receiving the encoded signal from the security device at the verification service;

decoding the encoded signal at the verification service to obtain the N PINs and the associated N distinct phrases;

selecting, by the verification service, a first one of the N PINs;

prompting, by the verification service, a current user of the security device for a first time using the one of the N distinct phrases associated with the first selected one of the N PINs as a first prompt;

receiving at the verification service a first response to the first prompt from the current user;

determining at the verification service, as a function of the first response, whether the current user of the security device is the authorized user, wherein the step of determining includes the step of comparing the first response to the first selected one of the N PINs to determine if there is a match; and

granting, to the current user by the verification service, access to a resource if it is determined that the current user of the security device is the authorized user.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method using personal identification numbers and associated prompts for controlling unauthorized use of a security device and unauthorized access to a resource. The method includes requesting an authorized user of a security device to select a set of N PINs and N distinct phrases, each one of the N distinct phrases being associated with a corresponding one of the N PINs for acting as a prompt to remind the user of the corresponding one of the N PINs. A current user of the security device is prompted using one of the N distinct phrases and the user'"'"'s response to the prompt is compared to the associated PIN to determine whether the current user of the security device is the authorized user. The current user is granted access to the resource or is granted use of the security device if it is determined that the current user of the security device is the authorized user.

436 Citations

13 Claims

1. A security method for controlling unauthorized access to a resource, comprising the steps of:
- requesting an authorized user of a security device to select a set of N PINs and N distinct phrases, each one of the N distinct phrases including at least one word, each one of the N distinct phrases being associated with a corresponding one of the N PINs for identifying the corresponding one of the N PINs and for acting as a prompt to remind the authorized user of the corresponding one of the N PINs, wherein N is a positive integer;
  
  storing in the security device the N PINs and the associated N distinct phrases;
  
  transmitting an encoded signal from the security device to a verification service, the encoded signal representing the N PINs and the associated N distinct phrases;
  
  receiving the encoded signal from the security device at the verification service;
  
  decoding the encoded signal at the verification service to obtain the N PINs and the associated N distinct phrases;
  
  selecting, by the verification service, a first one of the N PINs;
  
  prompting, by the verification service, a current user of the security device for a first time using the one of the N distinct phrases associated with the first selected one of the N PINs as a first prompt;
  
  receiving at the verification service a first response to the first prompt from the current user;
  
  determining at the verification service, as a function of the first response, whether the current user of the security device is the authorized user, wherein the step of determining includes the step of comparing the first response to the first selected one of the N PINs to determine if there is a match; and
  
  granting, to the current user by the verification service, access to a resource if it is determined that the current user of the security device is the authorized user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the step of selecting a first one of the N PINs further includes the steps of:
    - generating a number using a number generator, wherein the number generator is selected from the group consisting of a pseudo random number generator, a random number generator and an incrementing register; and
      
      selecting, as a function of the generated number, the first one of the N PINs.
  - 3. The method of claim 1, wherein the step of prompting the current user of the security device for a first time includes the step of providing an audio prompt to the current user, the audio prompt representing the one of the N distinct phrases associated with the first selected one of the N PINs.
  - 4. The method of claim 1, wherein the step of receiving a first response includes the step of receiving a plurality of dual tone multi-frequency (DTMF) signals representing the first selected one of the N PINs.
  - 5. The method of claim 1, wherein the step of receiving an encoded signal includes the step of receiving a set of tones, and wherein the step of decoding the encoded signal to obtain the N PINs and the associated N distinct phrases further comprises the steps of:
    - monitoring a frequency independent signal characteristic of the received set of tones to obtain a plurality of signal characteristic measurements; and
      
      using a look-up database in conjunction with the plurality of signal characteristic measurements to decode the received set of tones to obtain the N PINs and the associated N distinct phrases encoded into the set of tones.
  - 6. The method of claim 5, wherein the received set of tones includes a plurality of DTMF signals.
  - 7. The method of claim 1, wherein the security device is an acoustically programmable auto-dialer, the resource is a long distance telephone service provider and wherein the step of receiving an encoded signal includes the step of receiving an encoded DTMF signal representing a telephone number, the N PINs and the associated N distinct phrases.
  - 8. The method of claim 1, further comprising the step of:
    - generating, by the verification service, an acoustic signal, to which the security device is programmed to respond by deactivating itself, upon a determination that the current user of the security device is not the authorized user.
  - 9. The method of claim 1, wherein the step of determining whether the current user of the security device is the authorized user further comprises the step of:
    - providing the current user a second opportunity to provide proof that the current user is the authorized user if it is determined that the first response does not match the first selected one of the N PINs, the step of providing the current user a second opportunity further comprising the steps of;
      
      i) selecting, by the verification service, a second one of the N PINs;
      
      ii) prompting, by the verification service, the current user of the security device for a second time using the one of the N distinct phrases associated with the first one of the N PINs and the one of the N distinct phrases associated with the second selected one of the N PINs;
      
      iii) receiving at the verification service a second response; and
      
      iv) comparing at the verification service the second response to the first selected one of the N PINs and the second selected one of the N PINs to determine if there is a match, wherein a match of both the first and second selected ones of the N PINs indicates that the current user of the security device is the authorized user.
  - 10. The method of claim 1, wherein the step of storing in the security device the N PINs and the associated N distinct phrases further comprises the step of programming the security device by transmitting audio signals to the security device.
  - 11. The method of claim 1 wherein the resource comprises the verification service.

12. A security method for controlling unauthorized use of a device, comprising the steps of:
- requesting an authorized user of a device having memory, a display and input keys, to select a set of N PINs and N distinct phrases, each one of the N distinct phrases including at least one word, each one of the N distinct phrases being associated with a corresponding one of the N PINs for identifying the corresponding one of the N PINs and for acting as a prompt to remind the authorized user of the corresponding one of the N PINs, wherein N is a positive integer;
  
  storing in the device the N PINs and the associated N distinct phrases;
  
  selecting, by the device, a first one of the N PINs;
  
  displaying, by the device, a first list of PINs from which a current user can select a PIN by using the input keys, the first list of PINs including the first selected one of the N PINs;
  
  prompting, by the device, the current user of the security device for a first time using the one of the N distinct phrases associated with the first selected one of the N PINs as a first prompt, to select from the displayed first list of PINs the first selected one of the N PINs;
  
  determining, by the device, whether the current user of the device is the authorized user, wherein the step of determining includes the step of detecting whether the current user selected the first selected one of the N PINs in response to the first prompt; and
  
  enabling, by the device, the current user to operate the device upon determining that the current user is the authorized user.
- View Dependent Claims (13)
- - 13. The method of claim 12, wherein the step of determining whether the current user of the device is the authorized user further comprises the steps of:
    - selecting, by the device, a second one of the N PINs;
      
      displaying, by the device, a second list of PINs from which the current user can select a PIN by using the input keys, the second list of PINs including the first selected one of the N PINs and the second selected one of the N PINs;
      
      prompting, by the device, the current user of the security device for a second time using the one of the N distinct phrases associated with the second selected one of the N PINs, to first select from the displayed second list of PINs the first selected one of the N PINs and to then select from the displayed second list of PINs the second selected one of the N PINs; and
      
      detecting, by the device, whether the current user of the device selected the first selected one of the N PINs and then the second selected one of the N PINs to determine if the current user is the authorized user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Smart Tone Incorporated
Original Assignee
Smart Tone Authentication, Inc.
Inventors
Mark, Andrew R.
Primary Examiner(s)
Zele, Krista M.
Assistant Examiner(s)
Wolinsky, Scott

Application Number

US08/657,594
Time in Patent Office

690 Days
Field of Search

379/201, 379/67, 379/88, 379/89, 379/216, 379/200, 379/199, 379/93, 379/355, 379/95, 379/131, 379/112, 379/192, 379/188, 379/189, 379/190, 379/356, 379/361, 380/19, 380/20, 380/23, 380/3, 380/4, 364/408, 348/5.5
US Class Current

379/93.03
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/346   Cards serving only as infor...

G07F 7/0886   the card reader being porta...

G07F 7/1008   Active credit-cards provide...

G10L 17/00   Speaker identification or v...

H04M 1/2155   Acoustic coupling

H04M 1/271   controlled by voice recogni...

H04M 1/275   implemented by means of por...

H04M 1/2757   by data transmission, e.g. ...

H04M 1/50   by generating or selecting ...

H04M 1/66   with means for preventing u...

H04M 15/00   Arrangements for metering, ...

H04M 17/00   Prepayment of wireline comm...

H04M 17/02   Coin-freed or check-freed s...

H04M 2201/40   using speech recognition sp...

H04M 3/16   with lock-out or secrecy pr...

H04M 3/44   Additional connecting arran...

H04M 3/493   Interactive information ser...

H04Q 1/453   in which m-out-of-n signall...

System and method using personal identification numbers and associated prompts for controlling unauthorized use of a security device and unauthorized access to a resource

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

436 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

System and method using personal identification numbers and associated prompts for controlling unauthorized use of a security device and unauthorized access to a resource

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

436 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links