EP0848362A2 - Méthode et ensemble pour l'introduction sécurisée contre l'écoute de codes PIN en dialogue parle - Google Patents

Méthode et ensemble pour l'introduction sécurisée contre l'écoute de codes PIN en dialogue parle Download PDF

Info

Publication number
EP0848362A2
EP0848362A2 EP97118867A EP97118867A EP0848362A2 EP 0848362 A2 EP0848362 A2 EP 0848362A2 EP 97118867 A EP97118867 A EP 97118867A EP 97118867 A EP97118867 A EP 97118867A EP 0848362 A2 EP0848362 A2 EP 0848362A2
Authority
EP
European Patent Office
Prior art keywords
pin
manipulation
user
pseudo
public
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP97118867A
Other languages
German (de)
English (en)
Other versions
EP0848362A3 (fr
Inventor
Volkmar Dr. Naumburger
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Deutsche Telekom AG
Original Assignee
Deutsche Telekom AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Deutsche Telekom AG filed Critical Deutsche Telekom AG
Publication of EP0848362A2 publication Critical patent/EP0848362A2/fr
Publication of EP0848362A3 publication Critical patent/EP0848362A3/fr
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/33Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password

Definitions

  • the invention relates to a method and an arrangement for tap-proof entry of PIN codes when using language-recognizing input media.
  • Entering the PIN is more problematic s in direct linguistic dialogue. This is the case when orders are placed with an operator (e.g. bank clerk) or speech recognizer. In such cases, a protected sphere cannot always be guaranteed, so that unauthorized persons can acoustically track the entry of the PIN. To ensure confidentiality in these cases, too, the PIN must be entered in encrypted form. It can be assumed that the request (command path) for entering the PIN through the use of user-related earphones, e.g. B. telephone handset or speech, does not take place publicly, while the input by voice by the user (input path) remains public.
  • user-related earphones e.g. B. telephone handset or speech
  • a well-known solution with the confidentiality of the voice input the PIN via a public command route to be guaranteed is based on the reading of the Digits from 0 to 9 in ascending order. This Digits are made to the user via the non-public Command path offered for selection. Kick the appropriate one Number of the PIN to be entered, the user speaks that unspecific word "STOP", which means the secret digit is marked. In this way, a multi-digit PIN by repeating this procedure can be entered.
  • STOP unspecific word
  • a disadvantage of this method is that if the PIN is not selected correctly, the entry procedure is right can be tedious. For example, typing the PIN "9999" may take longer than 2 minutes if reading a number including pause only 3 seconds would take. Another disadvantage is that limited security, because with some practice you can the time when the "STOP" is spoken to the Digit can be inferred.
  • the aim of the invention is to provide a more secure solution to enter PIN codes by voice to create the is safer and faster than the known solutions.
  • the inventive method is based on the fact that Digits of the PIN to be entered in the correct order one after the other in individual self-contained question-answer procedures be queried.
  • the query procedure (Prompt to the user) is made via the closed command route.
  • the response procedure (answer by the user) takes place via the public Command way.
  • the user is prompted asked to enter the requested PIN number via the specified non-public command route Manipulation digit and one with the manipulation digit logically linked manipulation instructions with the PIN number to offset.
  • the result of this surgery the resulting pseudo PIN number is given by the user via the public input path by voice.
  • the security of the PIN entry is guaranteed by a Random number generator 8 on the command side both the Manipulation number as well as the manipulation instruction constantly redefined.
  • the definition of the concrete Manipulation instruction is determined by the premise that the one to be calculated according to the manipulation instruction Pseudo-PIN number does not exceed the tens position, and that the larger digit of is subtracted from the smaller digit.
  • the method is implemented using an arrangement in which the PIN query via a public telephone connection he follows.
  • This telephone connection 1 is in the system with one Speech recognizer 2 connected via a speech output 5 is applied to a voice memory 6. Narrator 5 is at the same time via a direct connection to the telephone connection 1 connected.
  • the speech recognizer 2 has one Connection to a comparator 3. Furthermore, is a Random number generator 8 via an arithmetic unit 9 with the comparator 3 connected.
  • the comparator 3 is with the PIN memory 4 and an application 7 module. Of the PIN memory 4 has a cross connection to the arithmetic unit 9. Another cross connection exists between the Arithmetic unit 9, the speech output 5 and the application 7.
  • the invention is based on a Embodiment explained in more detail. In Figure 1 the arrangement on which the procedure is based in the form of a Block diagram shown.
  • the PIN request is made via a public telephone connection as in Fig.1 Telephone connection 1 is shown.
  • the PIN memory 4 is the PIN stored in numerical form.
  • This PIN is identified by an authorized user Reproduce users.
  • the procedure is started by from the voice memory 6 via the voice output 5 and the public command of the appropriate language promts to be issued to the user who received the request to PIN entry included.
  • the digit counter reset to the first position in the arithmetic unit 9 and incremented.
  • the position counter 9 thus points to the first digit of the saved PIN.
  • the random number can, for example limited to a value between 0 and 9.
  • the calculator 9 performs the proposed operation and saves the result as a result pseudo PIN number generated in this way for the first digit of the PIN. With the number of digits n, the random number x and the link plus or minus generates the speech device 4 the statement:
  • the recognition result is also saved.
  • the Comparator 3 determines whether all the digits of the PIN already exist if not, the procedure will be processed repeated until all positions of the PIN have been recorded. in the For example, the PIN has four digits, so the Comparator 3 test whether the loop is already four times was run through. Has the capture of all positions of the PIN ended, the comparison between the by the User entered pseudo-PIN and the one in the PIN memory 4 saved PIN. For comparison preferably the pseudo PIN entered by the user with the pseudo PIN generated and stored in arithmetic unit 9 compared.
  • Another option is that of User entered pseudo-PIN via arithmetic unit 9 Undergo reverse surgery in which the pseudo PIN back into the PIN on which the operation was based is converted. Then the PIN obtained in this way compared with the PIN stored in the PIN memory. If both sequences of digits match, the PIN was entered successfully completed. Otherwise the user will be over voice output 5 prompts you to enter your PIN again. This possibility should be given to avoid errors when calculating or a lack of recognition reliability of the Speech recognizer 2 to be considered.
  • the comparator 3 but checks whether the number of failed attempts is greater than three is. If that is the case, then it can be assumed that the User does not have the correct PIN. Therefore the PIN entry was aborted with ERROR. This fact the user receives a corresponding announcement of the speech output 5 communicated.
  • the method according to the invention can also be used in a Use a system that allows multiple PINs as it does for example in a banking system.
  • the user must be familiar with the query Identify your PIN with a public key. That can for example, the account number of the user. Based on the public key will be the PIN of the system Caller, which was determined by the account number, provided. Then, as described above, based on the PIN and the individual PIN numbers generated manipulation digits and manipulation instructions the query of the pseudo PIN.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Telephonic Communication Services (AREA)
  • Medical Treatment And Welfare Office Work (AREA)
EP97118867A 1996-12-14 1997-10-30 Méthode et ensemble pour l'introduction sécurisée contre l'écoute de codes PIN en dialogue parle Ceased EP0848362A3 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE19652161 1996-12-14
DE19652161A DE19652161A1 (de) 1996-12-14 1996-12-14 Verfahren und Anordnung zur abhörsicheren Eingabe von PIN-Codes im sprachlichen Dialog

Publications (2)

Publication Number Publication Date
EP0848362A2 true EP0848362A2 (fr) 1998-06-17
EP0848362A3 EP0848362A3 (fr) 2002-04-10

Family

ID=7814787

Family Applications (1)

Application Number Title Priority Date Filing Date
EP97118867A Ceased EP0848362A3 (fr) 1996-12-14 1997-10-30 Méthode et ensemble pour l'introduction sécurisée contre l'écoute de codes PIN en dialogue parle

Country Status (2)

Country Link
EP (1) EP0848362A3 (fr)
DE (1) DE19652161A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1320083A1 (fr) * 2001-12-13 2003-06-18 Siemens Aktiengesellschaft Authentification par la saisie d'une suite de mots structurée
DE10125954B4 (de) * 2000-06-02 2008-04-30 International Business Machines Corp. Sichere Datenübertragung von ungesicherten Eingabeumgebungen
DE102009018725A1 (de) 2009-04-27 2010-10-28 Ronny Schran Verschlüsselung von alphanumerischen Zeichen und gesicherte Eingabe von alphanumerischen Zugangskodes

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS61250763A (ja) * 1985-04-30 1986-11-07 Hitachi Ltd 暗唱情報方式
JPS62292036A (ja) * 1986-06-12 1987-12-18 Toshiba Corp 通信装置における秘話方法
US4731841A (en) * 1986-06-16 1988-03-15 Applied Information Technologies Research Center Field initialized authentication system for protective security of electronic information networks
US5130519A (en) * 1990-01-16 1992-07-14 George Bush Portable pin card
EP0444351A3 (en) * 1990-02-28 1992-05-27 American Telephone And Telegraph Company Voice password-controlled computer security system
US5517558A (en) * 1990-05-15 1996-05-14 Voice Control Systems, Inc. Voice-controlled account access over a telephone network
US5196840A (en) * 1990-11-05 1993-03-23 International Business Machines Corporation Secure communications system for remotely located computers
US5239583A (en) * 1991-04-10 1993-08-24 Parrillo Larry A Method and apparatus for improved security using access codes
DE4207447A1 (de) * 1992-03-09 1993-09-16 Provera Ges Fuer Projektierung Verfahren und geraet zur digitalen aufzeichnung und wiedergabe von informationen
DE4411780C2 (de) * 1994-04-06 1998-12-17 Wolfgang A Dr Rer Nat Redmann Abhörsichere Zugangskontrollvorrichtung
DE4436697C2 (de) * 1994-09-30 1998-02-26 Siemens Ag Verfahren zum Erzeugen elektronischer Unterschriften

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10125954B4 (de) * 2000-06-02 2008-04-30 International Business Machines Corp. Sichere Datenübertragung von ungesicherten Eingabeumgebungen
EP1320083A1 (fr) * 2001-12-13 2003-06-18 Siemens Aktiengesellschaft Authentification par la saisie d'une suite de mots structurée
DE102009018725A1 (de) 2009-04-27 2010-10-28 Ronny Schran Verschlüsselung von alphanumerischen Zeichen und gesicherte Eingabe von alphanumerischen Zugangskodes

Also Published As

Publication number Publication date
DE19652161A1 (de) 1998-06-18
EP0848362A3 (fr) 2002-04-10

Similar Documents

Publication Publication Date Title
DE69427322T2 (de) Verfahren und System zur Identitätsprüfung eines Sprechers
DE69228237T2 (de) Sicherheitsanlagen basiert auf der aufnahme ein einziges erkennungszeichen für nachfolgende wiedergabe
DE3688316T2 (de) Sicherheitssystem zur Gültigkeitsprüfung von Bauteilen.
DE69215469T2 (de) Auf Spracherkennung basierendes Sicherheitssystem
DE3650766T2 (de) Operationssteuerung
DE3103514A1 (de) Verfahren und vorrichtung zum steuern einer gesicherten transaktion
DE69733740T2 (de) Statistische Datenbank-Korrektur von alphanumerischen Kontennummern unter Verwendung von Spracherkennung
DE69702454T2 (de) Sicherheitsvorrichtungen und systeme
DE1547032A1 (de) Einrichtung zum Identifizieren einer Person
DE3103805C2 (de) Verfahren und Einrichtung zur Datenerfassung
DE3029823C2 (fr)
EP0848362A2 (fr) Méthode et ensemble pour l'introduction sécurisée contre l'écoute de codes PIN en dialogue parle
DE102008040258A1 (de) Verfahren und Vorrichtung zur Verbesserung biometrischer Identifizierungssysteme
EP1245094A2 (fr) Dispositif de maniement, protege par un mot de passe, d'un document electronique
DE19904440C2 (de) Verfahren zur Verifizierung der Identität einer Person
EP1224661B1 (fr) Procede et dispositif pour la verification d'un locuteur a l'aide d'un ordinateur
DE3785511T2 (de) Verbesserungen zur spracherkennung.
Arnold Reflections on American public discourse
EP1214704B1 (fr) Procede pour detecter et evaluer des signaux vocaux representant un mot emis par un utilisateur d'un systeme de reconnaissance vocale
EP1749395B1 (fr) Procede d'autorisation d'une transaction telephonique et noeud de commutation
WO2006120170A1 (fr) Transmission de donnees entre modules
DE102004049878B4 (de) System und Verfahren zur Überprüfung einer Zugangsberechtigung
MacKay Effects of ambiguity on stuttering: Towards a theory of speech production at the semantic level
DE60214726T2 (de) Verfahren und system zur zugangsregelung
DE10063796B4 (de) Verfahren zur Sprechererkennung für Sicherheitssysteme in Kombination mit Spracherkennung

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

17P Request for examination filed

Effective date: 20021010

AKX Designation fees paid

Free format text: AT BE CH DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

17Q First examination report despatched

Effective date: 20021129

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20031212