It is becoming commonplace for users to access data, such as bank data, via a telephone connection. This access is accomplished by using the number keypad at a telephone and sending tone signals (dial tone multi-frequency DTMF tones) to an automatic response system. In the usual situation, these access systems require the user to send a specialized access code such as a personalized information number (PIN) together with the account number. An eavesdropper monitoring the telephone line then need only listen to the exchanged communication to gain knowledge of the user's account number and PIN. At a subsequent time the intruder can gain access to the user's file, perhaps transferring funds therefrom surreptitiously.
This problem is dealt with in the prior art. For example, U.S. Pat. No. 4,972,469 dated Nov. 20, 1990, shows a system that sends a masking signal on the line, thereby preventing an eavesdropper from using a conventional DTMF decoder and obtaining intelligent information from the transmitted tones. The '469 patent works by providing tones within the range of the DTMF valid tone range and by monitoring these tones to control the relative levels between the transmitted valid tones and the transmitted masking tones. Because the masking tones are within the range of valid tones, the unauthorized receiver is confused because at any one time there are more valid frequencies than are allowed, and thus the unauthorized receiver will automatically shut down. However, because the tones are known to the transmitting system, these tones can then be removed by a echo suppression type hybrid.
Prior systems have several problems. One is that they must continually adjust the masking tone levels to get a relative difference between the masking tone and the valid tone so that the masking tone can be removed without removing the valid tone information. Another problem exists in that these tones are provided in a manner which makes it unpleasant for a user since they are present on the line all the time and thus tend to be unpleasant to the ear.
In addition, an eavesdropper by recording the transmission will effectively record all of the masking tones. For example, in a banking application, the eavesdropper will have two options. The first option is for the intruder to call the bank and to play back the recorded account number and PIN identification. In some instances the bank system will filter out the masking tones thereby allowing the intruder to gain access to the bank system.
Option two would be for the intruder to analyze the extraneous frequencies, thereby removing designing a system which remove those frequencies. In addition, once the masking frequencies are known, it is an easy matter to identify the account and PIN information.
Accordingly, a need exists in the art for a secure system which will allow a system to function without adjustment of the signal level.
A further need exists in the art for a secure system which functions to prevent an eavesdropper who has taped the transmission from decoding the tape to obtain valid information.
A still further need exists in the art for a system which prevents a taped transmission from being played back to the control system at a later date so as to gain access to an account improperly.