The invention concerns a digital process for authenticating a user of a database and a configuration (arrangement) for implementing this process.
Since it has been possible to operate telecommunications and data terminal devices as mobile telephones and portable computers with mobile radio or a WLAN interface, for many purposes and in relation to diverse criteria authentication of the actual user has become even more important than before. This is particularly virulent in connection with access to financial resources of an actual or potential user, but also in relation to access to services or protected datasets that are not freely available.
With the development of telephone and electronic home banking and with the creation of Internet trading platforms, even years ago this problem led to extensive development efforts and also certainly marketable solutions that are commonly available on the market. In the case of telephone banking, common authentication solutions are based on a PIN and possibly additional querying of user-specific information, while current electronic home banking solutions make use not only of a PIN, but also generally of additional transaction codes or numbers (TANs) that the operator assigns to each user and which the user then uses during a transaction.
Unfortunately, some of the known and established processes call for relatively large amounts of organization and costs on the part of the provider and are subject to only limited acceptance on the part of the user due to the necessary operating effort involved. Moreover, the relatively simple authentication solutions in the case of telephone home banking can only be classified to a very limited extent as being secure.
The operators of data systems that require protection, in particular account systems used in masses (for example banks and Internet trading platforms), are therefore increasingly using biometrics-based authentication solutions that are based on unique, unmistakeable biometric features of the user. Especially in the case of systems involving telephone access—including those relating to VoIP-based access—in particular also the use of the idiosyncrasies of the human voice are considered as a biometric feature, and there are substantial development endeavours in this respect.
In the course of the introduction and conception of voice biometrics processes, the respective service provider, for example a bank, is faced with the dilemma that, on the one hand, the process must reliably check the user and, on the other hand, must also be acceptable for the user. A distinction is made between the login process, also referred to as enrolment, and the checking process, also referred to as authentication. Within the scope of enrolment, in a telephone call a few seconds of the user's talking time are recorded and a voice profile is generated on its basis. Within the scope of authentication, an up-to-date voice recording of the user is compared against a once generated voice profile.
Two kinds of voice checking methods are obtainable on the market, the text-dependent and the text-independent methods. Within the scope of the text-dependent method, the user authenticates himself or herself by repeating the same term he or she has “trained” during enrolment by repeating it several times for the system. Within the scope of the text-independent method, the user is not tied to a specific term, but is identified by saying any text. In comparison with the text-independent method, the text-dependent method tends to have the advantage that, during both enrolment and authentication, less voice material is required from the user for a specific recognition rate, and it has the disadvantage that repeating certain terms can appear to the user to be artificial. In the case of both methods, there is the possibility of the so-called passive enrolment, where the use speaks normally, leaving behind the suitable voice material for generation of the voice profile.
In the case of the text-dependent method, the corresponding restrictions consist of the fact that the user must undergo the same dialogue flow in several calls. In the case of the text-independent method, the restriction consists of the fact that, in certain circumstances, the user must wait for several telephone calls to have taken place before sufficient amounts of voice material, for example 30 to 90 seconds of spoken text, have been gathered for the voice profile.
In the case of the so-called active enrolment, the user is guided by a dialog until the voice material required for enrolment has been stored. In comparison with active enrolment, the advantage of passive enrolment is that it produces less effort for the user, and the disadvantage is that it can extend for several calls by the user. Therefore, at the start of use of the system, it will already be fed with voice material, but it will not yet perform any authentication or at least not independently. This is not so satisfactory for the user or the operator because substitute authentication solutions and/or considerable reductions in security have to be tolerated for this period of time, which naturally substantially increases effort in total and significantly impairs user acceptance.