The present invention relates generally to access systems and the identification of personnel who use them, but more specifically to a method that compares user response words to prefiled words that produce positive user identification.
Fraud by personnel gaining unauthorized access to restricted areas, financial accounts, benefits, and services continues to be a major problem. Hundreds of millions of dollars are stolen, and untold numbers of military and industrial secrets are compromised annually.
A major advancement in combatting such fraud would be to devise a method to positively identify a person seeking access in the above areas as being the same person for whom the access privileges were originally intended.
Identification of personnel has traditionally rested on meeting one or more of the following criteria:
(1) who they are (a photo, biometric print, etc.); PA1 (2) what they know (personal identification number, code, etc.); PA1 (3) something they have (a card, key, etc.) PA1 (1) The error windows in biometric devices cannot be sized perfectly concerning a user and who they are. PA1 (2) The requirement to know abstract numbers or codes usually results in their being written down someplace where they are too easily compromised. PA1 (3) The link between a user and something they have is too weak since nearly anyone could use a card or key.
Devices developed thus far to identify and/or control the access of personnel can be put into two general groups.
One group consists of high tech biometric type devices which address the first of the aforementioned criteria as to who they are. These devices measure such things as signature dynamics, retinal patterns, finger, hand and voice prints. Due to certain differences in follow-on measurements, an error window must be established for each type of device. If the error window is too small, a user with a temporary, but justifiable variation may be rejected. If the error window is too large, however, an unauthorized person may be inadvertently granted access.
The second group consists of non-biometric type devices which deal with the user criteria of what they know and something they have. In either case the systems involved can generally be compromised because something they have can be confiscated; and what they are required to know is usually an abstract number, or code that is subject to being forgotten. Such numbers or codes are therefore usually written down in a place convenient to both the user and, inadvertently, to someone intent on fraud.
Thus, previous efforts to positively identify personnel have failed for the following reasons:
The present invention solves the aforementioned problems by (1) drawing a profile of users as to who they are that is likely to remain constant over a long period of time; (2) by utilizing only tangible information in the form of words, which are unique to the user and tend to remain firmly etched in their memory in representing what they know; and (3) developing the strongest possible link between users and something they have.
These tasks are accomplished by the present invention with cost effectiveness and relative simplicity, while addressing simultaneously all three of the identification criteria listed above.