It is available to identify a telecommunications line via the line identification CLI (calling line identification), ANI (automatic number identification), IP address (Internet protocol address) or HLR (home location register) transmitted in various telecommunications networks.
It is possible to differentiate individual users of one telecommunications line based on a query for a personal identifier such as a PIN, for example. The PIN in this context is a personal secret number by which the user proves his or her identity with respect to a system.
Voice recognition systems and speaker recognition systems are also available. In voice recognition systems, it is the content of the spoken utterance that is recognized. The generally available voice recognition systems are based on voice recognition algorithms such as, for example, by systems providers nuance communications or Temic, which are able to recognize a larger number of words in real-time. If algorithms of this kind are used for the voice-controlled operation of, for example, the functions of a telecommunications terminal, then there is the problem of recognizing/identifying a concrete user. This problem is solved by speaker recognition systems. This group includes speaker verification systems. In speaker verification systems, the identity asserted by a person is checked by analyzing a sample of the voice of this person. The principle of speaker verification is based on the assumption that every person can be uniquely identified by their voice. The security standard of a design approach of this kind depends on how well the verification algorithm is able to differentiate the voice of an authorized user from all unauthorized users. This principle, however, requires considerable investments in time and effort to conduct a training process of the respective verification system that is required in this design approach.
Additional available biometric person/speaker verification systems are based, for example, on the comparison of a fingerprint, the comparison of hand geometry, the comparison of the retina, the comparison of the face or a comparison of the signature.
Another available design approach for establishing the identity of a person is based on the technology of verification with the aid of verbal information (VIV). This concerns information that is known solely to the participant to be verified and the content of which with reference to question and response was established between the service provider and the participant to be verified in a process prior to the verification as such. This can be, for example, a personal legitimization statement, a PIN, a place of birth, a birth name or a residential address.
Thus, for example, German reference DE 195 27 022 C2 purportedly describes a method for authenticating service users, particularly for authenticating users of a language value-added service, virtual card calling (VCC) and authentication card, in which for each service user a set of information established individually for the user, made up of a number of queries and a number of associated responses, is stored. One or more queries are selected from the set of queries and are sent to the user for reply. Only if the responses entered by the customer match the respective centrally stored responses to the questions, will the user be granted access to the requested service. This design approach is based on a self-contained set of information made up of questions and the corresponding answers, which was previously coordinated with the user.
Reference DE 698 00 320 T2 purportedly concerns a method and a device for speaker recognition based on verifying verbal information by forced decoding. This design approach is also based on verifying the verbal informational content, which is contained in an utterance made by the speaker. Speaker verification here occurs on the basis of a forced decoding of the spoken utterance, which is based on a special legitimization statement, which is assigned to a specified speaker. This design approach also has recourse to a text already arranged with the user.
Reference DE 698 14 195 T2 purportedly concerns a device for speaker recognition or a speaker recognition method, in which the speaker verification occurs upon the query of a identifier, a previously coordinated text and a codeword from the participant to be verified.
Reference DE 1981 2897 purportedly concerns a method for providing telecommunications-based services, in which via a dialogue a customer is provided with a variant from a plurality of possible services, which he requires for solving his problem or his service request. To this end, it is verified whether the customer has access to the terminal configuration required for this variant or that the customer's terminal configuration supports the service or service combination on which the variant is based.
Available design approaches for person recognition are mostly individual solutions. This is also true of verification systems based on the evaluation of personal biometric data. In these systems, access is granted to an area or service protected by this system following a successful verification. If the verification is not successful, access is denied, or an additional verification attempt is conducted, e.g., according to the principle of verification by verbal information. This applies also to services offered by service providers who restrict access to their services with the aid of a biometric method.
In the “mobile society”, there is an ever-increasing need to be able to access databases of service providers or to make use of services of service providers in any place and at any time, preferably via the Internet. Mobile access to these services, however, requires a special security management, which guarantees access to internal data or protected areas and services with the required security.