As the computer age has progressed in recent years, there has been a vast increase in the use of private electronic transactions. Banks, credit card companies and other financial institutions offer a wide variety of options and services that may now be conducted online. The ever expanding Internet has brought computerized home shopping to the forefront of cyber-technology. Consumers may now conduct a majority of their financial business in numerous ways that either did not exist, or were not available for use by the general public as little as five years ago. Some examples of such transactions include computerized home banking, the use of automatic teller machines, computerized stock transactions, credit or debit based product dispensers, security entrances, telephone access and transactions, long distance calling cards, identification cards (including any such card used for services like health care, insurance, automobile service accounts, etc.), and even secure transactions over the Internet.
The essence of any secret transaction, whether financial or not, is the ability to keep it private and secure from potential theft. Although computerization of transactions and improvements in technology have increased the ease with which consumers may conduct these private transactions, the nature of the technology is such that the information, when transmitted electronically, can be intercepted and used for criminal purposes. Consequently, as the usage of these kinds of electronic transactions has increased, a need for improved systems and methods to ensure their security has increased as well. Completion of most electronic financial transactions requires the use of a password or personal identification number (PIN) that identifies a person as one authorized to conduct a specific transaction. For example, most automatic teller machine (ATM) cards have a magnetic strip that, when read by the ATM computer, identifies the bank and the account to be accessed. The machine then asks for entry of the PIN which has been assigned to that account. If the correct PIN code is entered, the user may access the bank account to conduct a variety of transactions, including, withdrawals, deposits or requesting account statements.
There are several drawbacks to this approach. First, the PIN must be chosen when the account is opened, and may only be changed by bank personnel upon request by the user. Therefore, a person who hasn't realized that her ATM card was stolen may go days without requesting a new PIN number to be assigned to her account. During that time, the thief who stole her card may have discovered the PIN number, and made unauthorized withdrawals from her account. Second, the "choose-your-own" PIN code system is not sufficiently unique to provide adequately reliable identification. A person not the owner of an account who obtains knowledge of a PIN code may easily gain unauthorized access to that account because, all she or he needs to do is discover the four digit PIN code number associated with that account. While there are thousands of possible permutations or combinations of digits that could make up any one PIN code, the actual code is not specifically unique to that person. For example, two or more bank accounts at the same bank could theoretically have the same PIN code. As long as the correct PIN code is entered for the account sought to be accessed, the system does not care if the entered PIN code could also access other accounts as well, because it only focuses on the specific account number received from the ATM card's magnetic strip. The major fault with this system is that it does not truly identify the account holder, but allows access to anyone holding the card who also enters the correct identification number. In other words, the current system merely assumes that if the individual who attempts to use the card knows the correct PIN number, then that person is authorized to access the account. Therefore, the PIN code system does not offer the flexibility, security, and uniqueness that other forms of identification may offer. Specifically, the PIN code system cannot distinguish between users actually authorized to access the account, and unauthorized users that have discovered the correct PIN code.
In typical applications which require the use of a pass key to facilitate access, users are issued a key that contains a specific, pre-determined access code stored on a magnetic strip or other such storage device, and which de-activates a locking mechanism, alarm system, or other such device and allows the key holder to access whatever secure objective was being protected. Again, this method of restricting access provides flawed security because it fails to provide a means for positively identifying the user as an authorized user as a condition precedent to granting access to the secure objective.
Others have attempted to solve the security problem by creating means for identification based on a biometric character trait unique to specific users. Such character traits may include voice identification, fingerprint analysis, retina scan, DNA analysis, or other biometric characteristic. By utilizing technology which analyzes these types of character traits, systems have been developed which can more accurately identify specific persons. For example, the invention disclosed in Parra, teaches a method and apparatus for identifying a particular individual based on the uniqueness of the acoustic characteristics of his/her voice. According to Parra, the voice characteristics of the user are stored on a magnetic strip on the back of a card. When the card is inserted into the interface, the user is prompted to speak a word. The spoken word is then digitized and its acoustic characteristics compared to a stored digital version of the word. If the characteristics of the stored word match those of the spoken word, the user may be granted access.
There are several drawbacks to this approach. First, while the Parra invention attempts to address the security issue regarding uniqueness of identification characteristics, it does not address flexibility of use. The Parra system, like the PIN code system requires the use of a pre-programmed word or phrase that is compared to the spoken word or phrase. Parra offers no built-in ability to change the access word or phrase without going through bank personnel. Further, the Parra invention does not address tying the voice-identification to the generation of voice pattern-based numeric, alphanumeric or telephone tone codes for use in applications like telephone long distance credit cards, or Internet passwords, which would allow more widespread use of the identification technology. Finally, the Parra invention is specifically limited to a voice identification technology system, rather than relating to a non-platform specific system.
Online systems, such as those disclosed in the June, 1997 issue of Byte magazine (volume 22, number 6, pp. 70-80) rely on digital signatures, digital certificates and server-based verification of smart card electronic signatures in creating a high level of security for financial transactions and other secured access applications. These systems involve high-end algorithmic encoding of identification numbers which may then be sent to and from clients and servers during the authorization process. These systems, while providing high levels of security are not fool proof.
For "hash" signatures, both the client and server must have the access key to complete the encoding and decoding of the hashed data. This means that a security breach at either end (client or server) may result in a hacker's ability to obtain a forgery of the access key, and thereby, access to the client's restricted data or accounts.
Public-key algorithms, provide better security in that the server does not need to have a copy of the access key to verify a digital signature. The private key algorithms used to encode the data are known only to the client encryptor. However, the system of encoding and decoding is set up such that the server side can use a different decoder algorithm to verify the encoded signature. Therefore, the access key remains significantly more secure than a hash based signature, because it is only known to the client side, while the server can still authenticate it. Public-key algorithms, however, do not assure that the person using the key is the actual owner, rather than a forgery. The key is actually just a number; it bears no resemblance to the particular user, and carries no personal or unique data about the user. Further, the public key system requires a great deal of support and infrastructure, particularly in maintaining databases of all active and revoked certificates or keys.