I. Field of the Invention
The present invention pertains generally to the field of electronic security, and more particularly, to authentication of individuals through audio tones.
II. Background
Access to the Internet and use of electronic data systems have grown steadily among the general public. Electronic commerce has been eagerly embraced by both consumers and businesses due to a number of factors, such as the relative ease with which a party can buy or sell to another party without the inherent complications involved in traditional establishments.
However, along with the increase in electronic commerce, the opportunities for fraudulent activity have also increased. Misappropriated identity in the hands of wrongdoers may cause damage to innocent individuals. In worst case scenarios, a wrongdoer may actually purloin a party's identity in order to exploit the creditworthiness and financial accounts of an individual.
In order to prevent unauthorized persons from intercepting private information, various security and encryption schemes have been developed so that private information transmitted between parties is concealed. However, the concealment of private information is only one aspect of the security needed to achieve a high level of consumer confidence in electronic commerce transactions. Another aspect is authentication.
Traditionally, signatures are placed on legal documents to identify the parties involved in the subject matter of the documents and to establish that the parties are in formal agreement. With the advent of electronic commerce transactions, electronic signatures are necessary to formalize the identification of parties and the corresponding agreements between them. The “Electronic Signatures in Global and National Commerce Act” was enacted to give such electronic signatures the same force of law as a penned signature for legal contracts. However, implementation of such secure electronic signatures has been left unresolved by the government.
Accordingly, electronic authentication of an individual may currently be performed by authentication through knowledge, such as a password or a personal identification number (PIN); authentication through personal characteristics (biometrics), such as a fingerprint, DNA, or a signature.
With current reliance on electronic security measures, it is not uncommon for an individual to carry multiple authentication objects or be forced to remember multiple passwords. For example, an individual may perhaps need a PIN for an ATM machine, a password to log onto a computer, a second password to access an internet service provider at home, multiple passwords to access various internet pages, a proximity card to gain access to secured buildings or structures, or a garage door opener to gain entry into a house.
Authentication through knowledge is thus problematic for individuals who are forced to remember multiple passwords or PINs. Also, passwords that are the easiest for a person to recall are the passwords that are the easiest for another person to guess. Further, security may be compromised as people may write down such information because the amount of information needed to be retained is voluminous. Writing down such information leaves an individual vulnerable to the theft of passwords or PIN codes.
Authentication through portable objects and personal characteristics may also be problematic for an average customer due to the highly specialized input devices that are required to retrieve authentication information. For example, ATM cards require an ATM machine and smart cards require a smart card reader.
Accordingly, current methods utilizing physical objects and personal characteristics are inadequate for a person who must be authenticated through a data connection or across a telephone line. In addition, having to remember passwords or carry multiple physical objects is cumbersome to the individual. Therefore, there is a present need to simplify and increase the security of the process of authenticating an individual.