View All Documents & Correspondence
A System And Method For Voice Based Digital Signature Service
Abstract: The present invention discloses a method and system for providing a voice-based digital signature service. A first user sends a document to a second user for signature. The first user also sends a PIN to the second user and to a voice verification authority. The second user sends to the voice verification authority, a voice recording comprising the PIN along with consent of the second user to the PIN. The voice verification authority compares the voice recording with a predefined voice sample of the second user, and the PIN received from the first user with the PIN received from the second user. The voice verification authority then sends a notification to a signing entity based on the comparison. The signing entity signs the PIN of the document with a private key associated with the second user and sends an acknowledgement to the first user and the second user, Ref Fig:3
Notices, Deadlines & Correspondence
Patent Information
Applicants
INFOSYS LIMITED
Inventors
1. ASHUTOSH SAXENA
2. VISHAL ANJAIAH GUJJARY
3. HARIGOPAL K.B. PONNAPALLI
Specification
A SYSTEM AND METHOD FOR VOICE BASED DIGITAL SIGNATURE SERVICE BACKGROUND
The present invention relates to the field of digital signature in general. In particular, the invention relates to a method and system for providing a voice-based digital signature service.
Systems that use voice as a means of authentication have been in place and problems for detecting unauthorized access have also been addressed. Methods using voice as a means for online transactions are also defined. The existing solutions in this technological space solve the problems in using a unique voice print of a user to create a digital signature for authenticating a document. Security and non-repudiation for voiee-ov@*4P (VoIP)-conversations has also been addressed in the present state of art.
However, in the existing solutions, mobile communication devices that are at disposal for a... majority of users have not been used to provide a secure system that enables the use of voice to create a digital signature in documents. Most of the electronic transactions across the globe are conducted through the Internet, and for the same, buyers have a wide variety of devices such as a mobile phone, a smart phone, a PDA, a computer, and emerging mobile devices at their disposal. However, such a huge network installation has not been effectively used by the e-commerce industry to provide an interface between the end users and the enterprise systems. This inadequate interface has forced the service providers to play down their operational services to a narrow number.
Thus, there exists a need for a method and system using which a voice signature can be bound to documents using wired or wireless devices with or without the aid of third party systems.
SUMMARY
The present invention discloses a method for providing a voice-based digital signature service. According to the method, a first user sends a document for signing to a second user. The first user also sends a PIN to the second user and to a voice verification authority. The second user sends a voice recording comprising at least the PIN along with his consent to the PIN to the voice verification authority. The voice verification authority compares the voice recording with a predefined voice sample of the. second user. The voice verification authority also compares the PIN received from the first user with the PIN received from the second user. On successful match of the voice recording of the second user with the predefined voice sample of the second user and that of the PIN received from the first user with the PIN received from the second user, the voice verification authority sends a notification to a signing entity. The signing entity signs the document with a private key associated with the second user. Further, the signing entity sends an acknowledgement to the first user and the second user.
The present invention also discloses a system for providing a voice-based digital signature service. The system comprises a voice verification authority and a signing entity. The voice verification authority further comprises a database configured to store voice samples of one or more registered users and an authentication module. The authentication module receives a PIN from a first user, and a voice recording comprising the PIN along with consent of a second user to the PIN. The authentication module compares the voice recording with a predefined voice sample of the second user, and the PIN received from the first user with the PIN received from the second user. On successful match of the voice recording of the second user with the predefined voice sample of the second user and that of the PIN received from the first user with the PIN received from the second user, the authentication module sends a notification to a signing entity. The signing entity signs the document with a private key associated with the second user on receiving the notification from the authentication module. Further, the signing entity sends an acknowledgement to the first user and the second user that the document has been signed.
DRAWINGS
These and other features, aspects, and advantages of the present invention will be better understood when the following detailed description is read with reference to the accompanying drawings in which like characters represent like parts throughout the drawings, wherein:
FIG.l shows an environment 100 in which the present invention can be practiced, in accordance with an embodiment of the present invention;.
FIG.2 is a block diagram of a voice verification authority 106, in accordance with an embodiment of the present invention;
FIG. 3 is a flowchart describing a method for providing a voice-based" digital signature service, in accordance with an embodiment of the present invention;
FIG. 4 is a flowchart describing a method for providing a voice-based digital signature service, in accordance with an embodiment of the present invention; and
FIG. 5 illustrates a generalized example of a computing environment 500.
DETAILED DESCRIPTION
The following description is the full and informative description of the best method and system presently contemplated for carrying out the present invention which is known to the inventors at the time of filing the patent application. Of course, many modifications and adaptations will be apparent to those skilled in the relevant arts in view of the following description in view of the accompanying drawings and the appended claims. While the system and method described herein are provided with a certain degree of specificity, the present technique may be implemented with either greater or lesser specificity, depending on the needs of the user. Further, some of the features of the present technique may be used to get an advantage without the corresponding use of other features described in the following paragraphs. As such, the present description should be considered as merely illustrative of the principles of the present technique and not in limitation thereof, since the present technique is defined solely by the claims.
FIG. 1 is a block diagram of an environment 100 in which the present invention can be practiced, in accordance with an embodiment of the present invention. Environment 100 includes a first user 102, a second user 104, a voice verification authority 106, and a signing entity 108.
In accordance with an embodiment of the present invention, first user 102 sends a document for signing to second user 104. First user 102 also sends a PIN to second user. 104 and to voice verification authority 106. Second user 104 sends a voice recording comprising at least the PIN along with his consent to the PIN to voice verification authority 106. Voice verification authority 106 compares the voice recording with a predefined voice sample of second user 104. Voice verification authority 106 also compares the-PIN received from first user 102 with the PIN received from second user 104. Voice verification authority 106 sends a notification to signing entity 108 if there is a successful match for the above mentioned comparisons. Signing entity 108 signs the document with a private key associated with second user 104. Signing entity 108 also sends an acknowledgement to first user 102 and second user 104.
In accordance with an embodiment of the present invention, first user 102 may be, for example, a beneficiary who needs an insurance policy to be signed by second user 104. First user 102 generates a PIN, which may be a hash on the document, using any one-way hash function known in the art, and sends the PIN to second user 104. First user 102 may send the PIN to second user 104 through a secure communication channel such as cellular phone, wired telephone, and the like. First user 102 also sends the same PIN to voice verification authority 106. Further, first user 102 sends the document along with its details to second user 104 through an electronic channel such as Internet, a mobile communication network, a telecommunication channel, a dedicated telecommunication wired channel and so forth. Various devices such as a computer or a wireless device such as a cellular phone, a personal digital assistant (PDA), a smart phone and the like may be used for communication through the electronic channel.
Second user 104 may be, for example, a customer interested in the insurance policy. On receiving the document and the PIN, second user 104 sends a voice recording to voice verification authority 106. In an embodiment, the voice recording includes a phrase, which, in turn, may include name of second user 104, date, time, consent of second user 104 to the PIN received from first user 102, and any other relevant document details. Second user 104 sends the voice recording comprising at least the PIN and the consent of second user 104 to the PIN to voice verification authority 106 through any electronic channel described earlier.
Voice verification authority 106 compares the PIN received from first user 102 with the PIN included in the voice recording received from second user 104. Voice verification authority 106 also compares the voice recording received from second user 104 with a predefined voice sample of second user 104, which is available with voice verification authority 106. Details of predefined voice samples are explained in conjunction with Fig. 2. Voice verification authority 106 sends a notification to signing entity 108 when: a. the PIN received from first user 102 matches the PIN included in the voice recording received from second user 104, and b. the voice recording received from second user 104 matches the predefined voice sample of second user 104. In accordance with an embodiment of the present invention, the notification sent to the signing entity 108 includes the PIN of the document to be signed by signing entity 108. The notification may be sent through any electronic channel such as Internet, a mobile communication network, a telecommunication channel, a dedicated telecommunication wired channel and so forth.
Signing entity 108, on receiving the notification from voice verification authority 106, signs the document with a private key associated with second user 104. In accordance with an embodiment of the present invention, signing entity 108 stores the private key of every user who has registered with voice verification authority 106. Thus, based on the identity of second user 102, signing entity 108 fetches the private key associated with second user 104 and uses this private key to sign the document. Signing entity 108 also sends an acknowledgement, which consists of the signed PIN, to first user 102 and to second user 104 to notify them that the document has been signed. Further, signing entity 108 sends the document for verification to first user 102. In an embodiment, first user 102 may verify the signature on the document using a known public key of second user 104. As will be apparent, communication between signing entity 108 and other entities can take place through any secure electronic channel.
Fig. 2 is a block diagram of a voice verification authority 106, in accordance with an embodiment of the present invention. Voice verification authority 106 includes a registration module 202, a database 204 and an authentication module 206.
In accordance with an embodiment of the present invention, a user has to register through registration module 202 before the user can use this system. Database 204 stores voice samples of all users that have registered with voice verification system 106. Authentication module 206 compares PINs received from first user 102 with the PIN included in a voice recording received from second user 104. Authentication module 206 further compares the voice recording received from second user 104 with the voice sample of second user 104 stored in database 204. On successful match, authentication module 206 sends a notification -to the signing entity, such as signing entity 108, to sign the document.
As part of the registration process of the user with registration module 202, the user may need to provide a voice sample. The voice sample of the user, such as second user 104, may include a pass-phrase such as a password, a sentence, or information related to the document, such as beneficiary name, date, time, intent, a PIN or combinations thereof. Based on characteristics (or frequencies) extracted from the voice sample, registration module 202 generates a feature template. Such a template may also be referred to as a voice print or voice signature, and is unique to an individual. It should be noted that during the registration process, the end user may need to speak a few phrases and repeat each phrase several times, so that the created template is sufficiently reliable.
Database 204 stores the voice samples or recordings of the registered users along with the identities of the users for future retrieval and matching. Database 204 may also store the PINs received from first user 102 and second user 104, which are then sent to authentication module 206 for comparison.
Authentication module 206 performs a plurality of comparison operations. Authentication module 206 compares the PIN on the document received from a user, such as first user 102, with the PIN included in the voice recording received from second user 104. Authentication module 206 also compares the voice recording received from second user 104 with the voice sample of second user 104 stored in database 204. On a successful match of the PINs received from first user 102 and second user 104, and on a successful match of the voice recording received from second user 104 and the stored voice template of second user 104, authentication module 206 sends a notification to signing entity 108. Thus, authentication module 206 authenticates second user 104 and the PIN. Authentication module 206 then sends the notification, which consists of the PIN to be signed, to signing entity 108.
FIG. 3 is a flowchart describing a method for providing a voice-based digital signature service, in accordance with an embodiment of the present invention.
At step 302, a voice verification authority receives a PIN from a first user, such as first user 102, and a voice recording from a second user, such as second user 104-. accordance with an embodiment of the present invention, the voice recording includes at least a PIN and consent of the second user to the PIN. This information may be stored in a database.
At step 304, the voice verification authority performs two comparisons. The voice verification authority compares the PIN on the document received from first user 102 and the PIN in the voice recording received from second user 104. Further, it compares the voice recording received from second user 104 with a predefined voice sample of second user 104, stored in the database. It should be noted that the voice samples may be compared using any technique known in the art. At step 306, the voice verification authority checks whether there is a match between the PINs received from the end users 102 and 104, and between the received voice template from second user 104 and the stored voice template of second user 104. If there is a match, the voice verification authority sends a notification to a signing entity, at step 308. However, if there is no match, at step 310, the transaction stops and no notification is sent to the signing entity.
FIG. 4 is a flowchart describing a method for providing a voice-based digital signature service, in accordance with an embodiment of the present invention.
At step 402, a signing entity, such as signing entity 108, receives a notification that includes a PIN of a document from a voice verification authority 106.
At step 404, the signing entity signs the PIN of the document using a private key associated with second user 104. It should be noted that the private keys corresponding to the registered users may be stored by the signing entity in storage medium, such as a secure database or a hardware security module.
At step 406, the signing entity sends an acknowledgement consisting of the signed PIN to first user 102 and second user 104, which states that the document has been signed.
At step 408, the signing entity sends the signature for verification to first user 102. First user 102 may verify the signature using a known public key of second user 104.
Exemplary Computing Environment
One or more of the above-described techniques can be implemented in or involve one or more computer systems. FIG. 5 illustrates a generalized example of a computing environment 500. The computing environment 500 is not intended to suggest any limitation as to scope of use or functionality of described embodiments.
With reference to Fig. 5, the computing environment 500 includes at least one processing unit 510 and memory 520. In Fig. 6, this most basic configuration 530 is included within a dashed line. The processing unit 610 executes computer-executable instructions and may be a real or a virtual processor. In a multi-processing system, multiple processing units execute computer-executable instructions to increase processing power. The memory 520 may be volatile memory (e.g., registers, cache, RAM), non-volatile memory (e.g., ROM, EEPROM, flash memory, etc.), or some combination of the two. In some embodiments, the memory 520 stores software 580 implementing described techniques.
A computing environment may have additional features. For example, the computing environment 500 includes storage 540, one or more input devices 550, one or more output devices 560, and one or more communication connections 570. An interconnection mechanism (not shown) such as a bus, controller, or network interconnects the components of the computing environment 500. Typically, operating system software (not shown) provides an operating environment for other software executing in the computing environment 500, and coordinates activities of the components of the computing environment 500.
The storage 540 may be removable or non-removable, and includes magnetic disks, magnetic tapes or cassettes, CD-ROMs, CD-RWs, DVDs, or any other medium which can be used to store information and which can be accessed, within the computing environment . 500. In some embodiments, the storage 540 stores instructions for the software 580,
The input device(s) 550 may be a touch input device such as a keyboard, mouse, pen, trackball, touch screen, or game controller, a voice input device, a scanning device, a digital camera, or another device that provides input to the computing environment 500. The output device(s) 560 may be a display, printer, speaker, or another -device that provides* output from the computing environment 500.
The communication connection(s) 570 enable communication over a communication medium to another computing entity. The communication medium conveys information such as computer-executable instructions, audio or video information, or other data in a modulated data signal. A modulated data signal is a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media include wired or wireless techniques implemented with an electrical, optical, RF, infrared, acoustic, or other carrier.
Implementations can be described in the general context of computer-readable media. Computer-readable media are any available media that can be accessed within a computing environment. By way of example, and not limitation, within the computing environment 500, computer-readable media include memory 520, storage 540, communication media, and combinations of any of the above.
Having described and illustrated the principles of our invention with reference to described embodiments, it will be recognized that the described embodiments can be modified in arrangement and detail without departing from such principles. It should be understood that the programs, processes, or methods described herein are not related or limited to any particular type of computing environment, unless indicated otherwise. Various types of general purpose or specialized computing environments may be used with or perform operations in accordance with the teachings described herein. Elements of the described embodiments shown in software may be implemented in hardware and vice versa.
As will be appreciated by those ordinary skilled in the art, the foregoing example, demonstrations, and method steps may be implemented by suitable code on a processor base system, such as general purpose or special purpose computer. It should also be noted that different implementations of the present technique may perform some or all the steps described herein in different orders or substantially concurrently, that is, in parallel.
Furthermore, the functions may be implemented in a variety of programming languages
Such code, as will be appreciated by those of ordinary skilled in the art, may be stored or adapted for storage in one or more tangible machine readable media, such as on memory chips, local or remote hard disks, optical disks or other media, which may be accessed by a processor based system to execute the stored code. Note that the tangible media may comprise paper or another suitable medium upon which the instructions are printed. For instance, the instructions may be electronically captured via optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
The following description is presented to enable a person of ordinary skill in the art to make and use the invention and is provided in the context of the requirement for a obtaining a patent. The present description is the best presently-contemplated method for carrying out the present invention. Various modifications to the preferred embodiment will be readily apparent to those skilled in the art and the generic principles of the present invention may be applied to other embodiments, and some features of the present invention may be used without the corresponding use of other features. Accordingly, the present invention is not intended to be limited to the embodiment shown but is to be accorded the widest scope consistent with the principles and features described herein.
CLAIMS
What is claimed is:
1. A method for providing a voice-based digital signature service, the method comprising:
sending, by a first user:
a document to a second user; and
a PIN to the second user and to a voice verification authority;
sending, by the second user to the voice verification authority,, a voice recording, comprising at least the PIN and a consent of the second user to the PIN;
comparing, by the voice verification authority, the voice recording with a predefined voice sample of the second user, and the PIN received from the first user with the PIN received from the second user; and
signing, by the signing entity, the PIN with a private key associated with the second user, on receiving a notification from the voice verification authority.
2. The method of claim 1, wherein the step of sending the document to the second user by the first user is preceded by the step of registering the second user with the voice verification authority.
3. The method of claim 1, wherein the PIN is a hash generated on the document using a one way hash function.
4. The method of claim 1, wherein the document and PIN are communicated through one of a plurality of electronic channels.
5. The method of claim 1, wherein the voice recording further comprises details such as time, date and name of the second user.
6. The method of claim 1, wherein a notification is sent by the voice verification authority to the signing entity for signing the document on successful match of:
the voice recording with a predefined voice sample of the second user; and
the PIN received from the first user with the PIN received from the second user.
7. The method of claim 1, further comprising sending an acknowledgement by the signing entity that the document has been signed on behalf of the second user, to the first user and to the second user.
8. The method_of claim 1, wherein the first user verifies the signature on the document performed by the signing entity using a known public key of the second user.
9. A system for providing a voice-based digital signature service, the system comprising:
a voice verification authority comprising:
a database, configured to store voice samples of one or more registered users;
an authentication module, configured to:
receive a PIN from a first user, and a voice recording comprising at least the PIN and a consent of a second user to the PIN;
compare the voice recording with a predefined voice sample of the second user, and the PIN received from the first user with the PIN received from the second user; and
send a notification to a signing entity based on the comparison; and
a signing entity configured to sign the PIN with a private key associated with the second user, on receiving the notification from the authentication module; and
send an acknowledgement that the document has been signed to the first user and to the second user.
10. The system of claim 9, further comprising a registration module configured to register one or more users with the voice verification authority.
11. The system of claim 9, wherein the signing entity comprises a database storing a private key associated with each of the one or more registered users.
12. The system of claim 9, wherein the PIN is generated on the document using a one way hash function.
13. The system of claim 9, wherein the acknowledgement sent by the signing entity consists of the signed PIN.
14. A computer program product for use with a computer, the computer program product comprising a computer usable medium having a computer readable program code embodied therein for providing a voice-based digital signature service, the computer readable program code storing a set of instructions configured for:
sending, by a first user:
a document to a second user; and
a PIN to the second user and to a voice verification authority;
sending, by the second user to the voice verification authority, a voice recording comprising at least the PIN and a consent of the second user to the PIN;
comparing, by the voice verification authority, the voice recording with a predefined voice sample of the second user, and the PIN received from the first user with the PIN received from the second user;
signing, by the signing entity, the PIN with a private key associated with the second user, on receiving a notification from the voice verification authority.
15. The computer program product of claim 14, wherein the PIN is a hash that is generated on the document using a one way hash function.
16. The computer program product of claim 14, wherein the voice recording further comprises details such as time, date and name of the second user.
17. The computer program product of claim 14, wherein the first user verifies the signature on the document performed by the signing .entity using a known public key of the second user.
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 2192-CHE-2011 FORM-3 29-06-2011.pdf | 2011-06-29 |
| 1 | 2192-CHE-2011-AbandonedLetter.pdf | 2018-12-03 |
| 2 | 2192-CHE-2011-FER.pdf | 2018-05-11 |
| 2 | 2192-CHE-2011 FORM-2 29-06-2011.pdf | 2011-06-29 |
| 3 | 2192-CHE-2011 FORM-1 29-06-2011.pdf | 2011-06-29 |
| 3 | 2192-CHE-2011 CORRESPONDENCE OTHERS 27-03-2014.pdf | 2014-03-27 |
| 4 | 2192-CHE-2011 DRAWINGS 29-06-2011.pdf | 2011-06-29 |
| 4 | 2192-CHE-2011 FORM-18 27-03-2014.pdf | 2014-03-27 |
| 5 | 2192-CHE-2011 FORM-3 22-07-2013.pdf | 2013-07-22 |
| 5 | 2192-CHE-2011 DESCRIPTION (COMPLETE) 29-06-2011.pdf | 2011-06-29 |
| 6 | abstract2192-CHE-2011.jpg | 2012-08-23 |
| 6 | 2192-CHE-2011 CORRESPONDENCE OTHERS 29-06-2011.pdf | 2011-06-29 |
| 7 | 2192-CHE-2011 CLAIMS 29-06-2011.pdf | 2011-06-29 |
| 7 | 2192-CHE-2011 ABSTRACT 29-06-2011.pdf | 2011-06-29 |
| 8 | 2192-CHE-2011 CLAIMS 29-06-2011.pdf | 2011-06-29 |
| 8 | 2192-CHE-2011 ABSTRACT 29-06-2011.pdf | 2011-06-29 |
| 9 | abstract2192-CHE-2011.jpg | 2012-08-23 |
| 9 | 2192-CHE-2011 CORRESPONDENCE OTHERS 29-06-2011.pdf | 2011-06-29 |
| 10 | 2192-CHE-2011 DESCRIPTION (COMPLETE) 29-06-2011.pdf | 2011-06-29 |
| 10 | 2192-CHE-2011 FORM-3 22-07-2013.pdf | 2013-07-22 |
| 11 | 2192-CHE-2011 DRAWINGS 29-06-2011.pdf | 2011-06-29 |
| 11 | 2192-CHE-2011 FORM-18 27-03-2014.pdf | 2014-03-27 |
| 12 | 2192-CHE-2011 FORM-1 29-06-2011.pdf | 2011-06-29 |
| 12 | 2192-CHE-2011 CORRESPONDENCE OTHERS 27-03-2014.pdf | 2014-03-27 |
| 13 | 2192-CHE-2011-FER.pdf | 2018-05-11 |
| 13 | 2192-CHE-2011 FORM-2 29-06-2011.pdf | 2011-06-29 |
| 14 | 2192-CHE-2011-AbandonedLetter.pdf | 2018-12-03 |
| 14 | 2192-CHE-2011 FORM-3 29-06-2011.pdf | 2011-06-29 |
Search Strategy
| 1 | SearchPattern_2192CHE2011_20-03-2018.pdf |