公开(公告)号：WO2016151193A1

公开(公告)日：2016-09-29

申请号：PCT/FI2016/050174

申请日：2016-03-21

Applicant: APLCOMP OY

Inventor： PITKÄNEN, Martti ,  PARTS, Robert ,  HUUHKA-PITKÄNEN, Pirjo

IPC: H04L29/06 ,  G06F21/32 ,  H04W12/06 ,  G10L17/00

CPC classification number: G06F21/32 ,  G06Q20/3674 ,  G07C9/00158 ,  G10L17/22 ,  H04L63/0861 ,  H04W12/06

Abstract: Electronic system (106, 109A) for authenticating a user of an electronic service, said system preferably comprising at least one server apparatus, the system being configured to store (122, 112, 200), for a number of users, a plurality of personal voiceprints (204) each of which being linked with a dedicated visual, audiovisual or audio cue (202), for challenge-response authentication of the users, wherein the cues are user-selected, user-provided or user-created, pick (116, 200C, 142, 144), upon receipt of an authentication request associated with a claim of an identity (160) of an existing user of said number of users, a subset of cues (212) for which there are voiceprints of the existing user stored (112), and provide the cues for representation to the user as a challenge, receive (126, 148, 150) sound data indicative of the voice responses uttered by the user to the represented cues, said voice responses being captured utilizing both air and throat microphones, determine (114, 152, 154, 156, 158) on the basis of the sound data, the represented cues and voiceprints linked therewith and the existing user, whether the response has been uttered by the existing user of said number of users, wherein the sound data indicative of the voice responses uttered to the represented cues are preferably matched as concatenated against a concatenated voiceprint established based on the voiceprints linked with the represented cues and the existing user, and provided that this seems to be the case, elevate (116, 152, 200D, 218, 216) the authentication status of the user as the existing user, preferably regarding at least the current communication session. Related method and device (102c) are presented.

Abstract translation: 用于认证电子服务的用户的电子系统（106,109A），所述系统优选地包括至少一个服务器装置，所述系统被配置为对多个用户存储（122,112,200）多个个人 声纹（204），其每个都与专用的视觉，视听或音频提示（202）链接，用于用户的质询 - 响应认证，其中用户选择，用户提供或用户创建的提示，拾取（116 ，200C，142,144），在接收到与所述用户数的现有用户的身份（160）的权利要求相关联的认证请求时，存在现有用户的声纹的提示子集（212） 存储（112），并且向用户提供用于表示的提示作为挑战，接收（126,148,150）指示用户向所示的提示发出的语音响应的声音数据，所述语音响应利用两个空中 和喉音麦克风，确定（114，152， 基于声音数据，与之相关联的表示的提示和声纹以及现有用户，所述用户的现有用户是否已经发出响应，其中指示语音的声音数据 优选地，对所表示的线索发出的响应被匹配成与基于与所表示的线索和现有用户相关联的声纹创建的级联声音图连接，并且如果这似乎是这种情况，则提升（116,152,200D， 216）用户作为现有用户的认证状态，优选地至少关于当前通信会话。 提出了相关方法和装置（102c）。

公开(公告)号：WO2013190169A1

公开(公告)日：2013-12-27

申请号：PCT/FI2012/050630

申请日：2012-06-18

Applicant: APLCOMP OY ,  PITKÄNEN, Martti ,  PARTS, Robert

Inventor： PITKÄNEN, Martti ,  PARTS, Robert

IPC: G06F21/32 ,  H04L9/32 ,  G10L17/00

CPC classification number: G06F21/32 ,  G10L17/24 ,  H04L63/0838 ,  H04L63/107 ,  H04L2463/082 ,  H04W4/02

Abstract: An arrangement (106), such as a server apparatus or a plurality of at least functionally connected server and/or other apparatuses, for controlling access to a network service, such as a cloud service, utilizing multi-factor, at least two- factor, authentication, comprising a processing entity (150) and a memory entity (152) for processing and storing data, respectively, and a data transfer entity (156) for receiving and sending data, the arrangement being configured to transmit a code (143c), preferably as browser data such as web page data, during a communication session associated with a predetermined user of the service for visualization and subsequent uttering by the user, receive sound data (143g) indicative of the uttered code, determine on the basis of the sound data and voiceprint data associated with the predetermined user whether the code has been uttered by the predetermined user (143h), and provided that this seems to be the case, raise the gained authentication status of the predetermined user regarding at least the current communication session (143l), wherein raising the authentication status optionally includes at least one action selected from the group consisting of: enabling a new service feature, enabling the use of a new application, enabling a new communication method, and enabling the adjustment of service settings or preferences. A corresponding method is presented.

Abstract translation: 一种用于控制对诸如云服务的网络服务的访问的诸如服务器装置或多个至少功能连接的服务器和/或其他装置的装置（106），其利用多因素，至少两个因素 ，包括分别用于处理和存储数据的处理实体（150）和存储器实体（152），以及用于接收和发送数据的数据传输实体（156），所述装置被配置为发送代码（143c） ，优选地作为诸如网页数据的浏览器数据，在与服务的预定用户相关联的通信会话期间，用于可视化和随后的用户发言，接收指示发出的代码的声音数据（143g），基于 与预定用户相关联的声音数据和声纹数据是否已经被预定用户（143h）发出，并且假设这似乎是这种情况，则提高所获得的认证状态 关于至少当前通信会话（143l）的预定用户，其中提高认证状态可选地包括从以下组中选择的至少一个动作：启用新服务特征，使得能够使用新应用，实现新的通信 方法，并且能够调整服务设置或偏好。 提出了相应的方法。

公开(公告)号：WO2015059365A1

公开(公告)日：2015-04-30

申请号：PCT/FI2014/050807

申请日：2014-10-27

Applicant: APLCOMP OY

Inventor： PITKÄNEN, Martti ,  PARTS, Robert ,  HUUHKA-PITKÄNEN, Pirjo

IPC: G06F21/32 ,  H04L29/06 ,  H04W12/06

CPC classification number: G10L17/22 ,  G06F21/32 ,  G06F21/36 ,  G06F2221/2103 ,  G06F2221/2111 ,  H04L63/0853 ,  H04L63/0861 ,  H04L63/107

Abstract: Electronic system (106, 109A) for authenticating a user of an electronic service, said system preferably comprising at least one server apparatus, the system being configured to store (122, 112, 200), for a number of users, a plurality of personal voiceprints (204) each of which being linked with a dedicated visual, audiovisual or audio cue (202), for challenge-response authentication of the users, pick (116, 200C, 142, 144), upon receipt of an authentication request associated with an existing user of said number of users, a number of cues (212) for which there are voiceprints of the existing user stored, and provide the cues for representation (144, 126) to the user as a challenge, receive (126, 148) sound data indicative of the voice response uttered by the user to the represented cues, determine (114, 150) on the basis of the sound data, the represented cues and linked voiceprints, whether the response has been uttered by the existing user of said number of users, and provided that this seems to be the case, elevate (116, 152, 200D, 218, 216) the authentication status of the user as the existing user, preferably regarding at least the current communication session. A corresponding method and device (102c) are presented.

Abstract translation: 用于认证电子服务的用户的电子系统（106,109A），所述系统优选地包括至少一个服务器装置，所述系统被配置为对多个用户存储（122,112,200）多个个人 每个声音纹理（204）与专用的视觉，视听或音频提示（202）链接，用于用户的质询 - 响应认证，在接收到与（...）相关联的认证请求时，选择（116,200C，142,144） 所述用户数目的现有用户，存储有现有用户的声纹的许多提示（212），并且向用户提供用于表示（144,126）的提示作为挑战，接收（126,148） ）指示用户对所表示的提示发出的语音响应的声音数据，基于声音数据，所表示的提示和链接的声纹来确定（114,150），所述响应是否已被所述的现有用户发出 用户数量，并提供 这似乎是这种情况，提升（116,152,200D，218,216）作为现有用户的用户的认证状态，优选地至少关于当前通信会话。 呈现相应的方法和装置（102c）。

公开(公告)号：WO2012045908A1

公开(公告)日：2012-04-12

申请号：PCT/FI2011/050380

申请日：2011-04-27

Applicant: APLCOMP OY ,  PITKÄNEN, Martti

Inventor： PITKÄNEN, Martti

IPC: H04L29/06 ,  H04L9/32 ,  H04L12/58

CPC classification number: H04L63/0838 ,  H04L9/3228 ,  H04L51/24 ,  H04L63/0853 ,  H04L63/107 ,  H04L63/18 ,  H04L2463/082 ,  H04W4/02 ,  H04W4/14 ,  H04W12/06

Abstract: An arrangement (106), such as a server apparatus or a plurality of at least functionally connected server and/or other apparatuses, for controlling access to a network service, such as a cloud service, utilizing multi-factor, at least two- factor, authentication, comprising a processing entity (150) and a memory entity (152) for processing and storing data, respectively, and a data transfer entity (156) for receiving and sending data, the arrangement being configured to send an e-mail notice (128) to an e-mail address associated with a predetermined user, the e-mail notice including a preferably secure link for a browser, such as an Internet browser, receive an indication of the activation of the preferably secure link (134), such as a data request like a web resource request sent via a browser, in response to which the arrangement being further configured to send first browser data, such as web page data, requesting the user of the browser to input a secret (136), and a one-time password (OTP) to a mobile device associated with the predetermined user (138b), receive user input relative to the request for secret (140), determine whether the user input matches the sent OTP (142), and if that is the case, enable the user of the browser and related terminal device, thus authenticated as the predetermined user, to access the service (144, 144a, 186, 88).Enabling preferably includes transfer of enabling data such as program and/or password data to the terminal device. A corresponding method is presented.

Abstract translation: 一种用于控制对诸如云服务的网络服务的访问的诸如服务器装置或多个至少功能连接的服务器和/或其他装置的装置（106），其利用多因素，至少两个因素 ，认证，包括分别用于处理和存储数据的处理实体（150）和存储器实体（152），以及用于接收和发送数据的数据传输实体（156），所述设置被配置为发送电子邮件通知 （128）到与预定用户相关联的电子邮件地址，所述电子邮件通知包括诸如因特网浏览器的浏览器的优选安全链接，接收优选地安全链路（134）的激活的指示， 例如诸如通过浏览器发送的网络资源请求的数据请求，响应于该布置被进一步配置为发送第一浏览器数据，诸如网页数据，请求浏览器的用户输入秘密（136）， 和一次性passw （OTP）到与预定用户（138b）相关联的移动设备，接收相对于秘密请求的用户输入（140），确定用户输入是否与发送的OTP（142）匹配，如果是这种情况， 使得浏览器和相关终端设备的用户（因此被认证为预定用户）来访问服务（144,144a，186,88）。启用优选地包括向终端传送诸如程序和/或密码数据的启用数据 设备。 提出了相应的方法。

公开(公告)号：WO2011055002A1

公开(公告)日：2011-05-12

申请号：PCT/FI2010/050773

申请日：2010-10-06

Applicant: APLCOMP OY ,  PITKÄNEN, Martti

Inventor： PITKÄNEN, Martti

IPC: H04L12/58 ,  H04L29/06

CPC classification number: H04L12/14 ,  H04L9/3215 ,  H04L9/3228 ,  H04L9/3271 ,  H04L12/1428 ,  H04L51/18 ,  H04L51/24 ,  H04L51/34 ,  H04L63/0838 ,  H04L63/107 ,  H04L63/168 ,  H04L2209/42 ,  H04L2209/56 ,  H04L2209/60 ,  H04L2209/80 ,  H04L2463/082

Abstract: An arrangement, such as a server (106) or a plurality of at least functionally connected servers, for delivering an electronic document, such as a bill, to a recipient utilizing multi-factor authentication, said arrangement comprising a processing entity (150) and a memory entity (152) for processing and storing data, respectively, and a data transfer entity (156) for receiving and sending data, said arrangement being configured to receive and store an electronic document provided by a sender for delivery to a predetermined recipient (126),send an e- mail including a notice indicative of the reception of the electronic document to an e-mail address associated with the predetermined recipient, said e-mail notice including a secure link for a browser (128),receive an indication of the activation of the secure link (132), in response to which said arrangement being further configured to,send first browser data, such as web page data, requesting the user of the browser to input a secret (136), send a one-time password (OTP) to a mobile device associated with the predetermined recipient (138b),receive user input relative to the request for secret (140), determine whether the user input matches the sent OTP (142), and if that is the case,enable the user, thus authenticated as the predetermined recipient, to access the electronic document (144).A corresponding method is presented.

Abstract translation: 一种诸如服务器（106）或多个至少功能上连接的服务器的布置，用于将诸如纸币的电子文档传送到使用多因素认证的接收者，所述装置包括处理实体（150）和 分别用于处理和存储数据的存储器实体（152）和用于接收和发送数据的数据传输实体（156），所述装置被配置为接收和存储由发送者提供的电子文档以传送给预定接收者（ 126），将包括指示接收电子文档的通知的电子邮件发送到与预定接收者相关联的电子邮件地址，所述电子邮件通知包括用于浏览器（128）的安全链接，接收指示 响应于所述安排进一步被配置为发送诸如网页数据的第一浏览器数据，请求浏览器的用户输入秘密（1） 向与所述预定接收者（138b）相关联的移动设备发送一次性密码（OTP），相对于所述秘密请求（140）接收用户输入，确定所述用户输入是否匹配所发送的OTP（142） 并且如果是这种情况，则允许作为预定接收者认证的用户访问电子文档（144）。呈现相应的方法。