AU774772B2 - Identity authenticating system - Google Patents
Identity authenticating system Download PDFInfo
- Publication number
- AU774772B2 AU774772B2 AU53690/00A AU5369000A AU774772B2 AU 774772 B2 AU774772 B2 AU 774772B2 AU 53690/00 A AU53690/00 A AU 53690/00A AU 5369000 A AU5369000 A AU 5369000A AU 774772 B2 AU774772 B2 AU 774772B2
- Authority
- AU
- Australia
- Prior art keywords
- topic
- individual
- entries
- identifier
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
- 238000000034 method Methods 0.000 claims description 26
- 238000004590 computer program Methods 0.000 claims description 10
- 238000012545 processing Methods 0.000 claims description 5
- 230000004044 response Effects 0.000 description 13
- 238000010586 diagram Methods 0.000 description 8
- 238000013479 data entry Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 241001522296 Erithacus rubecula Species 0.000 description 1
- 241000507649 Kerria japonica Species 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000001667 episodic effect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000001343 mnemonic effect Effects 0.000 description 1
- 230000008929 regeneration Effects 0.000 description 1
- 238000011069 regeneration method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Description
-1- P/00/0011 Regulation 3.2
AUSTRALIA
Patents Act 1990 COMPLETE SPECIFICATION FOR A STANDARD PATENT
ORIGINAL
Name of Applicant: Actual Inventor: Address for service in Australia: Peter Andrew JONES Peter Andrew JONES Freehills Carter Smith Beadle 101 Collins Street Melbourne Victoria 3000 Australia IDENTITY AUTHENTICATING SYSTEM Invention Title: Details of Associated Provisional Application: Provisional Patent Application No PQ2613 filed 2 September 1999 The following statement is a full description of this invention, including the best method of performing it known to us
L
IDENTITY AUTHENTICATING SYSTEM The present invention relates generally to methods and systems for authenticating the identity of an individual, and in particular to such identity authenticating methods and systems which require the individual to perform one or more tasks in order to authenticate his or her identity.
Increasingly, financial transactions and access to computer services are conducted remotely, rather than face to face. As such, both providers of services and consumers have concerns regarding the possibility of a third party impersonating the consumer in such remote interactions. Hand written signatures have traditionally provided a mechanism to enable the verification of the identity of an individual in remote interactions. In electronic environments, password and eeoe personal identification number (PIN) systems are widely used for user identity 15 verification. In comparison with the sophistication of the underlying crytographic security infrastructure for secure electronic transactions, such as message confidentiality, message integrity and account authentification through digital 0.0 signatures and asymmetric encryption keys, passwords are a source of security weakness. The main criticisms of password and PIN systems are, firstly, that passwords are difficult to remember and therefore easy to steal because users are often led to write them down and, secondly, that passwords may be viewed or S: captured at the time the user uses them (by looking over the shoulder or captured by software) for later use by a third party.
Several techniques are being developed as replacements for a password or PIN based security system, such as fingerprint recognition, voice recognition, face recognition, iris scanning and other biometric parameter recognition systems. Such systems, however, are not yet fully developed and are likely to be complicated to use and expensive to install and maintain.
RNM:DL:40452617 CAP 29 August 2000 It would therefore be desirable to provide an identity authenticating system which is simple, secure, intuitive and compatible with existing technology.
Moreover, it is desirable to provide an identity authenticating system which ameliorates or overcomes one or more of the disadvantages of known identity authenticating systems.
With this in mind, one aspect of the present invention provides a method for authenticating the identity of an individual, the method comprising the steps of: storing topic data comprising a plurality of topic identifiers and name data comprising a plurality of corresponding topic entries each associated with one or more of said topic identifiers; S(b) prompting an individual with a first of said topic identifiers, one or more first topic entries corresponding to said first topic identifier, and one or 15 more further topic entries corresponding to at least one other topic identifier; accepting selection by said individual of one or more of said topic entries; correlating said selected topic entries with said topic entries corresponding .to said first topic identifier; and authenticating the identity of said individual if said correlation exceeds a first predetermined threshold.
Conveniently, the topic identifiers may correspond to personal life experiences of said individual.
The topic entries may correspond to names of persons or events associated with one or more of said personal life experiences.
In one embodiment, the method further includes the steps of: prompting said individual with at least a second of said topic identifiers; RNM:DL:40452617 CAP 29 August 2000 accepting selection by said individual of at least one said further topic entry; correlating said selected at least one said further topic entry with said second topic identifier; and authenticating the identity of said individual if a combination of steps (e) and exceed a second predetermined threshold.
The topic entries may be compiled into security data comprising topic entry codes representative of said topic entries.
The security data may further comprise topic identifier codes representative of said topic identifiers.
The individual may be prompted at step and makes selections at step at a 15 local terminal, at least said security data being stored remotely at a remote server connectable to said local terminal.
The topic data and name data may be additionally stored at said remote server.
20 Another aspect of the invention provides an identity authentication system for authenticating the identity of an individual, comprising: S: •storage means for storing topic data comprising a plurality of topic S"identifiers and name data comprising a plurality of topic entries each associated with one or more of said topic identifiers; prompting means for prompting an individual with a first of said topic identifiers, one or more first topic entries corresponding to said first topic identifier, and one or more further topic entries corresponding to at least one other topic identifier; selection means for enabling selection by said individual of one or more of said topic entries; and RNM:DL:40452617 CAP 29 August 2000 data processing means for: correlating said selected topic entries with said topic entries corresponding to said first topic identifier, and for authenticating the identity of said individual if said correlation exceeds a first predetermined threshold.
Conveniently, the prompting means additionally may act to prompt said individual with at least a second of said topic identifiers, said accepting means additionally acting to accept selection by said individual of at least one said further topic entry, said data processing means further acting to correlate said selected at least one said further topic entry with said second topic identifier, and to authenticate the identity of said individual if a combination of said oooo correlations exceed a second predetermined threshold.
A further aspect of the invention provides a computer program element comprising computer program code means to make the computer execute a procedure for authenticating the identity of an individual, by: storing a plurality of topic identifiers and, associated with each topic 20 identifier, a plurality of corresponding topic entries; prompting an individual with a first of said topic identifiers, one or more S. •first topic entries corresponding to said first topic identifier, and one or more further topic entries corresponding to at least one other topic identifier; accepting selection by said individual of one or more of said topic entries; correlating said selected topic entries with said topic entries corresponding to said first topic identifier; and authenticating the identity of said individual if said correlation exceeds a first predetermined threshold.
RNM:DL:40452617 CAP 29 August 2000 6 The computer program code means may further act to make the computer execute a procedure for authenticating the identity of an individual, by: prompting said individual with at least a second of said topic identifiers; accepting selection by said individual of at least one said further topic entry; correlating said selected at least one said further topic entry with said second topic identifier; and authenticating the identity of said individual if a combination of steps (e) and exceed a second predetermined threshold.
The computer program code means may further act to make the computer execute a S procedure for authenticating the identity of an individual, by: prompting the individual at step and accepting selections at step at a ""local terminal, at least said security data being stored remotely at a remote server connectable to said local terminal.
Yet another aspect of the invention provides a computer readable memory, encoded with data representing a computer program for directing a computer to execute a procedure for authenticating the identity of an individual, by: 20 storing a plurality of topic identifiers and, associated with each topic identifier, a plurality of corresponding topic entries; prompting an individual with a first of said topic identifiers, one or more first topic entries corresponding to said first topic identifier, and one or more further topic entries corresponding to at least one other topic identifier; accepting selection by said individual of one or more of said topic entries; correlating said selected topic entries with said topic entries corresponding to said first topic identifier; and authenticating the identity of said individual if said correlation exceeds a first predetermined threshold.
RNM:DL:40452617 CAP 29 August 2000 Preferred embodiments of the invention are depicted in the accompanying drawings, but those drawings are not to be understood as illustrating the only possible formal arrangement of the various steps or features of the invention.
In the drawings: Figure 1 illustrates a list of topic identifiers, and lists of topic entries corresponding to each topic identifier for use in the present invention; Figure 2 illustrates the categorisation of the topic identifiers and topic entries of Figure 1 into topic data and name data, and also illustrates security data compiled from the name data; Figure 3 is a schematic diagram illustrating three configurations of an Sidentity authenticating system according to the invention; Figure 4 is a schematic diagram illustrating the general functional aspects of the identity authenticating system of Figure 3; Figure 5 is a schematic diagram illustrating the operation of the identity authenticating system of Figure 3 in relation to a first embodiment of a selection performance task; Figure 6 is a schematic diagram illustrating the operation of the identity *.authenticating system of Figure 3 in the performance of a second embodiment of a 20 selection performance task; Figure 7 is a schematic diagram illustrating the operation of the identity authenticating system of Figure 3 in the performance of a third embodiment of a o• S"selection performance task; Figure 8 is a schematic diagram illustrating the operation of the identity authenticating system of Figure 3 in the performance of a fourth embodiment of a selection performance task; Figure 9 is a schematic diagram illustrating the operation of the identity authenticating system of Figure 3 in the performance of a first embodiment of an enumeration task, and RNM:DL:40452617 CAP 29 August 2000 8 Figure 10 is a schematic diagram illustrating the operation of the identity authenticating system of Figure 3 in the performance of a second embodiment of an enumeration task.
Referring now to Figure 1, there is shown generally a list of topic identifiers, and topic entries for each topic identifier, which is used by an individual to authenticate his or her identity according to the present invention. Each of the topic identifiers 1 to 11 correspond, in this example, to a personal life experience of an individual.
Similarly, the lists 12 to 22 of topic entries associated with each of the topic identifiers 1 to 11 may correspond to names of persons or events associated with each of these personal life experiences. Accordingly, the topic identifier F1 corresponds to the life experience "Form 1" of an individual's formal eduction. The topic entries corresponding to the topic identifier F1 are the names (Bonnie, Allan, David, Warren of persons that were in the individual's Form 1 class. The remaining topic identifiers 2 to 11 correspond respectively to Grade 6 of the individual's formal education, his job, the tertiary education institution he attended, his club, Form 6 of his formal education, the name of a first close friend, the name of a second close friend, the name of a city in which he lives, the name of a third close friend and his family.
Each of the names associated with each topic identifier correspond to the names of persons closely linked to that topic. The use of topic identifiers and topic entries which correspond to personal life experiences of an individual provide the advantage of identifying information which uniquely characterises that individual but which is essentially private. Moreover, names of persons or events are bountiful, highly redundant in nature, but for an individual are deeply elaborated symbols tightly bound to an episodic personal experience. By the mechanism of association, an individual uses these symbols to maintain a knowledge of a complex network of social relations.
RNM:DL:40452617 CAP 29 August 2000 9 Figure 4 illustrates the broad functional aspects of the identity authenticating system of the present invention. The user data 30 provided by an individual is firstly stored. This data is used to construct a task 31 requiring the individual to correctly associate one or more topic entries with one or more selected topic identifiers. A response 32 to this task is then compared to target data 33, derived from the user data 30, which would be generated if the individual was to perfectly perform the task set. The degree of correlation between the user response 32 and the target data 33 is then determined and the identity of the individual authenticated if the correlation exceeds a predetermined threshold.
The method for authenticating the identity of an individual may be carried out in a number of environments. As shown in Figure 3, the storing, processing and transfer of data required to perform the functions described in relation to Figure 4 may take "place in fully local environment, such as in a stand alone PC 40. Alternatively, the *Oo identity authentication system may comprise a local terminal 41 for displaying or otherwise prompting an individual with selected topic data, name data and other Sinformation to enable that individual to perform a required task, and to enable that individual to make various selections or provide other responses to that task. The local terminal 41 is connectable to a remote server 42 which maintains one or more 20 central databases of records required for the performance of a selected task.
Depending upon the security requirements of the identity authenticating system, the topic data TD and the name ND may be compiled into security data SD as shown in S"Figure 2. In a distributed identity authenticating system, the security data may be stored at the remote server 42, whilst the topic data and name data may be stored at the local terminal 41. Alternatively, the security data, topic data and name data may all be stored remotely from the local terminal at the remote server 42 in a fully remote identity authenticating system.
As can be seen in Figure 2, the name data ND, comprises an alphabetised list of the names of the persons listed in each of the list 12 to 22 of topic entries shown in Figure 1. Once redundancies have been removed, the list is alphabetised to create a RNM:DL:40452617 CAP 29 August 2000 complete, sorted list of topic entries corresponding to at least one of the topic identifiers 1 to 11. The name data ND may be stored on either the PC 40, local terminal 41 or remote server 42. The topic data TD comprises a sequence of 11 alphanumeric codes corresponding to a mnemonic representation of each of the topic identifiers 1 to 11. The security data SD consists of eleven lists of nine numbers. Each of the lists corresponds to a different one of the topic identifiers 1 to 11, the lists comprising SD being placed in the same order as that of the topic data TD. The nine numbers within each list comprising SD correspond to the ranking of the name of the persons associated with each topic in the numbered, alphabetised list of name data ND. Accordingly, the topic "Form 1" is associated with the names in "Bonnie", "Allan", "David", "Warren", "Robin", "Mark", "Lynda", "Kerrie" and "Andrew". In the ranked list of name data ND, the name "Allan" is the second listed name, "Andrew" is the sixth listed name, "Bonnie" is the twelfth listed name, and so on. It can be seen that the first sequence of numbers 6, 12, corresponds to the ranking of the names of those persons associated with the first topic identifier Whilst the foregoing describes one particular way of encoding the name data and topic data of Figure 1 into security data, it is to be appreciated that many other means of creating such security data may be envisaged by a person skilled in the appropriate field.
oo..
The use of the name data, topic data and security data shown in Figure 2 within the different environments shown in Figure 3 in the performance of exemplary tasks shown in Figure 4 will now be described with reference to Figures 5 to 8. Figure illustrates the manner in which the performance of a single selection task by an individual may be used to authenticate the identity of that individual, in a fully remote identity authenticating system. In this system, user data comprising the topic data TD, name data ND and security data SD are stored within the remote server 42. The server 42 firstly acts to randomly select one of the topic identifier codes 50, from the topic data TD, corresponding to one of the topic identifiers 1 to 11. This topic identifier code 50 is stored as a target topic for use in the construction of a task to be performed by the individual in verifying his or her RNM:DL:40452617 CAP 29 August 2000 11 identity. The security data SD is then accessed by the remote server 42 and four different topic entry codes 51 to 54 corresponding to topic entries associated with the selected topic identifier are randomly selected and stored by the remote server 42 as target names.
Grid display positions 55 to 58 are randomly assigned to each of the topic entry codes 51 to 54, this placement information being stored as target positions. Five topic entry codes 59 to 63 corresponding to entries associated with topic identifiers other than the selected target topic identifier are then randomly selected from the security data SD and stored as distracter names. Grid positions 64 to 68 are then randomly assigned to each of the distracter names complementary to the target S:positions already allocated to the previously selected target names, this placement information being stored as distracter positions.
A sequence of data is then transmitted to the local terminal 41 for use in the creation S of a display grid to the individual whose identity is to be confirmed. This transmitted data is called task data. As can be appreciated with reference to Figure 3, the form of the task data will depend upon whether the identity authenticating system is implemented as a distributed system requiring the transmission of numerical security data from the remote server 42 to the local terminal 41, or as a fully remote system in which symbolic information is transmitted. In the fully remote system example shown in Figure 5, the task data is constructed by the remote server 42 by firstly retrieving the topic identifier code 50 which is then used as an index in the topic data TD to generate a symbolic topic identifier. This topic identifier T is then stored as the first element 69 of the task data. The remaining elements of the task data are generated by determining which of the topic entry codes 51 to 54 and 59 to 63 has been assigned a first grid position, and then using that topic entry code as an index to locate the topic entry (name) corresponding thereto in the name data ND. This symbolic topic entry is then stored in the first element 70 of the task data. The same procedure is then repeated for grid positions RNM:DL:40452617 CAP 29 August 2000 2 to 9, so that the remaining task data elements 71 to 78 have stored therein the symbolic topic entries to be displayed in grid positions 2 to 9.
When the task data is received by the local terminal 41, the topic identifier T is displayed to the individual in a display element 79, whilst a display grid containing nine grid elements is used to display the contents of each of the task data elements 70 to 78.
The individual associated with the topic and topic identifiers shown in Figure 1 must then correctly identify which of the nine topic entries displayed on the display grid 80 are associated with the topic identifier displayed by the display element 79.
The individual must therefore be able to distinguish those four target topic entries associated with the target topic identifier from the distracter topic entries displayed.
The individual composes a response by selecting four of the nine topic entries displayed by the display grid 80. The individual selection may be carried out by means of a touch sensitive screen, mouse and cursor arrangement or other conventional means.
Once the individual has made his or her selection, the local terminal 41 captures the display grid positions 81 to 84 selected by the individual, and then transmits this information in the form of a user response to the remote server 42. Once the user S"response is received by the remote server 42, the selected grid positions 81 to 84 are compared with the stored target positions 55 to 58. A comparison is then made by the remote server 42 and the degree of correlation between the user response and the stored target positions is determined. If the correlation exceeds a first predetermined threshold (for example, at least three correct selections) the identity of the individual is authenticated.
In Figure 6, a similar arrangement is represented, with the exception that the identity authenticating system is embodied as a distributed system, the security data being stored at the remote server 42 and the topic data and name data being stored RNM:DL:40452617 CAP 29 August 2000 13 at the local terminal 41. The operation of the distributed system of Figure 6 is identical to that described in relation to Figure 5, with the exception that the task data does not contain symbolic information, but numerical information which is then used by the local terminal 41, to generate symbolic information for display to the individual in the display element 79 and the display grid 80. Accordingly, the topic identifier code 50 is used to create the first element 69 of the task data, whilst the elements 70 to 78 of the task data are composed of the topic entry codes, corresponding to target names and distracter names, which have been respectively assigned grid positions 1 to 9. Upon receipt of the target data at the local terminal 41, the local terminal uses the topic identifier code 50 as an index to locate and subsequently display the corresponding topic identifier in the display element 79.
Similarly, the topic entry codes 70 to 78 are used as indexes to identify and display corresponding topic entries in the name data ND for display in grid positions 1 to 9 of the display grid 80. Advantageously, interception of the task data transmitted from the remote server 42 to the local terminal 41 by an unauthorised third party would be of little use to that third party, since without knowledge of the corresponding name data and topic data stored in the local terminal 41, the identity of an individual could not be falsified.
Figures 7 and 8 represent further examples respectively of a fully remote system and a distributed system, in which one or more additional tasks are required to be S"performed by an individual in order to authenticate his or her identity. In addition to the association of four topic entries with a selected topic identifier, an individual is additionally required to associate each distracter topic entry displayed on the display grid 80 with its corresponding topic identifier. Accordingly, the remote server 42, acts to randomly select and store the topic identifier code 50, the topic entry codes 51 to 54 and corresponding grid positions 55 to 58, and the distracter topic entry codes 59 to 63 and corresponding grid positions 64 to 68, as previously described in relation to Figures 5 and 6. In this case, however, topic identifier codes 86 to 90 identifying the topic identifiers association with each of the distracter topic entry codes 64 to 68 are stored as distracter topics.
RNM:DL:40452617 CAP 29 August 2000 Task data elements 69 to 78 are then generated in a manner identical to that described in relation to Figure 5. In addition though, the remote server 42 acts to add the remaining topic identifiers 1 to 11 as elements 91 to 100 to the task data transmitted to the local terminal 41. The task data elements 91 to 100 include symbolic topic identifiers for display to the individual at the local terminal 41 by means of a topic grid 101. Upon receipt of the task data at the local terminal 41, the target topic identifier is displayed at the display element 79, and the target topic entries and distracter topic entries displayed at the display grid 80, as described in Figure 5. Moreover, the remaining topic identifiers 91 to 100 are displayed on the topic grid 101.
In order to authenticate his or her identity, the individual must select those target :.":topic entries associated with the target topic identifier. In addition, the individual must, for each of the remaining topic entries, select that topic entry and its associated topic identifier. The grid positions within the display grid 80 of the topic entries, and the grid positions within the topic grid 101 of the corresponding topics, selected by the user are stored in elements 102 to 111 of the user response which is S-forwarded to the remote server 42.
Upon receipt of the user response at the remote server 42, the grid position S"selections stored in elements 81 to 84 of the user response are compared with the grid positions 55 to 58 stored as target positions. In addition, the selected grid positions within the display grid 80 and within the topic grid 101 chosen by the user are compared with the grid positions 64 to 68 and corresponding distracter topics 86 to 90. In each of these comparisons, the correlation between the information stored in the remote server 42 and the information contained in the user response is compared. The identity of the individual is authenticated if the combination of these two correlation exceeds a predetermined threshold level (for example, 11 of 14 possible selections are correct).
RNM:DL:40452617 CAP 29 August 2000 The arrangement shown in Figure 8 is identical to that of Figure 7, with the exception that the identity authenticating system of Figure 8 is a distributed system in which the security data is stored on the remote server 42 whilst the topic data and name data is stored on the local terminal 41. The operation of the identity authenticating system of Figure 8 is the same as that represented in Figure 7, with the exception that the elements 69 to 78 and 91 to 100 of the task data contain numerical information consisting of the topic identifier code of the selected topic identifier, the topic entry codes of the target names and distracter names, and the topic identifier codes of each of the remaining topic identifiers 1 to 11. Each of these numerical codes are used as an index to search within the topic data TD and name data ND to identify the corresponding topic identifiers and topic entries for display by the display element 79, display grid 80 and topic grid 101. In other embodiments of the invention, the topic identifiers and/or topic entries may be displayed or otherwise prompted to the individual by various other means. It will also be appreciated that the number of target names, distracter names and/or topic identifiers may vary.
Whilst the topics and names of persons or events associated with each topic, as shown in Figure 1, may be entered by a system administrator, it is envisaged that registered users be able to enter this information into the identity authenticating system themselves.
It is also envisaged that registered users be provided with access to their own list of topics and names of persons or events associated with each topic in order that this information be able to be modified. However, enabling an individual to access his own data runs the risk of corrupting that data from a security point of view.
Accordingly, an individual may be required to perform an enumeration task involving the regeneration of the names of persons or events associated with a topic identifier as shown in Figure 1 as proof of identity prior to such modification.
Figures 9 and 10 show two examples of the manner in which such enumeration tasks may be realised. In Figure 9, the identity authenticating system is a fully RNM:DL:40452617 CAP 29 August 2000 remote system, in which the name data, topic data and security data are stored on the remote server 42. Initially, the remote server 42 randomly selects a topic identifier code 120 from the topic data. The topic entry codes stored in the name data are then accessed and those topic entry codes corresponding to topic entries associated with the target topic stored as target names 121. Task data 122 is then generated by using the target identifier code 120 as an index to look up the corresponding target identifier T. That information, together with the full ordered list of name data entries are included in the task data, which is then transmitted to the local terminal 41. The local terminal 41, upon receipt of the task data, displays the topic identifier in a display element 123. A display grid 124 is provided at the local terminal 41 which displays nine display elements, each consisting of a drop down window which is used to display the entire list of name data entries transmitted as part of the task data 122. The individual may use these drop down menus to select each of the nine topic entries corresponding to the displayed topic identifier. Once the user has completed this enumeration task, a user response 125 is generated in which the topic identifier and the selected topic entries are sent to the remote server 42. When this occurs, the remote server 42 compares the selected topic entries for the target topic with the stored target names 121. This exercise may be repeated for one or more additional topic identifiers, until some or all of the data represented in Figure 1 has been reconstituted.
Figure 10 shows a similar arrangement, in which the identity authenticating system is a distributed system storing the security data at the remote server 42, and the topic data and name data at the local terminal 41. As was the case previously, the operation of this system is identical to that of Figure 9 with the exception that the task data and user response contain numerical security data, rather than symbolic information.
It is to be appreciated that the foregoing functionality may be provided by means of a computer program element comprising computer program code to make the PC RNM:DL:40452617 CAP 29 August 2000 17 local terminal 41 and/or remote server 42 execute the described identity authenticating procedure.
Finally, it is to be realised that various modifications and/or alterations may be made to the previously described arrangements without departing from the spirit or ambit of the present invention.
oo o RNM:DL:40452617 CAP 29 August 2000
Claims (10)
1. A method for authenticating the identity of an individual, the method comprising the steps of: storing topic data comprising a plurality of topic identifiers and name data comprising a plurality of corresponding topic entries each associated with one or more of said topic identifiers; prompting an individual with a first of said topic identifiers, one or more first topic entries corresponding to said first topic identifier, and one or more further topic entries corresponding to at least one other topic identifier; eo accepting selection by said individual of one or more of said topic entries; correlating said selected topic entries with said topic entries corresponding S• to said first topic identifier; and authenticating the identity of said individual if said correlation exceeds a first predetermined threshold.
2. The method of authenticating according to claim 1 further includes the steps prompting said individual with at least a second of said topic identifiers; accepting selection by said individual of at least one said further topic S-entry; correlating said selected at least one said further topic entry with said second topic identifier; and authenticating the identity of said individual if a combination of steps (e) and exceed a second predetermined threshold.
3. The method according to claim 1 or 2 includes a further step of compiling topic entries into security data comprising topic entry codes representative of said topic entries. RNM:DL:40452617 CAP 29 August 2000 19
4. The method according to any one of claims 1 to 3 wherein said security data further comprises topic identifier codes representative of said topic identifiers. The method according to any preceding claim further includes the step of; prompting the individual at step and said individual makes selections at step (c) at a local terminal, wherein at least said security data is stored remotely at a remote server connectable to said local terminal.
6. The method according to any preceding claim, wherein the topic data and name data are additionally stored at said remote server.
7. The method according to any preceding claim wherein the topic identifiers correspond to personal life experiences of said individual.
8. The method according to claim 7 wherein the topic entries correspond to names of persons or events associated with one or more of said personal life experiences.
9. An identity authentication system for authenticating the identity of an individual, comprising: S:storage means for storing topic data comprising a plurality of topic identifiers S"and name data comprising a plurality of topic entries each associated with one or more of said topic identifiers; prompting means for prompting an individual with a first of said topic identifiers, one or more first topic entries corresponding to said first topic identifier, and one or more further topic entries corresponding to at least one other topic identifier; selection means for enabling selection by said individual of one or more of said topic entries; and data processing means for: RNM:DL:40452617 CAP 29 August 2000 correlating said selected topic entries with said topic entries corresponding to said first topic identifier, and for authenticating the identity of said individual if said correlation exceeds a first predetermined threshold. The system according to claim 9 wherein, the prompting means acts to prompt said individual with at least a second of said topic identifiers, said accepting means additionally acting to accept selection by said individual of at least one said further topic entry, said data processing means further acting to correlate said selected at least o* one said further topic entry with said second topic identifier, and to authenticate the identity of said individual if a combination of said correlations exceed a second predetermined threshold.
11. The system according to claim 9 or 10 wherein the topic entries are complied into security data comprising topic entry codes representative of said topic entries.
444. *ooo 12. The system according to any one of claims 9 to 11 wherein said security data -*.further comprises topic identifier codes representative of said topic identifiers. 13. The system according to any one of claims 9 to 11 wherein at least said 4"security data is stored remotely at a remote server connectable to a local terminal for said individual to make a selection. 14. The system according to any one of claims 9 to 11, wherein the topic data and name data are additionally stored at said remote server. The system according to any one of claims 9 to 14 wherein the topic identifiers correspond to personal life experiences of said individual. RNM:DL:40452617 CAP 29 August 2000 21 16. The system according to claim 15 wherein the topic entries correspond to names of persons or events associated with one or more of said personal life experiences. 17. A computer program code means to execute a procedure on a computer for authenticating the identity of an individual, by: storing a plurality of topic identifiers and, associated with each topic identifier, a plurality of corresponding topic entries; prompting an individual with a first of said topic identifiers, one or more first topic entries corresponding to said first topic identifier, and one or 'e0. more further topic entries corresponding to at least one other topic too* o identifier; accepting selection by said individual of one or more of said topic entries; C• 00 (min) correlating said selected topic entries with said topic entries corresponding to said first topic identifier; and authenticating the identity of said individual if said correlation exceeds a first predetermined threshold. 18. The computer program code means according to claim 17 further acts to execute a procedure on a computer for authenticating the identity of an individual, .by: prompting said individual with at least a second of said topic identifiers; accepting selection by said individual of at least one said further topic entry; correlating said selected at least one said further topic entry with said second topic identifier; and authenticating the identity of said individual if a combination of steps (e) and exceed a second predetermined threshold. RNM:DL:40452617 CAP 29 August 2000 19. A computer readable memory, encoded with data representing a computer program to execute a procedure on a computer for authenticating the identity of an individual, by: storing a plurality of topic identifiers and, associated with each topic identifier, a plurality of corresponding topic entries; prompting an individual with a first of said topic identifiers, one or more first topic entries corresponding to said first topic identifier, and one or more further topic entries corresponding to at least one other topic identifier; accepting selection by said individual of one or more of said topic entries; correlating said selected topic entries with said topic entries corresponding S"to said first topic identifier; and authenticating the identity of said individual if said correlation exceeds a first predetermined threshold DATED: 29 August 2000 Freehills Carter Smith Beadle Patent Attorneys for the Applicant: o PETER ANDREW JONES RNM:DL:40452617 CAP 29 August 2000
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU53690/00A AU774772B2 (en) | 1999-09-02 | 2000-08-29 | Identity authenticating system |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AUPQ2613 | 1999-09-02 | ||
| AUPQ2613A AUPQ261399A0 (en) | 1999-09-02 | 1999-09-02 | Identity authenticating system |
| AU53690/00A AU774772B2 (en) | 1999-09-02 | 2000-08-29 | Identity authenticating system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| AU5369000A AU5369000A (en) | 2001-03-08 |
| AU774772B2 true AU774772B2 (en) | 2004-07-08 |
Family
ID=25630169
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AU53690/00A Ceased AU774772B2 (en) | 1999-09-02 | 2000-08-29 | Identity authenticating system |
Country Status (1)
| Country | Link |
|---|---|
| AU (1) | AU774772B2 (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2146815A (en) * | 1983-09-17 | 1985-04-24 | Ibm | Electronic fund transfer systems |
| GB2255664A (en) * | 1991-04-09 | 1992-11-11 | Frank Victor Haymann | Credit card validation. |
| WO1996036148A1 (en) * | 1995-05-08 | 1996-11-14 | Image Data, L.L.C. | Positive identification system and method |
-
2000
- 2000-08-29 AU AU53690/00A patent/AU774772B2/en not_active Ceased
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2146815A (en) * | 1983-09-17 | 1985-04-24 | Ibm | Electronic fund transfer systems |
| GB2255664A (en) * | 1991-04-09 | 1992-11-11 | Frank Victor Haymann | Credit card validation. |
| WO1996036148A1 (en) * | 1995-05-08 | 1996-11-14 | Image Data, L.L.C. | Positive identification system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| AU5369000A (en) | 2001-03-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP3695695B2 (en) | Password generation verification system and method | |
| US7774254B2 (en) | System for storing vital records | |
| US6317834B1 (en) | Biometric authentication system with encrypted models | |
| US6327659B2 (en) | Generalized user identification and authentication system | |
| US8407762B2 (en) | System for three level authentication of a user | |
| US11128613B2 (en) | Authentication based on visual memory | |
| MX2007007511A (en) | Authentication device and/or method. | |
| KR20040093055A (en) | User authentication method and user authentication system | |
| BRPI0608576A2 (en) | process for secure data communication | |
| CN109005140A (en) | Safe account registration and login method | |
| CN106911847A (en) | Mobile phone text cipher authentication method based on the semantic prompting of vibrations | |
| AU774772B2 (en) | Identity authenticating system | |
| Aris et al. | Shoulder surf resistant screen locking for smartphones: A review of fifty non-biometric methods | |
| Tangawar et al. | Survey paper on graphical password authentication system in terms of usability and security attribute | |
| Ahsan et al. | Graphical password authentication using images sequence | |
| US12395485B2 (en) | Fraud resistant passcode entry system | |
| JP2010079823A (en) | Individual identification system | |
| JP2002342281A (en) | Interactive personal authentication system and method, execution program of this method, and recording medium of this execution program | |
| Mihajlov et al. | ImagePass-Designing graphical authentication for security | |
| Aljaffan | Password security and usability: from password checkers to a new framework for user authentication | |
| JP4411916B2 (en) | User authentication system | |
| KR20220087163A (en) | System for qr code-based security clearance authentication system | |
| Moukhliss et al. | A new smart cards based model for securing services | |
| KR101699872B1 (en) | System for generating variable password through double securing process | |
| KR20070004191A (en) | Identity verification system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FGA | Letters patent sealed or granted (standard patent) |