Europiiisches Patentamt
`
`0’
`
`European Patent Office
`
`Office européen des brevets
`
`@ Publication number: 0
`
`@
`
`EUROPEAN PATENT APPLICATION
`
`@ Application number: 943025932
`
`@ Int. C|.5: G06F 3/16
`
`@ Date of filing: 13.04.94
`
`Priority: 23.04.93 US 52310
`
`Date of publication of application :
`26.10.94 Bulletin 94/43
`
`Designated Contracting States:
`DE FR GB
`
`@ Applicant: AT & T Corp.
`32 Avenue of the Americas
`New York, NY 10013-2412 (US)
`
`Password verification system.
`
`@ Passwords are spoken by users (e.g.0001)
`and stored as speech models in a database (101
`in 10). The database (10) also contains a plurali-
`ty of reference voice (RV) speech models (in
`100) based on speech inputs by various persons
`(1.2...1000); each RV speech model
`includes
`characters
`(0,1,2,...9,oh),
`digits,
`or phrases
`comprising user assigned passwords. Prefer-
`ably, a group of the RV speech models are
`selected (RV1,20,350,591,1000) based upon a
`predetermined
`level
`of
`difference
`between
`same and a speech model (in 101) of the user’s
`spoken password.
`In requesting access to the
`system, a user speaks the assigned password.
`The password entered by the user to obtain
`access is compared with user’s own speech
`models
`(in 101) and with the selected RV
`speech models (in 100) to determine a measure
`of similarity. The validity of
`the password is
`determined based upon this measure of simil-
`arity.
`
`EP0621532A1
`
`@ Inventor: Rissanen, Eugene Leo
`184 Baranof West
`
`westervme’ chic’ 43031 (Us)
`
`Representative : Buckley, Christopher Simon
`Thirsk et al
`AT&T (UK) LTD.,
`AT&T Intellectual Property Division,
`5 Mornington Road
`Woodford Green, Essex |G8 OTU (GB)
`
`10:00 0,1,2,-:-9,'oh'
`PASSWORD FILE
`USER PASSWORD USER'S WORD MODEL
`INDEX TO SELECTED RV’s
`73198
`'7','3','1','9",'5"
`20
`350 591
`
`101
`
`EEIEII
`
`Jouve, 18, rue Saint-Denis, 75001 PARIS
`
`Facebook |nc.'s Exhibit 1004
`.
`. O01
`.
`Pet1t1oner Mlcrosoft Corporat1on, Ex. 1004, p. 1
`
`Facebook Inc.'s Exhibit 1004
`
`001
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 1
`
`

`
`EP 0 621 532 A1
`
`Technical Field
`
`This invention relates to spoken password sys-
`tems and in particularto a technique for verifying user
`dependent passwords.
`
`Background of the Invention
`
`Computer systems are increasingly being used in
`the work place to prepare and store documents of a
`sensitive nature relating to business operations. Due
`to the sensitive nature of business operations, it is of-
`ten necessary that users of a computer system and
`calling telephone parties accessing a computer sys-
`tem over the telephone network be assigned unique
`passwords intended to enable access to the computer
`system. The use of passwords function both to deny
`access to the computer system to those that are not
`assigned passwords and to grant access to a pass-
`word holder.
`
`Some business computer systems are arranged
`to initially record and store passwords assigned to
`users. In response to a prompt by the system for the
`user’s password, the user enters the password onto
`a keyboard and the system compares the keyboard
`entered password with the stored passwords and en-
`ables the user to access the system when the entered
`password matches the previously stored password.
`In voice operated computer systems used both in
`business and with computer systems coupled with the
`telephone network, user passwords are recorded and
`stored as speech models (voice templates) in a pass-
`word database of the system for each user’s account
`code (login identification). The word "model" as used
`herein means any digitized form of a spoken word or
`composite form of a word repeated a plurality of
`times. Typically, the computer system prompts the
`user to enter the user’s account code and then
`
`prompts the user to enter the assigned password by
`speaking the password into audio input apparatus of
`the computer system. The system responds to entry
`of the spoken password by assembling a speech
`model of the entered password and comparing it with
`a previously recorded and stored user password mod-
`el to determine the validity of the user entered pass-
`word.
`In the comparison process the user entered
`password model is compared with each previously re-
`corded and stored password model. Typically, a score
`is assigned to such comparison representing the sim-
`ilarity of the user entered password model with the
`pre-recorded and stored password model. When
`there is a match of the user entered password model
`with a previously recorded stored password model as
`determined by a score above a predetermined thresh-
`old, the system recognizes the user spoken password
`as valid and grants the user access to the system.
`A problem arises with present speech password
`systems in that inflections and changes occur from
`
`time-to-time in users’ voices and to speech transmis-
`sion characteristics of the system. These variations
`cause errors when an undesired mismatch occurs
`
`due to a comparison of a speech model of a valid, but
`changed, password to the prerecorded password
`model. This results in the system denying an autho-
`rized user access to the system. Accordingly, a need
`exists for an improved password validation system
`that can recognize valid speaker dependent autho-
`rized passwords even when different voice inflec-
`tions occur and where system transmission charac-
`teristics cause variations of the received voice pass-
`word.
`
`Solution
`
`It is an object of the present invention to provide
`an improved password validation method and appa-
`ratus which provides flexibility in recognizing valid
`spoken passwords while still maintaining authentica-
`tion accuracy.
`In accordance with an embodiment of the prefer-
`red invention, a computer controlled database is
`linked to a telecommunication network with which
`
`users are provided password controlled access.
`Users are initially entered into a password database
`stored in the computer system by assigning each user
`an account code and a password, such as consisting
`of a number of numerical digits. Aspeech model of the
`user’s password based on the user’s voiced entry of
`the password is stored in the database along with the
`user's account code.
`
`The computer database contains a reference
`voice table consisting of prerecorded inputs by a plur-
`ality of people who have spoken each of the permis-
`sible numeric digits that can be assigned as pass-
`words to users. Voice models of each reference voice
`
`for each digit are stored in the database. Upon a new
`user being assigned a password and voice entry by
`the user of the password, a model of the user’s pass-
`word is stored in the computer database and is iden-
`tified by the correspondingly assigned account code.
`The user's spoken password model is then compared
`against each of the reference voice models for corre-
`sponding digits and assigned a score for each. The
`reference voice entries are then rank ordered in ac-
`
`cordance with the scores reflecting similarity. A plur-
`ality, such as five, of the reference voices, preferably
`having contiguous rank order scores within a prede-
`fined range ofsimilarity scores, are selected as com-
`parison models against which models of subsequent
`spoken passwords will bejudged. An index to each of
`these selected voices is stored in a user data field as-
`
`sociated with the corresponding user’s password.
`Upon a request by a user for access to the system
`and voicing of a password, the computer system re-
`cords the voice password. The recorded voice pass-
`word is compared with the previously selected refer-
`
`Facebook |nc.'s Exhibit 1004
`.
`. O02
`.
`Pet1t1oner Mlcrosoft Corporat1on, Ex. 1004, p. 2
`
`Facebook Inc.'s Exhibit 1004
`
`002
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 2
`
`

`
`EP 0 621 532 A1
`
`ence voices to yield a composite first score and is
`compared with the user’s own stored password model
`to yield a second score. If the difference between the
`first and second scores exceed a predetermined
`threshold, entry of a valid password is determined.
`
`Brief Description of the Drawing’s
`
`illustrates a password validation system
`FIG. 1
`which incorporates an embodiment of the present in-
`vention.
`FIG. 2 illustrates an embodiment of a database
`as shown in FIG. 1.
`
`FIG. 3 is a graph illustrating the relative similarity
`of reference voices which are preferably selected for
`comparison with each password.
`FIGS. 4, 5, and 6 are flow diagrams illustrating
`exemplary steps of a password validation method
`used by the system of FIG. 1 in accord with the pres-
`ent invention.
`
`Detailed Description
`
`In an exemplary embodiment ofthe invention, a
`password identification system 1 shown in FIG. 1
`is
`intended for use in a wide variety of applications to re-
`strict user access to computer systems and to the
`physical facilities and services provided to certain
`users by the system. In one application, a computer
`system serves a number of users 2 and 3, and stores
`data files, at least some of which, are restricted for
`use by users 2 and 3. Each authorized user is identi-
`fied by a unique account code and corresponding
`password. In another application, a company 5 may
`have a number of physical facilities such as private
`telephone lines which company 5 wants to restrict ac-
`cess to users 50, 51, and 52 who are each given an
`account code and password that enables access to
`the physical facilities available for use by the compa-
`ny. In yet another application, a provider of financial
`services may provide a user electronic access to user
`account files wherein access to an accou ntfi le is gov-
`erned by an account code and unique password as-
`signed to a user.
`Password system 1 is capable of enrolling (initial-
`Iy entering) user spoken passwords and subsequent-
`Iy recognizing the passwords when spoken by the
`same user that previously enrolled the password.
`Password system 1 has line interface apparatus com-
`prising a plurality ofaccess circuits 15, line circuits 16
`and trunk circuits 17, each of which are well known
`and need not be explained for an understanding of the
`invention. These circuits interconnect password sys-
`tem 1 with users 2, 3, and 5. Access circuit 15 may be
`connected with any one of a number of well known
`voice activated devices that enables users 2 and 5 to
`
`directly receive from and enter spoken alphanumeric
`sounds into password system 1. Line circuits 16 and
`
`trunk circuits 17 may be coupled with corresponding
`line circuit and trunk circuits of telephone switching
`systems of telephone network 4 and enable a user 3
`connected to telephone network 4 to place and re-
`ceive telephone calls and enter spoken alphanumeric
`sounds into password system 1.
`Each access, line and trunkcircuit 15, 16, and 17,
`respectively, is also coupled to switch 13 and control-
`led by data bus 18 extending from central processor
`unit 11. A number of voice prompt and recognition
`units 14 are each connected with switch 13 and con-
`
`trolled via central processor unit 11 and data bus 18
`to generate audio prompt messages used to instruct
`users 2, 3, and 5 interconnected with access, line and
`trunk circuits 15, 16, and 17 in the use of password
`identification system 1 and to prompt calling users 2,
`3, and 5 for password information. Each voice prompt
`and recognition unit 14, which is controlled by central
`processor unit 11, transmits password information re-
`ceived from users 2, 3, and 5 in response to the gen-
`erated audio prompt messages over data bus 18 to
`central processor unit 11. Received password infor-
`mation is recorded under control of central processor
`unit 11 in database 10. Switch 11, which is intercon-
`nected with access, Iine and trunk circuits 15, 16, and
`17, and with voice prompt and recognition units 14, is
`coupled to central processor unit 11 via data bus 18
`and selectively connects ones of voice prompt and
`recognition units 14 with ones of access,
`line and
`trunk circuits 15, 16, and 17, connected with users 2,
`3, and 5.
`Password system 1 may comprise a general pur-
`pose IBM compatible computer, such as a 386 or 486
`or an AT&T 3B2-400 or 3B2-310 simplex or duplex
`computer. Such computers need not be described in
`detail for an understanding of the invention and in
`general have a central processor unit 11 and a mem-
`ory unit 12 each interconnected by address, data and
`control leads to data bus 18. Data bus 18 enables
`
`central processor unit 11 to communicate with each
`connected element in the operation of password sys-
`tem 1. Central processorunit 11 is programmed in ac-
`cordance with programs stored in memory 12 to en-
`roll, recognize, and validate user spoken passwords.
`Referring to FIGS. 1 and 2, the illustrative speech
`password system 1 records and stores in database
`100 included in database 10 a plurality of speech
`models corresponding to strings of predefined spok-
`en numerals entered by persons into speech pass-
`word system 1.A|though only spoken number models
`are used in the illustrative embodiment, alphanume-
`ric words and phrases could be used to provide a wid-
`er selection of passwords that can be assigned to
`users. Typically, a substantial number of persons,
`such as 1000 persons, each record enough speech to
`allow one speech model of each of the predefined
`terms (numbers 0-9 and "oh") from microphones of a
`telephone. The models may be hidden markov, word
`
`Facebook |nc.'s Exhibit 1004
`.
`. O03
`.
`Pet1t1oner Mlcrosoft Corporat1on, Ex. 1004, p. 3
`
`Facebook Inc.'s Exhibit 1004
`
`003
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 3
`
`

`
`EP 0 621 532 A1
`
`models and preferably representat least six represen-
`tations of each term such as based on six repetitions
`of each digit by each reference voice contributor.
`Each model has states symbolically represented as
`binary configurations and are preferably a combina-
`tion of multivariate Gaussian distributions of a 24 di-
`
`mensional vector of 12 cepstral coefficients and 12
`delta cepstral coefficients.
`Database 10 may be any one of well known disk,
`tape, solid state or other type of storage device for
`storing digital information and is connected to data
`bus 18 and controlled by central processor unit 11 to
`store password information received by speech pass-
`word system 1. In addition to password information,
`central processor unit 11 is also programmed to con-
`trol voice prompt and recognition units 14 that are
`used to prompt users 2 and 3 in the use of speech
`password system 1 and on entering password infor-
`mation into the system. Typically, such prompt mes-
`sages may be "Please enter your accou nt code now.",
`"Please speak the password to be enrolled at this
`time.", and ‘What is your password?" and other types
`of messages.
`Referring to FIG. 2, database 10 includes a data-
`base 100 which contains reference voice models and
`
`related data fields, and a database 101 which con-
`
`tains password files corresponding to each enrolled
`user. Database 100 stores a plurality of files corre-
`sponding to voice entries of persons to be utilized as
`reference voices for comparisons. In the representa-
`tion of database 100, rows correspond to files for dif-
`ferent reference voice contributors and are identified
`
`by a reference voice index (1, 2, 3...1000) contained
`in the left-hand column. Each person used as a ref-
`erence voice speaks each of digits 0-9 and "oh", an
`alternative for the number zero, a plurality of times
`into a microphone such as a telephone handset. A
`voice model
`is stored for each person for each of
`these entries. In the illustrative example, 1000 refer-
`ence voice files representing different persons’ voic-
`es each contain these stored models. The remaining
`columns in database 100 will be described in conjunc-
`tion with an explanation of database 101.
`Users seeking access through the password sys-
`tem in accordance with the present invention, will typ-
`ically be assigned an access code such as indicated
`in the "user" column of the table illustrative of data-
`
`base 101. The user is also assigned in the illustrative
`embodiment a password consisting of five numbers
`defined by the "password" column. A model of each
`user’s voice input of each assigned password digit is
`stored as a "user’s word model" for each digit. As part
`of an initial enrollment or entry into the password sys-
`tem, the user’s word models of the assigned pass-
`word are compared with each of the reference voice
`models in database 100 and similarity scores are
`computed for digits in the stored reference voice mod-
`el that correspond to digits in the password. The sim-
`
`ilarity scores are indicated by "scores" in database
`100; these scores may, for example, be on a scale
`from 1 to 100 with 100 being a virtual identical match
`and one an extremely dissimilar match.
`As part of the enrollment process following the
`determination of these scores, each reference voice
`file is then rank ordered by scores as indicated by the
`"rank order" column of database 100. The rank order
`column will consist of entries 1-1000 with 1000 cor-
`
`responding to the rank order of the highest score (best
`match) and one corresponding to rank order of the
`lowest score (worst match).
`In the illustrative example, an index is stored in
`each user password file of database 101 to five pre-
`viously identified reference voice files in database
`100 selected on the basis of rank order. In this exam-
`
`ple, five reference voices having an approximate 20
`percentile rank order (200 of 1000) are selected, i.e.
`indexes 1, 20, 350, 591, and 1000. These five refer-
`ence models will be subsequently utilized for pass-
`word access requests by the user as will be explained
`below.
`
`FIG. 3 illustrates a graph representing the rank
`ordering of the reference voice files in database 100
`relative to a particular user’s model of the user's as-
`signed password. An important aspect of the present
`invention resides in the recognition that the selection
`of comparison voices which are not substantially sim-
`ilar to the voice model of the user’s password can be
`advantageously uti lized for validation of password re-
`quests, especially where variations in the voice re-
`sponse by a valid user or changing system conditions
`can distort or change the speech characteristics of
`the user’s entry of a correct password. Based on ex-
`perimental results, it is believed that the selection of
`reference voices for comparisons considered by rank
`order should be selected from a group less than 80
`percent (800 of 1000) in the illustrated graph and
`more preferably, less than 50 percent (500 of 1000)
`such as the illustrated range of slightly less than 20
`percent (200 of 1000) to slightly greater than 40 per-
`cent (400 of 1000). Advantages of such selected com-
`parison voices will be further explained below.
`Referring to FIG. 4, the exemplary password
`method begins at "START" 200 and continues to step
`201 with the user’s call being answered by password
`system 1. In step 203 a decision is made if the call is
`requesting enrollment, i.e. initial entry, of a password,
`access to password verification, or other service not
`associated with the password system, i.e. miscellane-
`ous services. This determination can be based on the
`
`number dialed, other parameters controllable by the
`calling party, or a DTMF reply by the calling party to
`a voice request generated by the system. A determi-
`nation by step 203 that neither enrollment nor access
`has been requested,
`i.e. a miscellaneous request
`causes the method to terminate at "END" 204. As-
`
`suming the decision in step 203 is "enrollment", an ac-
`
`O04
`Facebook |nc.'s Exhibit 1004
`Petitioner Microsoft Corporation, Ex. 1004, p. 4
`
`Facebook Inc.'s Exhibit 1004
`
`004
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 4
`
`

`
`EP 0 621 532 A1
`
`count code or personal identification number (PIN) is
`assigned to the user in step 205 and it is transmitted
`to the user in step 207. Next a password is assigned
`by the system under control of the CPU to the user in
`step 209. The user is requested to speak the assigned
`password by a voice prompt in step 211. The user’s
`vocalization of the assigned password is recorded
`(stored) in step 213. In step 215 a determination is
`made if the user has made an acceptable response
`to the request.
`If NO, control returns to step 211
`where the user is again prompted to speak the pass-
`word. ltwill be noted that steps 211,213, and 215 may
`be repeated a predetermined number of times to store
`a plurality of vocalizations of the same password by
`the user in order to derive a composite or average vo-
`calization of the password. AYES decision in step 215
`results in a disconnect message being sent to the
`user as indicated in step 217.
`Continuing with the password enrollment in FIG.
`5, the CPU of the system 1 assembles in step 219 a
`composite model based on the stored vocalization(s)
`of the password by the user. In the illustrative exam-
`ple, the recorded model of the password numbers are
`then compared with the voice models for correspond-
`ing numbers of each of the reference voice files in
`step 221. Ascore is assigned to each reference voice
`file based on similarity of the reference voice and
`user’s models of corresponding voiced numbers in
`step 223. The scores are then rank ordered as indi-
`cated in step 225. Fora database containing 1000 ref-
`erence voice files, each file would be assigned a rank
`between 1000 and 1 with 1000 representing the most
`similarity. A predetermined number of reference voic-
`es, such as five in the illustrative example, ranks near
`a predetermined target rank order, such as at a 20
`percentile rank that would include ranks of 200, 201,
`202, 203, and 204, in step 227. The rank order target
`is preferably selected from a range of 15 - 50 percen-
`tile and more preferably in a 20 - 40 percentile range.
`In step 229, the user’s password model and index to
`each selected reference voice are recorded in the
`
`user’s file in database 101 with the assigned account
`code and password. Following step 229, this method
`ends by exiting these steps as indicated by "END"
`231.
`
`FIG. 6 illustrates a continuation of the flow dia-
`
`gram of an exemplary method in accord with this in-
`vention. Upon a decision in step 203 of FIG. 4 that "ac-
`cess" to the system is being requested by a user, the
`user is prompted in step 301 (FIG. 6) forthe user’s ac-
`count code which was assigned to the user as part of
`the initial password enrollment. Step 303 determines
`if a valid account code has been given by the user. A
`NO decision results in step 305 determining if a pre-
`determined number of prior attempts have been ex-
`ceeded. AYES determination by step 305 causes the
`process to be terminated as indicated by "END" 306.
`A NO decision by step 305 which represents that the
`
`limit of tries was not exceeded, returns the user to
`step 301 for another attempt to enter a valid account
`code. AYES determination by step 303 corresponds
`to the user having entered a valid account code and
`is followed by the user being prompted to speak the
`user’s password at step 307. In step 309 a speech
`model of the password spoken by the user is saved.
`In step 311 the user’s file in database 101 is iden-
`tified based upon the user’s account code. The user’s
`word model stored in the identified user’s file is com-
`
`pared with the model of the password spoken by the
`user in requesting access, and a first score is gener-
`ated based upon this comparison. In step 313 a com-
`parison is made of the model of the password spoken
`to request access to the system with each of the ref-
`erence voices identified by index in the user’s file. A
`second score is generated based upon a composite
`of these comparisons, such as by averaging the five
`scores generated by these comparisons. The differ-
`ence between the first and second scores is calculat-
`
`ed in accordance with step 315. In step 317, a deter-
`mination is made if the difference determined in step
`315 is greater than a predetermined threshold. In a
`typical example, the first score will have a relatively
`high degree of similarity since the valid user’s entry
`of the password should relatively closely match the
`stored voice model of his prior entry of the same pass-
`word. However, it is expected that the comparison of
`the user’s password with the five reference voices will
`yield a second score indicative of a relatively poor
`measure of similarity since each of the reference
`voices was selected to have a relative low degree of
`similarity, such as at the 20 percentile rank. Thus, a
`substantial difference will typically exist between the
`first and second scores, thereby permitting a reason-
`able choice of predetermined thresholds upon which
`to make the determination as indicated in step 317. A
`threshold can be selected to provide a substantial de-
`gree of security while accommodating variations in
`the voice reply of the user or of system characteris-
`tics. Forexample, a "raspy" pronunciation of the pass-
`word by a valid user such as due to a sore throat may
`still possibly be recognized as a valid password entry
`because it is the difference between thefirstand sec-
`
`In this example, there
`ond scores which is utilized.
`will be greater variation and, hence a lower first score
`but likewise there is likely to be a greater variation
`with regard to the reference voices and, hence a lower
`second score is also likely. Thus, the differential be-
`tween the first and second scores may produce a re-
`sult still high enough to meet the threshold.
`Upon a YES determination by step 317, the user
`is granted system access as indicated in step 319 and
`this method terminates as indicated by "END" 321. A
`NO determination by step 317 results in a determina-
`tion by step 323 as to whether the difference between
`the first and second scores exceeded at least a lower
`threshold of limit. If the lower threshold is not exceed-
`
`005
`Facebook |nc.'s Exhibit 1004
`Petitioner Microsoft Corporation, Ex. 1004, p. 5
`
`Facebook Inc.'s Exhibit 1004
`
`005
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 5
`
`

`
`EP 0 621 532 A1
`
`10
`
`ed, i.e. a NO determination, the method terminates at
`"END" 325. AYES determination by step 323 indicat-
`ing that the lower threshold has been exceeded, the
`method returns to step 307 and permits the user an-
`other attempt to enter the password. This allows the
`user at least an additional attempt to enter the pass-
`word where at least the threshold of step 323 was
`met.
`
`It is believed that the advantages of the present
`invention can be ascertained from the foregoing de-
`scription of an embodiment of the invention. The pres-
`ent invention permits a substantial degree of security
`to be maintained while also permitting speech varia-
`tions of the entry ortransmission of a password to be
`accommodated by the recognition of the entry as a
`valid password. An important aspect that contributes
`to this improved result is the selection of reference
`voice models as the basis of a comparison which are
`not substantially similar to the password. In the em-
`bodiment of the invention, utilizing scores based
`upon a comparison ofthe password entered by a user
`to gain access with both a stored prior entry of the
`password by the user and with the preselected refer-
`ence voices permits appropriate thresholds to be set
`which expand the tolerance of this system as com-
`pared with password systems in which comparisons
`with closely similar models are utilized.
`Although an embodimentof the present invention
`and a method in accordance therewith have been de-
`
`scribed above and illustrated in the drawings, the
`scope of the invention is defined by the claims which
`follow.
`
`Claims
`
`A spoken password verification apparatus in-
`cluding means for storing a first speech model of
`a first entry of a password spoken by a user, the
`apparatus characterized by:
`means for storing a plurality of reference
`voice (RV) speech models based on speech in-
`puts by persons, each RV speech model includ-
`ing said password;
`least one RV
`means for selecting at
`speech model based on a predetermined differ-
`ence of similarity between said first speech mod-
`el and said one RV speech model;
`means for storing a second speech model
`of a second entry of a password spoken by a
`usen
`
`means for comparing said second speech
`model and said selected one RV model to deter-
`
`mine a measure of similarity;
`means for determining the validity of said
`second entry of the password based on said
`measure of similarity.
`
`The spoken password verification apparatus of
`claim 1 wherein said means for storing RV
`speech models further comprises a database
`having files that each store an RV speech model
`corresponding to a person having spoken at least
`said password.
`
`The spoken password verification apparatus of
`claim 1 wherein said means for selecting said at
`least one RV speech model comprises means for
`determining a similarity score for each RV
`speech model by comparing said first speech
`model with each of said RV speech models.
`
`The spoken password verification apparatus of
`claim 3 wherein said means for selecting said at
`least one RV speech model further comprises
`means for ranking said RV speech models based
`on said similarity scores, said selecting means
`selecting said at least one RV speech model
`based on a predetermined threshold ranking that
`corresponds to a substantial difference of simi-
`larity scores of said first speech model and said
`at least one RV speech model.
`
`The spoken password verification apparatus of
`claim 3 wherein said means for selecting said at
`least one RV speech model further comprises
`means for ranking said RV speech models based
`on said similarity scores, said selecting means
`selecting said at least one RV speech model
`based on a predetermined threshold ranking from
`a range of said RV speech model rankings of 15
`- 50 percentile, where a 100 percentile ranking
`represents an RV speech model with the most
`similarity to said first speech model.
`
`The spoken password verification apparatus of
`claim 5 wherein said range of said RV speech
`model rankings consists of 20 - 40 percentile.
`
`The spoken password verification apparatus of
`claim 1 wherein said determining means compris-
`es means for generating first and second similar-
`ity scores based on a comparison of said second
`speech model with said first speech model and
`with said at least one RV speech model, respec-
`tively, means for comparing the difference be-
`tween said first and second similarity scores,
`and said determining means determining that the
`password corresponding to said second speech
`model is valid if said difference between said first
`
`and second similarity scores exceeds a predeter-
`mined threshold.
`
`O06
`Facebook |nc.'s Exhibit 1004
`Petitioner Microsoft Corporation, Ex. 1004, p. 6
`
`Facebook Inc.'s Exhibit 1004
`
`006
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 6
`
`

`
`EP 0 621 532 A1
`
`5
`
`I
`
`15
`é§fi¥§§1
`.
`;
`15
`5
`A£CESS
`CONTROL
`
`2
`USER
`—
`
`so
`USER
`51
`IIIII
`52
`
`" 3
`
`USER
`
`PA§swoRo mENnFmAnoN swfitu
`
`13
`
`18
`
`U
`
`1 1
`
`CENTRAL
`PROCESSOR
`“N”
`
`DATA BAS
`12
`MEMORY
`
`Facebook |nc.'s Exhibit 1004
`.
`. O07
`.
`Pet1t1oner Mlcrosoft Corporat1on, Ex. 1004, p. 7
`
`Facebook Inc.'s Exhibit 1004
`
`007
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 7
`
`

`
`EP 0 621 532 A1
`
`REFERENCE VOlCE
`
`REFERENCE
`VOICE DATA
`
`RANK
`SCORES ORDER
`
`--
`
`,'
`
`'
`
`33
`
`j
`
`T
`
`u.
`
`31
`
`31
`
`1000 0,1 ,2,-°-9,'oh'
`
`34
`
`PASSWORD FILE
`
`USER PASSWORD USER'S WORD MODEL
`INDEX TO SELECTED RV’s
`EM ’7"~'3"-'*'»'9”-"8" II
`
`IIIEE
`
`FIG. 2
`
`PREFERRED RANGE
`FOR COMPARISON
`RV’s
`<)__':—___(>
`
`VERY
`HDISSIMILAR
`
`VERY
`
` O
`
`800
`
`1000
`
`200
`
`400
`
`600
`
`RANK—0RDERED REFERENCE VOICES
`
`FIG. 3
`
`Facebook |nc.'s Exhibit 1004
`.
`. O08
`.
`Pet1t1oner Mlcrosoft Corporat1on, Ex. 1004, p. 8
`
`Facebook Inc.'s Exhibit 1004
`
`008
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 8
`
`

`
`EP 0 621 532 A1
`
`START
`
`200
`
`201
`
`ANSWER INCOMING
`
`USER CALL
`
`203
`
`PASSWORD
`
`ENROLLMENT OR
`
`ACCESS?
`
`ENROLLMENT
`
`205
`
`ASSIGN ACCOUNT
`
`CODE T0 USER
`
`207
`
`TRANSMIT
`
`ASSIGNED ACCOUNT
`
`CODE T0 USER
`
`209
`
`ASSIGN A
`
`PASSWORD TO USER
`
`211
`
`PROMPT USER TO
`
`SPEAK THE
`ASSIGNED PASSWORD
`
`END
`
`USER PASSWORD
`
`PROMPT?
`
`Facebook |nc.'s Exhibit 1004
`O09
`Petitioner Microsoft Corporation, Ex. 1004, p. 9
`
`Facebook Inc.'s Exhibit 1004
`
`009
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 9
`
`

`
`EP 0 621 532 A1
`
`ASSEMBLE COMPOSITE
`WORD MODEL FROM
`
`RECORDED USER
`
`SPOKEN PASSWORD
`
`COMPARE
`
`RECORDED PASSWORD
`
`CHARACTERS TO EACH
`
`CHARACTER OF
`
`REFERENCE VOICES
`
`ASSICN A SCORE
`
`TO EACH COMPARED
`REFERENCE VOICE
`DENOTING SIMILARITY
`
`TO RECORDED
`
`PASSWORD CHARACTERS
`
`RANK ORDER
`
`ASSIGNED SCORES
`
`SELECT
`
`A PREDETERMINED
`
`NUMBER OF REFERENCE
`
`VOICES NEAR A
`
`TARGET RANK ORDER
`
`RECORD MODEL OF
`
`USER'S PASSWORD
`
`AND INDEX TO
`
`EACH SELECTED
`
`REFERENCE VOICE
`
`Faceboqk |nc.'s Exhibit 1004
`.
`_ O10
`_
`Pet1t1oner Mlcrosoft Corporat1on, Ex. 1004, p. 10
`
`Facebook Inc.'s Exhibit 1004
`
`010
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 10
`
`

`
`EP 0 621 532 A1
`
`FIG. 6
`
`0
`
`PROMPT USER FOR ACCOUNT CODE
`
`301
`
`303
`
`VAUD
`
`ACCOUNT
`
`CODE?
`
`YES
`
`ED 306
`
`307
`YES
`PROMPT USER FOR SPOKEN PASSWORD
`
`SAVE