`
`O)
`
`Europdisches Patentamt
`European Patent Office
`Office européen desbrevets
`
`|
`
`
`
`(1) Publication number: 0 621 532 A1
`
`(12)
`
`EUROPEAN PATENT APPLICATION
`
`@1) Application number: 94302593.2
`
`64) Int. cl.°: GOG6F 3/16
`
`@2) Date offiling : 13.04.94
`
`(2) Inventor : Rissanen, Eugene Leo
`184 Baranof West
`Westerville, Ohio 43081 (US)
`
`Representative : Buckley, Christopher Simon
`Thirsk et al
`AT&T (UK) LTD.,
`AT&T Intellectual Property Division,
`5 Mornington Road
`Woodford Green, Essex IG8 O0TU (GB)
`
`Priority : 23.04.93 US 52310
`
`Date of publication of application :
`26.10.94 Bulletin 94/43
`
`Designated Contracting States:
`DE FR GB
`
`(74) Applicant : AT & T Corp.
`32 Avenue of the Americas
`New York, NY 10013-2412 (US)
`
`Password verification system.
`
`67)
`
`Passwords are spoken by users (e.g.0001)
`and stored as speech models in a database (101
`in 10). The database (10) also contains a plurali-
`ty of reference voice (RV) speech models (in
`100) based on speechinputs by various persons
`(1.2...1000) ; each RV speech model
`includes
`characters
`(0,1,2,...9,0h),
`digits,
`or phrases
`comprising user assigned passwords. Prefer-
`ably, a group of the RV speech models are
`selected (RV1,20,350,591,1000) based upon a
`predetermined
`level
`of
`difference
`between
`same and a speech model (in 101) of the user’s
`spoken password.
`In requesting access to the
`system, a user speaks the assigned password.
`The password entered by the user to obtain
`access is compared with user’s own speech
`models
`(in 101) and with the selected RV
`speech models (in 100) to determine a measure
`of similarity. The validity of
`the password is
`determined based upon this measure of simil-
`
`
`arity.
`
`
`
`
`
`
`Foooi]raise[reservere|1|20[360]son[oo
`
`|v|s4ose|“raorsa|43|487|810]325|692
`
`
`
`EP0621532A1
`
`Jouve, 18, rue Saint-Denis, 75001 PARIS
`
`FacebookInc.'s Exhibit 1004
`001
`Petitioner Microsoft Corporation, Ex. 1004,p. 1
`
`Facebook Inc.'s Exhibit 1004
`
`001
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 1
`
`

`

`1
`
`EP 0 621 532 A1
`
`2
`
`Technical Field
`
`This invention relates to spoken password sys-
`tems andin particular to a techniquefor verifying user
`dependent passwords.
`
`Background of the Invention
`
`Computer systemsare increasingly being usedin
`the work place to prepare and store documentsof a
`sensitive nature relating to business operations. Due
`to the sensitive nature of business operations, it is of-
`ten necessary that users of a computer system and
`calling telephone parties accessing a computer sys-
`tem over the telephone network be assigned unique
`passwordsintended to enable accessto the computer
`system. The use of passwords function both to deny
`access to the computer system to those that are not
`assigned passwords and to grant accessto a pass-
`word holder.
`
`Some business computer systems are arranged
`to initially record and store passwords assigned to
`users. In response to a prompt by the system for the
`user’s password, the user enters the password onto
`a keyboard and the system compares the keyboard
`entered password with the stored passwords and en-
`ables the user to access the system when the entered
`password matchesthe previously stored password.
`In voice operated computer systems used both in
`business and with computer systems coupled with the
`telephone network, user passwordsare recorded and
`stored as speech models (voice templates) in a pass-
`word databaseof the system for each user’s account
`code (login identification). The word "model" as used
`herein meansany digitized form of a spoken word or
`composite form of a word repeated a plurality of
`times. Typically, the computer system prompts the
`user to enter the user’s account code and then
`
`prompts the user to enter the assigned password by
`speaking the password into audio input apparatus of
`the computer system. The system respondsto entry
`of the spoken password by assembling a speech
`model of the entered password and comparingit with
`a previously recorded and stored user password mod-
`el to determine the validity of the user entered pass-
`word.
`In the comparison process the user entered
`password modelis compared with each previously re-
`corded and stored password model. Typically, a score
`is assigned to such comparison representing the sim-
`ilarity of the user entered password model with the
`pre-recorded and stored password model. When
`there is a match of the user entered password model
`with a previously recorded stored password model as
`determined by a score above a predeterminedthresh-
`old, the system recognizes the user spoken password
`as valid and grants the user accessto the system.
`A problem arises with present speech password
`systems in that inflections and changes occur from
`
`time-to-time in users’ voices and to speechtransmis-
`sion characteristics of the system. These variations
`cause errors when an undesired mismatch occurs
`
`due to a comparison of a speech modelof a valid, but
`changed, password to the prerecorded password
`model. This results in the system denying an autho-
`rized user accessto the system. Accordingly, a need
`exists for an improved password validation system
`that can recognize valid speaker dependent autho-
`rized passwords even when different voice inflec-
`tions occur and where system transmission charac-
`teristics cause variations of the received voice pass-
`word.
`
`10
`
`15
`
`Solution
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`It is an object of the present invention to provide
`an improved password validation method and appa-
`ratus which provides flexibility in recognizing valid
`spoken passwordswhile still maintaining authentica-
`tion accuracy.
`In accordancewith an embodimentof the prefer-
`red invention, a computer controlled database is
`linked to a telecommunication network with which
`
`users are provided password controlled access.
`Users areinitially entered into a password database
`stored in the computer system by assigning each user
`an account code and a password, such asconsisting
`of anumberof numerical digits. Aspeech model of the
`user’s password based on the user’s voiced entry of
`the password is stored in the database along with the
`user’s account code.
`
`The computer database contains a reference
`voice table consisting of prerecorded inputs by a plur-
`ality of people who have spoken eachof the permis-
`sible numeric digits that can be assigned as pass-
`wordsto users. Voice models of each reference voice
`
`for each digit are stored in the database. Upon a new
`user being assigned a password and voice entry by
`the user of the password, a modelof the user’s pass-
`word is stored in the computer database and is iden-
`tified by the correspondingly assigned account code.
`The user’s spoken password modelis then compared
`against each of the reference voice models for corre-
`sponding digits and assigned a score for each. The
`reference voice entries are then rank ordered in ac-
`
`cordance with the scoresreflecting similarity. A plur-
`ality, such asfive, of the reference voices, preferably
`having contiguous rank order scores within a prede-
`fined range of similarity scores, are selected as com-
`parison models against which models of subsequent
`spoken passwordswill be judged. An index to each of
`these selected voicesis stored in a userdata field as-
`
`sociated with the corresponding user’s password.
`Upon arequestby a userfor accessto the system
`and voicing of a password, the computer system re-
`cords the voice password. The recorded voice pass-
`word is compared with the previously selected refer-
`
`FacebookInc.'s Exhibit 1004
`_
`002
`Petitioner Microsoft Corporation, Ex. 1004,p. 2
`
`Facebook Inc.'s Exhibit 1004
`
`002
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 2
`
`

`

`3
`
`EP 0 621 532 A1
`
`4
`
`ence voices to yield a composite first score and is
`compared with the user’s own stored password model
`to yield a secondscore. If the difference between the
`first and second scores exceed a predetermined
`threshold, entry of a valid password is determined.
`
`Brief Description of the Drawing’s
`
`FIG. 1 illustrates a password validation system
`whichincorporates an embodiment of the presentin-
`vention.
`FIG. 2 illustrates an embodimentof a database
`as shownin FIG. 1.
`
`FIG. 3 is a graphillustrating the relative similarity
`of reference voices which are preferably selected for
`comparison with each password.
`FIGS.4, 5, and 6 are flow diagramsillustrating
`exemplary steps of a password validation method
`used by the system of FIG. 1 in accord with the pres-
`ent invention.
`
`Detailed Description
`
`In an exemplary embodimentof the invention, a
`password identification system 1 shownin FIG. 1 is
`intended for use in a wide variety of applicationsto re-
`strict user access to computer systems and to the
`physical facilities and services provided to certain
`users by the system. In one application, a computer
`system serves a numberof users 2 and 3, and stores
`data files, at least some of which, are restricted for
`use by users 2 and 3. Each authorized useris identi-
`fied by a unique account code and corresponding
`password. In another application, a company 5 may
`have a numberof physical facilities such as private
`telephonelines which company 5 wants to restrict ac-
`cess to users 50, 51, and 52 who are each given an
`account code and password that enables access to
`the physicalfacilities available for use by the compa-
`ny. In yet another application, a provider of financial
`services may provide a userelectronic access to user
`accountfiles wherein accessto an accountfile is gov-
`erned by an account code and unique password as-
`signedto a user.
`Password system 1 is capable ofenrolling (initial-
`ly entering) user spoken passwords and subsequent-
`ly recognizing the passwords when spoken by the
`same user that previously enrolled the password.
`Password system 1 hasline interface apparatus com-
`prising a plurality of accesscircuits 15,line circuits 16
`and trunk circuits 17, each of which are well known
`and need not be explained for an understanding of the
`invention. These circuits interconnect password sys-
`tem 1 with users 2, 3, and 5. Accesscircuit 15 may be
`connected with any one of a numberof well known
`voice activated devices that enables users 2 and 5 to
`
`directly receive from and enter spoken alphanumeric
`sounds into password system 1. Line circuits 16 and
`
`10
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`trunk circuits 17 may be coupled with corresponding
`line circuit and trunk circuits of telephone switching
`systems of telephone network 4 and enable a user 3
`connected to telephone network 4 to place and re-
`ceive telephone calls and enter spoken alphanumeric
`sounds into password system 1.
`Each access,line and trunk circuit 15, 16, and 17,
`respectively, is also coupled to switch 13 and control-
`led by data bus 18 extending from central processor
`unit 11. A number of voice prompt and recognition
`units 14 are each connected with switch 13 and con-
`
`trolled via central processor unit 11 and data bus 18
`to generate audio prompt messagesusedto instruct
`users 2, 3, and 5 interconnected with access,line and
`trunk circuits 15, 16, and 17 in the use of password
`identification system 1 and to promptcalling users 2,
`3, and 5 for password information. Each voice prompt
`and recognition unit 14, which is controlled by central
`processorunit 11, transmits password information re-
`ceived from users2, 3, and 5 in responseto the gen-
`erated audio prompt messages over data bus 18 to
`central processor unit 11. Received password infor-
`mation is recorded under control of central processor
`unit 11 in database 10. Switch 11, which is intercon-
`nected with access, line and trunk circuits 15, 16, and
`17, and with voice prompt and recognition units 14, is
`coupled to central processor unit 11 via data bus 18
`and selectively connects ones of voice prompt and
`recognition units 14 with ones of access, line and
`trunk circuits 15, 16, and 17, connected with users 2,
`3, and 5.
`Password system 1 may comprise a general pur-
`pose IBM compatible computer, such as a 386 or 486
`or an AT&T 3B2-400 or 3B2-310 simplex or duplex
`computer. Such computers need not be described in
`detail for an understanding of the invention and in
`general have a central processorunit 11 and a mem-
`ory unit 12 each interconnected by address, data and
`control leads to data bus 18. Data bus 18 enables
`
`central processor unit 11 to communicate with each
`connected elementin the operation of password sys-
`tem 1. Central processorunit 11 is programmedin ac-
`cordance with programsstored in memory 12 to en-
`roll, recognize, and validate user spoken passwords.
`Referring to FIGS. 1 and 2, the illustrative speech
`password system 1 records and stores in database
`100 included in database 10 a plurality of speech
`models corresponding to strings of predefined spok-
`en numerals entered by persons into speech pass-
`word system 1. Although only spoken number models
`are usedin the illustrative embodiment, alphanume-
`ric words and phrases could be usedto provide a wid-
`er selection of passwords that can be assigned to
`users. Typically, a substantial number of persons,
`such as 1000 persons, each record enough speechto
`allow one speech model of each of the predefined
`terms (numbers 0-9 and "ch") from microphonesof a
`telephone. The models may be hidden markov, word
`
`FacebookInc.'s Exhibit 1004
`_
`003
`Petitioner Microsoft Corporation, Ex. 1004,p. 3
`
`Facebook Inc.'s Exhibit 1004
`
`003
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 3
`
`

`

`5
`
`EP 0 621 532 A1
`
`6
`
`models and preferably represent at least six represen-
`tations of each term such as based on six repetitions
`of each digit by each reference voice contributor.
`Each model has states symbolically represented as
`binary configurations and are preferably a combina-
`tion of multivariate Gaussian distributions of a 24 di-
`
`mensional vector of 12 cepstral coefficients and 12
`delta cepstral coefficients.
`Database 10 may be anyoneof well knowndisk,
`tape, solid state or other type of storage device for
`storing digital information and is connected to data
`bus 18 and controlled by central processorunit 11 to
`store password information received by speech pass-
`word system 1. In addition to password information,
`central processorunit 11 is also programmed to con-
`trol voice prompt and recognition units 14 that are
`used to prompt users 2 and 3 in the use of speech
`password system 1 and on entering password infor-
`mation into the system. Typically, such prompt mes-
`sages may be "Please enter your account code now.",
`"Please speak the password to be enrolled at this
`time.", and "Whatis your password?" and other types
`of messages.
`Referring to FIG. 2, database 10 includes a data-
`base 100 which contains reference voice models and
`
`related data fields, and a database 101 which con-
`tains password files corresponding to each enrolled
`user. Database 100 stores a plurality of files corre-
`sponding to voice entries of personsto be utilized as
`reference voices for comparisons. In the representa-
`tion of database 100, rows correspondtofiles for dif-
`ferent reference voice contributors and are identified
`
`by a reference voice index (1, 2, 3...1000) contained
`in the left-hand column. Each person used asa ref-
`erence voice speaks each ofdigits 0-9 and "oh", an
`alternative for the numberzero, a plurality of times
`into a microphone such as a telephone handset. A
`voice model
`is stored for each person for each of
`theseentries. In the illustrative example, 1000 refer-
`ence voice files representing different persons’ voic-
`es each contain these stored models. The remaining
`columns in database 100 will be described in conjunc-
`tion with an explanation of database 101.
`Users seeking access through the password sys-
`tem in accordancewith the presentinvention, will typ-
`ically be assigned an access code suchasindicated
`in the "user" column of the table illustrative of data-
`
`base 101. The user is also assignedin theillustrative
`embodiment a password consisting of five numbers
`defined by the "password" column. A model of each
`user’s voice input of each assigned password digit is
`stored as a "user’s word model"for each digit. As part
`of an initial enrollment or entry into the password sys-
`tem, the user’s word models of the assigned pass-
`word are compared with each of the reference voice
`models in database 100 and similarity scores are
`computedfor digits in the stored reference voice mod-
`el that correspondto digits in the password. The sim-
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`ilarity scores are indicated by "scores" in database
`100; these scores may, for example, be on a scale
`from 1 to 100 with 100 being a virtual identical match
`and one an extremely dissimilar match.
`As part of the enrollment process following the
`determination of these scores, each reference voice
`file is then rank ordered by scores as indicated by the
`“rank order" column of database 100. The rank order
`column will consist of entries 1-1000 with 1000 cor-
`
`respondingto the rank orderof the highest score (best
`match) and one corresponding to rank order of the
`lowest score (worst match).
`In the illustrative example, an index is stored in
`each user password file of database 101 to five pre-
`viously identified reference voice files in database
`100 selected on the basis of rank order. In this exam-
`
`ple, five reference voices having an approximate 20
`percentile rank order (200 of 1000) are selected, i.e.
`indexes 1, 20, 350, 591, and 1000. Thesefive refer-
`ence models will be subsequently utilized for pass-
`word access requests bythe useraswill be explained
`below.
`
`FIG. 3 illustrates a graph representing the rank
`ordering of the reference voice files in database 100
`relative to a particular user’s model of the user’s as-
`signed password. An important aspectof the present
`invention resides in the recognition that the selection
`of comparison voices which are not substantially sim-
`ilar to the voice modelof the user’s password can be
`advantageously utilized for validation of password re-
`quests, especially where variations in the voice re-
`sponsebya valid user or changing system conditions
`can distort or change the speech characteristics of
`the user’s entry of a correct password. Based on ex-
`perimental results, it is believed that the selection of
`reference voices for comparisons considered by rank
`order should be selected from a group less than 80
`percent (800 of 1000) in the illustrated graph and
`more preferably, less than 50 percent (500 of 1000)
`such astheillustrated range of slightly less than 20
`percent (200 of 1000)to slightly greater than 40 per-
`cent (400 of 1000). Advantages of such selected com-
`parison voices will be further explained below.
`Referring to FIG. 4, the exemplary password
`method begins at "START" 200 and continuesto step
`201 with the user’s call being answered by password
`system 1. In step 203 a decision is madeif the call is
`requesting enrollment,i.e. initial entry, of a password,
`accessto password verification, or other service not
`associated with the password system, i.e. miscellane-
`ousservices. This determination can be based on the
`
`numberdialed, other parameters controllable by the
`calling party, or a DTMF reply by the calling party to
`a voice request generated by the system. A determi-
`nation by step 203 that neither enrollment nor access
`has been requested,
`i.e. a miscellaneous request
`causes the method to terminate at "END" 204. As-
`
`suming the decision in step 203 is “enrollment”, an ac-
`
`FacebookInc.'s Exhibit 1004
`_
`004
`Petitioner Microsoft Corporation, Ex. 1004, p. 4
`
`Facebook Inc.'s Exhibit 1004
`
`004
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 4
`
`

`

`7
`
`EP 0 621 532 A1
`
`8
`
`count codeor personal identification number(PIN)is
`assigned to the userin step 205 andit is transmitted
`to the user in step 207. Next a password is assigned
`by the system undercontrol of the CPU to the userin
`step 209. The useris requested to speak the assigned
`password by a voice promptin step 211. The user’s
`vocalization of the assigned password is recorded
`(stored) in step 213. In step 215 a determination is
`madeif the user has made an acceptable response
`to the request.
`If NO, control returns to step 211
`pared with the model of the password spoken by the
`where the useris again prompted to speak the pass-
`
`word. It will be noted that steps 211, 213, and 215 may userin requesting access, andafirst score is gener-
`be repeated a predetermined numberof timesto store
`ated based uponthis comparison. In step 313 a com-
`a plurality of vocalizations of the same password by
`parison is made of the modelof the password spoken
`the userin order to derive a composite or average vo-
`to request access to the system with eachof the ref-
`erence voices identified by index in the user’sfile. A
`calization of the password. A YES decision in step 215
`results in a disconnect message being sent to the
`second score is generated based upon a composite
`of these comparisons, such as by averaging the five
`useras indicated in step 217.
`Continuing with the password enrollmentin FIG.
`scores generated by these comparisons. The differ-
`ence between the first and second scoresis calculat-
`5, the CPU of the system 1 assemblesin step 219 a
`composite model based on the stored vocalization(s)
`of the password bythe user. In theillustrative exam-
`ple, the recorded model of the password numbers are
`then compared with the voice models for correspond-
`ing numbers of each of the reference voicefiles in
`step 221. Ascore is assigned to each reference voice
`file based on similarity of the reference voice and
`user’s models of corresponding voiced numbers in
`step 223. The scores are then rank ordered asindi-
`cated in step 225. For a database containing 1000 ref-
`erencevoicefiles, each file would be assigned a rank
`between 1000 and 1 with 1000 representing the most
`similarity. A predetermined numberof reference voic-
`es, such asfivein theillustrative example, ranks near
`a predetermined target rank order, such as at a 20
`percentile rank that would include ranks of 200, 201,
`202, 203, and 204, in step 227. The rank ordertarget
`is preferably selected from a range of 15 - 50 percen-
`tile and more preferably in a 20 - 40 percentile range.
`In step 229, the user’s password model and index to
`each selected reference voice are recorded in the
`
`limit of tries was not exceeded, returns the user to
`step 301 for another attempt to enter a valid account
`code. A YES determination by step 303 corresponds
`to the user having entered a valid account code and
`is followed by the user being prompted to speak the
`user’s password at step 307. In step 309 a speech
`model of the password spoken bythe user is saved.
`In step 311 the user’s file in database 101 is iden-
`tified based upon the user’s account code. The user’s
`word modelstoredin the identified user’s file is com-
`
`ed in accordance with step 315. In step 317, a deter-
`mination is madeif the difference determined in step
`315 is greater than a predetermined threshold. In a
`typical example, the first score will have a relatively
`high degree of similarity since the valid user’s entry
`of the password should relatively closely match the
`stored voice modelof his prior entry of the same pass-
`word. However, it is expected that the comparison of
`the user’s password with thefive reference voiceswill
`yield a second score indicative of a relatively poor
`measure of similarity since each of the reference
`voices was selected to have a relative low degree of
`similarity, such as at the 20 percentile rank. Thus, a
`substantial difference will typically exist between the
`first and second scores, thereby permitting a reason-
`able choice of predetermined thresholds upon which
`to make the determination asindicated in step 317. A
`threshold can be selected to provide a substantial de-
`gree of security while accommodating variations in
`the voice reply of the user or of system characteris-
`tics. For example, a "raspy" pronunciation of the pass-
`word by a valid user such as due to a sore throat may
`still possibly be recognized as a valid password entry
`becauseit is the difference between the first and sec-
`
`In this example, there
`ond scores whichis utilized.
`will be greater variation and, hence a lowerfirst score
`but likewise there is likely to be a greater variation
`with regard to the reference voices and, hence a lower
`second scoreis also likely. Thus, the differential be-
`tween the first and second scores may producea re-
`sult still high enough to meet the threshold.
`Upon a YES determination by step 317, the user
`is granted system accessasindicated in step 319 and
`this method terminates as indicated by "END" 321. A
`NO determination by step 317 results in a determina-
`tion by step 323 as to whether the difference between
`the first and second scores exceeded atleast a lower
`threshold oflimit. If the lower threshold is not exceed-
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`user’sfile in database 101 with the assigned account
`code and password. Following step 229, this method
`ends by exiting these steps as indicated by "END"
`231.
`
`FIG. 6 illustrates a continuation of the flow dia-
`
`gram of an exemplary methodin accord with this in-
`vention. Upon a decisionin step 203 of FIG.4 that "ac-
`cess"to the system is being requested by a user, the
`useris promptedin step 301 (FIG. 6) for the user’s ac-
`count code which was assigned to the useras part of
`the initial password enrollment. Step 303 determines
`if a valid account code has been given by the user. A
`NO decision results in step 305 determining if a pre-
`determined numberof prior attempts have been ex-
`ceeded. AYESdetermination by step 305 causes the
`process to be terminated as indicated by "END" 306.
`ANO decision by step 305 which represents that the
`
`45
`
`50
`
`55
`
`Facebook Inc.'s Exhibit 1004
`005
`Petitioner Microsoft Corporation, Ex. 1004, p. 5
`
`Facebook Inc.'s Exhibit 1004
`
`005
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 5
`
`

`

`9
`
`EP 0 621 532 A1
`
`10
`
`ed, i.e. a NO determination, the method terminates at
`"END" 325. AYES determination by step 323 indicat-
`ing that the lower threshold has been exceeded, the
`method returns to step 307 and permits the user an-
`other attempt to enter the password. This allows the
`user at least an additional attempt to enter the pass-
`word where at least the threshold of step 323 was
`met.
`
`It is believed that the advantages of the present
`invention can be ascertained from the foregoing de-
`scription of an embodimentofthe invention. The pres-
`ent invention permits a substantial degree of security
`to be maintained while also permitting speech varia-
`tions of the entry or transmission of a password to be
`accommodated by the recognition of the entry as a
`valid password. An important aspectthat contributes
`to this improved result is the selection of reference
`voice models as the basis of a comparison which are
`not substantially similar to the password. In the em-
`bodiment of the invention, utilizing scores based
`upon a comparison of the password entered by a user
`to gain access with both a stored prior entry of the
`password bythe user and with the preselected refer-
`encevoices permits appropriate thresholds to be set
`which expand the tolerance of this system as com-
`pared with password systems in which comparisons
`with closely similar models are utilized.
`Although an embodimentof the present invention
`and a method in accordance therewith have been de-
`
`scribed above andillustrated in the drawings, the
`scopeofthe invention is defined by the claims which
`follow.
`
`Claims
`
`1. A spoken password verification apparatus in-
`cluding meansforstoring a first speech model of
`a first entry of a password spoken bya user, the
`apparatus characterized by:
`meansfor storing a plurality of reference
`voice (RV) speech models based on speech in-
`puts by persons, each RV speech modelinclud-
`ing said password;
`least one RV
`means for selecting at
`speech model based on a predetermined differ-
`ence ofsimilarity between said first speech mod-
`el and said one RV speech model;
`meansfor storing a second speech model
`of a second entry of a password spoken by a
`user;
`
`means for comparing said second speech
`model and said selected one RV model to deter-
`
`mine a measureofsimilarity;
`meansfor determining the validity of said
`second entry of the password based on said
`measureof similarity.
`
`10
`
`15
`
`20
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`The spoken password verification apparatus of
`claim 1 wherein said means for storing RV
`speech models further comprises a database
`having files that each store an RV speech model
`corresponding to a person having spokenatleast
`said password.
`
`The spoken password verification apparatus of
`claim 1 wherein said meansfor selecting said at
`least one RV speech model comprises meansfor
`determining a similarity score for each RV
`speech model by comparing said first speech
`model with each of said RV speech models.
`
`The spoken password verification apparatus of
`claim 3 wherein said meansfor selecting said at
`least one RV speech model further comprises
`meansfor ranking said RV speech models based
`on said similarity scores, said selecting means
`selecting said at least one RV speech model
`based on a predetermined threshold ranking that
`corresponds to a substantial difference of simi-
`larity scores of said first speech model and said
`at least one RV speech model.
`
`The spoken password verification apparatus of
`claim 3 wherein said meansfor selecting said at
`least one RV speech model further comprises
`meansfor ranking said RV speech models based
`on said similarity scores, said selecting means
`selecting said at least one RV speech model
`based on a predetermined threshold ranking from
`a range of said RV speech modelrankings of 15
`- 50 percentile, where a 100 percentile ranking
`represents an RV speech model with the most
`similarity to said first speech model.
`
`The spoken password verification apparatus of
`claim 5 wherein said range of said RV speech
`modelrankings consists of 20 - 40 percentile.
`
`The spoken password verification apparatus of
`claim 1 wherein said determining means compris-
`es meansfor generating first and second similar-
`ity scores based on a comparison of said second
`speech modelwith said first speech model and
`with said at least one RV speech model, respec-
`tively, means for comparing the difference be-
`tween said first and second similarity scores,
`and said determining means determining that the
`password corresponding to said second speech
`modelis valid if said difference between said first
`
`and secondsimilarity scores exceeds a predeter-
`mined threshold.
`
`Facebook Inc.'s Exhibit 1004
`006
`Petitioner Microsoft Corporation, Ex. 1004,p. 6
`
`Facebook Inc.'s Exhibit 1004
`
`006
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 6
`
`

`

`£5
`
`,
`USER
`_
`50
`USER
`a1
`SER
`
`!
`
`15
`ACCESS
`CONTROL
`I.
`:
`. 5
`ACCESS
`0
`CONTROL
`
`14
`1 i[user]
`
`
`
`PROMPT &
`PROMPT &
`RECOGNITION
`RECOGNITION
`
`
`
`
`— *|TONE
`
`UNIT
`UNIT
`
`
`
`
`3
` CIRCUIT
`
`TELEPHONE
`14
`10!
`
`1|CENTRAL DATA BASE
`USER|"NETWORK
`
`
`
`
`TRUNK
`CIRCUIT
`
`
`EP 0 621 532 A1
`
`PASSWORD IDENTIFICATION SYSTEM
`13
`
`PROCESSOR
`UNIT
`
`12
`MEMORY
`
`FIG.
`
`1
`
`FacebookInc.'s Exhibit 1004
`007
`Petitioner Microsoft Corporation, Ex. 1004, p. 7
`
`Facebook Inc.'s Exhibit 1004
`
`007
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 7
`
`

`

`EP 0 621 532 A1
`
`a 10
`100
`
`|FewaS|ore
`
`1 33|203ve
`
`
`sf
`
`8
`
`e
`
`
`
` 100010,1,2,*«9,"oh”
`
`
`
`
`
`
`USER'S WORD MODEL|INDEXTOSELECTEDRV's|
`
`
`foot]73198|"7rs'rra''8|1|20|350]591|1000
`
`
`
`
`
`
`
`EN|t4osa_|"rato36"|43|487|810|325|692
`
`FIG. 2
`
`PREFERRED RANGE
`FOR COMPARISON
`VERY
`RV's
`VERY
`SIMILAR
`DISSIMILAR <->
`>—s—aooreeeot
`0
`200
`400
`600
`800
`1000
`RANK-ORDERED REFERENCE VOICES
`
`FIG. 3
`
`8
`
`Facebook Inc.'s Exhibit 1004
`008
`Petitioner Microsoft Corporation, Ex. 1004,p. 8
`
`Facebook Inc.'s Exhibit 1004
`
`008
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 8
`
`

`

`FIG. 4
`
`EP 0 621 532 A1
`
`200
`
`201
`
`ANSWER INCOMING
`USER CALL
`
`203
`
`CEND)Me ENROLLMENT OR >>ACCESS (B)
`
`
`204
`
`
`
`
`
`ENROLLMENT
`ASSIGN ACCOUNT
`CODE TO USER
`
`905
`
`207
`
`TRANSMIT
`ASSIGNED ACCOUNT
`CODE TO USER
`
`209
`
`ASSIGN A
`PASSWORD TO USER
`
`211
`
`
`
`PROMPT USER TO
`SPEAK THE
`ASSIGNED PASSWORD
`
`213
`
`RECORD USER
`SPOKEN PASSWORD
`
`
`
`215
`
`
` END
`
`
`USER PASSWORD
`
`PROMPT?
`YES
`947
`PROMPT USER
`TO DISCONNECT
`
`(FIG. 5)
`
`FacebookInc.'s Exhibit 1004
`009
`Petitioner Microsoft Corporation, Ex. 1004, p. 9
`
`Facebook Inc.'s Exhibit 1004
`
`009
`
`Petitioner Microsoft Corporation, Ex. 1004, p. 9
`
`

`

`EP 0 621 532 A1
`
`FIG. 5
`
`
`
`ASSEMBLE COMPOSITE
`WORD MODEL FROM
`
`RECORDED USER
`
`
`SPOKEN PASSWORD
`
`
`
`
`COMPARE
`RECORDED PASSWORD
`
`
`CHARACTERS TO EACH
`
`
`
`
`CHARACTER OF
`REFERENCE VOICES
`
`
`
`
`ASSIGN A SCORE
`TO EACH COMPARED
`
`
`REFERENCE VOICE
`DENOTING SIMILARITY
`TO RECORDED
`PASSWORD CHARACTERS
`
`
`
`
`
`
`
`
`
`
`SELECT
`
`A PREDETERMINED
`
`NUMBER OF REFERENCE
`VOICES NEAR A
`TARGET RANK ORDER
`
`
`
` RECORD MODEL OF
`
`RANK ORDER
`ASSIGNED SCORES
`
`225
`
`227
`
`USER'S PASSWOR