초록 ▼

An authentication system is described for controlling a person's access to a resource, which may be a physical resource or a network resource. The authentication system obtains credential information for the person (e.g., using a coded card or keypad for username and password), a voice print from th

An authentication system is described for controlling a person's access to a resource, which may be a physical resource or a network resource. The authentication system obtains credential information for the person (e.g., using a coded card or keypad for username and password), a voice print from the person, and the current geographical location of the user. The voice print and geographic location are preferably obtained from a telephone call that occurs between the person and the authentication system. The call can take the form of a cell phone call placed by the person to the authentication system. The authentication system includes a user profile database. If the credential information and voice print match those of persons authorized to access the resource, and the user is at a registered permissible location to access the resource, the authentication system sends a signal to the resource indicating that the authentication was successful.

대표청구항 ▼

The invention claimed is: 1. A method of authenticating a user seeking access to a computer network resource, comprising the steps of: a) obtaining credential information from the user; b) initiating voice communication between the user and an authentication system for the network resource and obta

The invention claimed is: 1. A method of authenticating a user seeking access to a computer network resource, comprising the steps of: a) obtaining credential information from the user; b) initiating voice communication between the user and an authentication system for the network resource and obtaining a voice print of the user; c) determining the current geographic location of the user; d) receiving a list of one or more registered permissible geographic locations at which the user may be present to access the network resource; e) determining if 1) the credential information from the user matches credential information in a user profile database; 2) the voice print of the user matches a voice print sample of a person authorized to access said network resource, and 3) the geographic location of the user determined in step c) matches a geographic location in the list of one or more registered permissible geographic locations for the user; and f) if 1) the credential information and 2) the voice print match information in the user profile database and 3) the geographic location of the user matches a location in the list of one or more registered permissible geographic locations for the user, then sending an authorization signal to the computer network resource indicating that the user is authorized to access the computer network resource. 2. The method of step 1, wherein step b) comprises the step of initiating a cellular telephone call to the user and where the location of the user is obtained, either directly or indirectly, from said cellular telephone call. 3. The method of claim 2, wherein step c) comprises the step of forwarding identification information for said cellular telephone call to a cellular telephone location server. 4. The method of claim 2, wherein in step e), the determination of whether the geographic location of the user matches a list of one or more registered permissible geographic locations for the user is performed by sending call identification information and a list of registered geographic locations for said resource and/or said user to a cellular location server and receiving a Boolean response indicating whether a match exists between the geographic location of the user and the one or more registered permissible geographic locations. 5. The method of claim 1, wherein step b) comprises initiating a land-based telephone call between the user and said authentication system and wherein in step e), the determination of whether the geographic location of the user matches a list of one or more registered permissible geographic locations for the resource and/or the user is performed by sending call identification information for said land-based call and a list of registered geographic locations for said user to a location server and receiving a Boolean response indicating whether a match exists between the geographic location of the user and the one or more registered permissible geographic locations. 6. The method of claim 1, wherein the credential information is supplied to said authentication system by voice, and wherein the authentication system includes an interactive voice response system for obtaining the voice print from the user. 7. The method of claim 1, wherein said network resource comprises a file on a network server. 8. The method of claim 1, wherein said network resource comprises a web page. 9. The method of claim 1, wherein said user profile database is accessible via an interactive software program, whereby said user may interactively add additional geographic locations to said list of registered geographic locations. 10. A method of accessing a network resource from a remotely-located computer, comprising the steps of: a) receiving credential information at said computer and sending said credential information to an authentication system; b) the authentication system initiating a telephone call to a user of said remotely-located computer; c) obtaining a voiceprint of said user during said telephone call; d) obtaining current location information of said user from said telephone call; e) receiving a profile database for a plurality of users including said user; f) generating an authorization signal indicating that the user is authorized to access the network resource if 1) the credential information from the user matches credential information for the user in the profile database; 2) the voiceprint of the user matches a voiceprint sample of a person authorized to access said network resource, and 3) the location of the user determined in step d) matches a list of one or more registered permissible locations for the resource and/or the user; g) sending the authorization signal to the network resource indicating that the user is authorized to access the network resource. 11. The method of claim 10, wherein said telephone call comprises a cellular telephone call and the location information is obtained from a cellular location determination server. 12. The method of claim 11, wherein the location information is obtained from GPS data sent from the cellular telephone of said user to the authentication system. 13. An authentication system for authenticating a user seeking to access a network resource, comprising: a network interface receiving data from a network, said data containing credential information from the user, a voice print of the user, telephone call information for the user, and a list of one or more registered permissible geographic locations at which the user may be present to access the network resource; at least one central processing unit; a user profile database; machine-readable memory storing a set of instruction for execution by said at least one central processing unit, said instructions including instructions for transmitting said telephone call information to a call location server to determine the geographic location of the user; said instructions further including instructions comparing the credential information supplied by the user to with credential information obtained from the user profile database; instructions comparing the voice print of the user with a voiceprint sample; and instructions for sending an authorization signal indicating that the user is authorized to access the network resource if 1) the credential information from the person matches credential information in a user profile database in said authentication system; 2) the voiceprint of the user matches a voice print sample of a person authorized to access said resource, and 3) the user is located at one or more registered permissible geographic locations for the user. 14. The authentication system of claim 13, wherein the telephone call information comprises a telephone number. 15. The authentication system of claim 13, wherein the call information comprises information from a cellular telephone call to said authentication system and wherein said call location server determines the geographic location of the cellular telephone of the user. 16. The authentication system of claim 13, wherein said network resource comprises a file on a network server. 17. The authentication system of claim 13, wherein said network resource comprises a web page. 18. The authentication system of claim 13, wherein said network resource comprises a computer network. 19. The authentication system of claim 13, wherein said authentication system further comprises an interactive voice response system and a voice print identification module. 20. The method of claim 1, wherein initiating voice communication between the user and an authentication system for the network resource and obtaining a voice print of the user comprises: invoking an interactive voice response (IVR) system to place a telephone call to a cellular telephone of the user; and the IVR system receiving a voice print from the user. 21. The method of claim 1, further comprising determining if the user is in a permissible location to be authenticated for access to the resource.