Browse Prior Art Database

Method for improved security of telephony passwords Disclosure Number: IPCOM000124437D
Original Publication Date: 2005-Apr-20
Included in the Prior Art Database: 2005-Apr-20
Document File: 2 page(s) / 33K

Publishing Venue



A common problem persists within Interactive Voice Response (IVR) applications, that callers can be required to enter userid/password information vocally for anyone to hear. This article provides a methodology by which numeric userids and passwords can be used as a basis for a caller to provide security credentials without having to divulge elements of the numeric source.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 53% of the total text.

Page 1 of 2

Method for improved security of telephony passwords

    When accessing user specific information over a telephony system using a application server, it is common for the user to login with a userid and password. In order for userids and passwords to stand more chance of being recognised by an IVR, userids and passwords are often made to be numeric. When a user wishes to log in to an application they will be asked to say or dial their numeric userid and numeric password. However, the problem exists that when the user enters in their numeric password audibly, any person in the area is free to hear the entirety of their password. It is common place in password protection systems that the user is asked to enter only a selection of characters from the overall password, i.e. A user may be asked to enter the 1st, 3rd and 5th numbers. This still however presents the problem that the user is potentially divulging parts of their password audibly.

    In this invention the user will use parts of their numeric password combined with an arithmetic method such that they are asked to enter in a new number, providing proof of their understanding of the password, but not divulging any part of it. For example the following dialogue might appear:

UserId: 12345 Password: 12345

IVR: Welcome to ACME Stocks Information. Please say your numeric ID. Caller: 1,2,3,4,5.

IVR: Did you say 1,2,3,4,5?

Caller: Yes IVR: Please say the result of the 4th password digit, multiplied by the 5th digit. Caller...