[go: up one dir, main page]

HK1029688B - Method and system for ensuring the security of telephone call management centres - Google Patents

Method and system for ensuring the security of telephone call management centres Download PDF

Info

Publication number
HK1029688B
HK1029688B HK00107942.4A HK00107942A HK1029688B HK 1029688 B HK1029688 B HK 1029688B HK 00107942 A HK00107942 A HK 00107942A HK 1029688 B HK1029688 B HK 1029688B
Authority
HK
Hong Kong
Prior art keywords
card
customer
call management
management centre
signals
Prior art date
Application number
HK00107942.4A
Other languages
German (de)
French (fr)
Chinese (zh)
Other versions
HK1029688A1 (en
Inventor
Franck Rosset
Alain Gayet
Jean Moulin
Original Assignee
Audiosmartcard International S.A.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from FR9611913A external-priority patent/FR2753858B1/en
Application filed by Audiosmartcard International S.A. filed Critical Audiosmartcard International S.A.
Publication of HK1029688A1 publication Critical patent/HK1029688A1/en
Publication of HK1029688B publication Critical patent/HK1029688B/en

Links

Description

The field of the invention is that of remote service provision.
The invention relates to a process and system which allows a call centre, which is affiliated with separate service providers, to quickly and securely identify the customers of service providers calling the call centre by means of telephone equipment (or any terminal emulating this function) connected to a communication network. Many companies are led to offer their customers after-sales (or pre-sales) technical assistance at home or at the location where their customers use the products or software they sell. Other companies (transport, entertainment, travel agencies, etc.) set up remote booking services. More and more goods (purchases) or sometimes purchases (calls, calls, etc.) can be delivered to the telephone companies and call centre management by providing information and financial services.
The problem is to prevent a malicious user from accessing the call centre without authorisation, without paying the corresponding fees or by claiming that he has not requested the services charged to him by the call centre or directly by the services of the affiliated service providers.
The problem of the 'customer's key' is a problem which is not only a problem of cost but also of practical and time-consuming implementation. In fact, the problem can only be effectively solved if one can simultaneously solve another problem: the design of a process and system which is convenient to use, quick to implement and economical.
It was proposed (document WO 96 04741 in the name of Andrew MARK) to use a card emitting an encrypted DTMF-type acoustic signal. Thus, the holder of such a card, by mating it to the microphone of the handset, automatically transfers to the IT services his identifiers. Since these identifiers are encrypted, it can be expected that a third party will not be able to understand their content. However, the recording of the signals emitted by the card remains possible and a fraudster with such a recording can substitute himself for the cardholder.
The solution of A. MARK, if implemented in the case of a call centre, in order to identify in a rapid and secure manner the customers of the service providers affiliated to that call centre, would not therefore prevent a malicious user from accessing, without authorisation, the services offered by the call centre and the affiliated providers.
The objectives of the present invention are achieved and the problems arising from the techniques of the present invention are solved, according to the invention, by a process comprising the following steps: the service provider's services and/or the call centre make available to each customer a card, in the format of a credit card, personalised by specific identifiers for each customer and for each card,the card emits short DTMF-type acoustic identification signals, at least partially encrypted, varying with each operation, when activated by the customer,the acoustic identification signals are received by the microphone of the telephone equipment (or any terminal emulating that terminal) and converted into electronic signals, before being transmitted by the communication network to the call centre's computer service,the transmitted signals and the customer and card identification data held by the customer are processed and compared electronically by the call centre's computer service.
The call centre can verify that the caller has a genuine card and not a computer decoy. It can also identify the cardholder as a person authorised to use the services of the affiliated service providers. In the event of a coincidence, the customer is immediately put in touch with the voice server or operator of the call centre and/or the service provider requested by the customer. Furthermore, fraudsters no longer have the possibility to steal the identification data as it is transmitted automatically in encrypted form.
Preferably the so-called map: The number of times C (p,n) is activated is also counted,and the sound signals are representative of the number of times C (p,n) is activated.
Preferably also the said IT means for processing and comparing electronically the transmitted signals and the customer and card identification data held by the IT department of the call centre, remember the number of times C(p,m) the card was activated during the last validated operation,compare the number of times C(p,n) the card was activated during the current operation with the number of times C(p,m) the card was activated during the current operation,reject the current operation if C(p,n) is less than or equal to C(p,m) and continue the verification of the current operation if C(p,n) is greater than C(p,m),recalculate the electronic signals S'(p,n) in identification data and the number of times C(p,n) the card was activated during the current operation,compare the signals to the electronic signals S,n.In case of coincidence,the customer can be immediately connected to the service provider's communication management function.
In order to increase the security of the process, in one embodiment the process also includes the following step: the customer issues a confidential code by means of a keyboard associated with the microphone and/or card.
The call centre can verify that the caller is the person authorised to contact the call centre's service provider or providers.A stolen card cannot be used by the thief unless he knows the confidential code.
In another embodiment, also to enhance the process security and to prevent the customer from being able to challenge the order placed directly (or indirectly via the call centre) with the service provider, the process also includes the following step: orders placed by the customer to the services of the service provider are validated by the customer by activating the card to emit an encrypted acoustic validation signal,the validation signal is recorded by the call centre or services of the service provider.
The process according to the invention may be advantageously carried out as follows: an acknowledgement of receipt of the validation signal shall be sent to the customer.
The customer has validated the order he has placed with the service provider by means of an electronic signature and his account can be debited or credited.
The invention also concerns a system enabling a call centre to which separate service providers are affiliated to identify in a rapid and reliable manner the customers of the calling service providers by means of telephone equipment (or any terminal emulating this function) connected to the communication network.
In particular: The system of the invention consists of a card, in the format of a credit card, personalized with specific identifiers for each card and for each customer, made available to the customer by the call centre or the services of the service provider. The card has means of emitting short identification acoustic signals, such as DTMF. The means of emission are operated by the customer by means of an element (including a button) accessible from the outside of the card. The card has encryption means allowing at least partial encryption and variation of the acoustic signals each time the card is operated by the button.The system of the invention comprises a telephone equipment (or any terminal emulating this function) including a microphone intended to receive and convert the received acoustic signals into electronic signals transmitted remotely by means of the communication network.The system of the invention comprises computer means, dependent on the call centre's IT department and/or the services of the service provider, connected to the communication network. * a database containing card and customer references and their identification data*, means of processing and means of comparison of electronic signals and identification data contained in the database.
The call centre can verify that the caller has a genuine card and not a computer scam. It can also identify the cardholder as a person authorised to use the services of the affiliated service providers. In the event of a coincidence, the customer is immediately put in contact with the voice server or operator of the call centre and/or the service provider requested by the customer. Furthermore, fraudsters no longer have the possibility to steal the identification data as they are transmitted automatically in encrypted form.
The card shall preferably also contain: an incremental meter interconnected to the means of emission and encryption, incrementing by at least one unit each time the card is activated.
Thus the state of the incremental meter is transmitted to the computer and the acoustic signals are encrypted according to the state of the incremental meter.
Preferably also the said IT means shall also include: means of storing the state C ((p,m) of the incremental meter during the last validated operation,means of comparing the state C ((p,n) of the incremental meter issued during the current operation with the state C ((p,m) of the stored incremental meter.
So the verification of the current operation is rejected if C ((p,n) is less than or equal to C ((p,m) and is continued if C ((p,n) is strictly greater than C ((p,m).
Preferably, the said processing means and the said means of comparison of the electronic signals and identification data contained in the database shall also include means for recalculating the electronic signals according to the state C ((p,n) of the incremental meter and the identification data and then comparing them with the transmitted electronic signals, so that in case of a coincidence the customer can be immediately put in contact with the services of the service provider affiliated to the call centre.
In order to increase the security of the system, in one embodiment, the IT means shall also include secondary means of comparison of a customer's personal confidential code, contained in the database, with a confidential code issued by the customer by means of a keyboard associated with the telephone equipment (or any terminal emulating this function) and/or the card and transmitted to the IT means of the call centre via the communication network.
The operator can thus verify that the caller is the person authorized to contact the telecommunications service. A stolen card cannot be used by a thief unless he knows the secret code.
In another embodiment, also to enhance the security of the system and to prevent the customer from being able to challenge the order he has given to the telecommunications operator, the system according to the invention is such that: the card also emits, when operated by the customer, an encrypted acoustic signal validating the orders given by the customer, the call centre or the services of the service provider also includes means of detecting and recording the validation signal.
The system allows the customer to validate the order he has given to the telecommunications operator by means of an electronic signature and his account can be debited without any challenge.
In this case, the means of detection and recording the validation signal are combined with means of issuing an acknowledgement of receipt of the orders given, to be sent to the client.
Other features and advantages of the invention will be apparent from the description of variants of the invention, given as an indicative and non-limiting example, and from: Figure 1 showing a schematic view in perspective of the system and process according to the invention,Figure 2 showing the map in the form of a block diagram,Figure 3 showing the verification algorithm for the authenticity of the transmitted signal.
The system and process of the invention enable the customer 11 to call, in a safe and rapid manner, from a handset 16 with a microphone 17, the call centre services 30 which its operators 12 make available to customers 11 of the service providers 40. The handset 16, located at a distance from the call centre's IT services 18, is connected to the IT services 18 via a communication network 15.
The system consists of a card 10, in the format of a credit card, which is personalised by specific identifiers for each card and for each customer 11.
The card 10 has means of emission, including a loudspeaker 13 emitting short DTMF-type identification acoustic signals 20. These signals are emitted when the means of emission 13 and the controls are operated by the client using a button 14 accessible from outside the card (not visible in Figure 1 because located on the other side of the card). These means of emission 13 are excited by a DTMF 99 signal generator, controlled by a microprocessor 104 powered by a 106 battery and controlled by a resonator 107. The microprocessor 104 contained in the card has the means of encryption 103 allowing the acoustic signals 20 to be encrypted, at least in part, using an algorithm of 108 specific identifiers and encryption for each card, including 108, 109 and 108, and each card using a 108, 250 encryption algorithm.
The system also includes transmission means 19 of the acoustic signals 20, located in the telephone handset 16. These transmission means 19 transmit the acoustic signals remotely, after processing and conversion into electronic signals, via the communication network 15. The system also includes IT means 21, depending on the IT services 18 of the call centre. These IT means are connected to the communication network 15 and located remotely from the telephone handset 16.
These means 21 themselves include: a database 23 containing the card and customer references and their identification data,processing means 24 and means 25 of comparison of the electronic signals and identification data contained in the database.
Thus, in the event of a coincidence, the services of the call centre 30 and then the services 41 of the 40 affiliated service providers are immediately accessible to the customer 11.
The microprocessor 104 and the encryption means 103 are preferably designed so that the acoustic signal 20 varies with each operation. Indeed, to encrypt an identification code is to transform it into a series of information, incomprehensible to everyone, and which only the holder of the encryption key can decrypt. But this does not prevent the encrypted identification code from being copied, either during its acoustic transmission (magnetic) or by hacking the telephone line. This copy will be used improperly by a fraudster, treated by the receiver system as having all the characteristics of the original, and then interpreted to verify the card's identifiers.
The problem thus arises: how to make any attempt at reproduction impossible? The following describes various variants of the general method which makes it possible to distinguish between the original and the copy when analysing the encrypted signal received by the computer means 21, by inserting a distinctive element into the DTMF type signal 20 emitted by the card 10.
Err1:Expecting ',' delimiter: line 1 column 238 (char 237)
Another variant is to use incremental lists (for example, as described in US Patent No. 4 928 098). The transmitting and receiving devices have the ordered list of the successive encryption of the identification code or have algorithms to establish them as they go. At a given moment the computer means 21 are waiting for the encrypted result Cn. If they actually receive the message Cn, it validates the operation.Err1:Expecting ',' delimiter: line 1 column 427 (char 426)If the card is different, the message is not validated and the analysis system remains waiting for the message C (n).
In a preferential embodiment, to distinguish the original signal from its copy, the microprocessor 104 embedded in card 10 has an incremental counter 105. With each use of the card, the incremental counter 105 increases by one or more units.
In the case of this embodiment, the state C ((p,n) 242 of the meter 105 is included in the calculation of the encrypted message 244 issued by the means of transmission 13. The coded part S ((p,n) 241 is calculated by algorithm 108 (whose equivalent 247 is stored in the computer means 21 by means of the secret key 250 specific to each card and the state C ((p,n) 242 of the meter 105. The card 10 emits, in addition to the card identification number I (p) 240 and the encrypted identification code S (p,n) 241, the act C ((p,n) 242 of its meter 105 incrementally with each emission. The computer means emit 230,((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((In the database 23, the state C ((p,n) 242 of the incremental counter 105 at the last validated operation. Thus, at each receipt of message 244, the comparison means 25 of the computer means 21 can compare 245 the information received relating to the state C ((p,n) 242 of the counter 105, with the previous information received C ((p,m) 246 and stored in memory 230, 23. (a) - If the state C ((p,n) 242 of the meter 105 (fig. 2) expressed in message 244 is strictly higher (n > m) than the previously received C ((p,m) 246, then message 244 is accepted and the analysis continues.If n) 242 of the number 105 expressed in message 244 is less than or equal (n ≤ m) to the number C ((p,m) 246 previously received, the message is rejected.
If the conditions set out in point (a) above are met, the computing means 21 can read the fixed part I ((p) 240 and search in their own database 23, 230 for the corresponding secret key of the card. The computing means 239 of the processing means 24 can then, by means of algorithm 247, the meter state C ((p,n) 242 and the secret key C ((p) 250, calculate the encrypted code expected by the computing means 21. The encrypted code S' ((p,n) 248 calculated is compared 249 with the one actually received S (p,n) 241, by means of the comparison means 25. This process and therefore these means allow the validation or invalidation of the message 244, without the user having to enter the card several times, as in the case described above, the action is carried out in this way.
The existence of an incremental counter 105 within card 10 allows the maximum number of times the card can be used to be set at the time of individual programming of the card at no additional cost.
The 244 frame issued shall contain, for a given card (p), a fixed part I(p) 240 (the card identification number),an incremental variable part C(p,n) 242 (the meter state),an apparently random variable part S(p,n) 241 (the result of an encryption algorithm 108 on the secret key 250 specific to that card (p)).
The frame is broadcast: is always different from one card to another, is, for a given card, always different at each show.
Err1:Expecting ',' delimiter: line 1 column 638 (char 637)
Thus, by means of this combination of means, it is possible to emit, by means of a card having the format of a credit card, identification DTMF-type acoustic frequencies, receivable by the microphone of a telephone network connected equipment, and to have certainty of the authenticity of the calling card and thus to exclude all fraudsters using any sound recording or computer or any computer deception.
In order to increase the security of the system, in the embodiment shown in Figure 1, the computer means 21 also include second means of comparison 26. These means of comparison allow a personal confidential code of the customer, contained in the database, to be compared with the confidential code issued by the user.
Thus, call centre operators and service providers have confidence that the caller 11 is the person authorised to contact the services of the affiliated service providers.
In another embodiment, also to enhance the security of the system and to prevent the customer from being able to challenge the order he has given to the service provider (directly or indirectly via the call management centre), the system according to the invention is as follows: the card 10 emits, when operated 14 by the customer, an encrypted acoustic signal validating the orders given by the customer 11, the said computer means 21 include means 21a of detection and 21b of recording the validation signal.
The customer has validated the order he has placed with the service provider by means of an electronic signature and can be invoiced without any challenge.
In this case, the advantage is that the computer means 21 also include means 28 of editing a receipt 29 of the orders given.

Claims (10)

  1. Method enabling a call management centre (30) handling telephone calls to services (41) of different service providers (40), to quickly and positively identify the customers (11) of the service providers (40) who call using telephone equipment (16), or any terminal emulating this function, connected to the communication network (15), the said method including the following steps:
    - the services (41) of the service provider (40) and/or the call management centre (30) provide each customer (11) with a credit-card-sized card (10) personalised by specific identifiers for each customer and for each card,
    - the said card (10) transmits short acoustic identification signals, of DTMF type, that are at least partly encrypted (103) and vary at each operation, when the card is operated (14) by the customer,
    - the said acoustic identification signals are received by the microphone (17) of the telephone equipment (16), or of any terminal emulating this function, and are converted to electronic signals before being transmitted via the communication network (15) to the call management centre's computerised service (18),
    - the transmitted signals and the customer and card identification data held by the computerised service (18) are processed (24) and compared (25) electronically by the call management centre's computerised service (18),
    such that in the event of a match the customer can be immediately connected to the service provider affiliated to the call management centre.
  2. Method according to Claim 1, characterised in that:
    - the said card (10):
    * counts (105), in addition, the number of times C(p,n) (242) it is operated by the device (14),
    * transmits acoustic signals (20) representing the number of times C(p,n) (242) it has been operated,
    * encrypts (103) the acoustic signals according to the number of times C(p,n) (242) it has been operated,
    - the said computer-based means (21), for processing (24) and comparing (25) electronically the transmitted signals and the customer and card identification data held (23) by the call management centre's computerised service (18),
    * memorise (230) the number of times C(p,m) (246) the card was operated at the time of the last validated operation,
    * compare (245) the number of times C(p,n) (242) the card has been operated at the time of the current operation with the memorised number of times C(p,m) (246),
    * reject the current operation if C(p,n) (242) is less than or equal to C(p,m) (246) and continue verifying the current operation if C(p,n) (242) is greater than C(p,m) (246),
    * recalculate (239) the electronic signals S'(p,n) (248) according to the identification data and the number of times C(p,n) (242) the card has been operated, at the time of the current operation, and then compare them (249) with the transmitted electronic signals S(p,n) (241),
       such that in the event of a match, the customer can be immediately connected to the service provider affiliated to the call management centre.
  3. Method according to Claims 1 or 2, additionally including the following step:
    - the customer transmits, using a keypad (27) linked to the microphone and/or to the card, a personal identification number (or PIN); after the transmission to the call management centre's computerised service (18), via the communication network (15), this PIN is processed and compared (26) with the customer's PIN held by the call management centre's computerised service (18).
  4. Method according to Claims 1, 2 or 3, additionally including the following steps:
    - the instructions given by the customer to the service provider are validated by the customer by operating (14) the card (10) such that it transmits an encrypted acoustic validation signal,
    - the said validation signal is recorded (21b) by the call management centre (30) or by the services (41) of the service provider (40),
       such that the account of the customer (11) can be debited or credited.
  5. Method according to Claim 4, additionally including the following step:
    - an acknowledgement of receipt (29) of the validation signal is addressed to customer.
  6. System enabling a call management centre (30) handling telephone calls to services (41) of different service providers (40), to quickly and positively identify the customers (11) of the service providers (40) who call using telephone equipment (16), or any terminal emulating this function, connected to the communication network (15), the said system including:
    - a credit-card-sized card (10) personalised by specific identifiers for each card and for each customer, made available to each customer, the said card (10) including:
    * transmission means (13) for transmitting short acoustic identification signals, of the DTMF type, operated by the customer using a device (14) accessible on the outer part of the card,
    * encryption means (103) for encrypting, at least partly, and varying the acoustic signals each time the card (10) is operated via the device (14),
    - the said telephone equipment (16), or any terminal emulating this function, having a microphone (17) intended to receive and convert the received acoustic signals to electronic signals that can be transmitted over a distance via the communication network (15),
    - computer-based means (21), dependent on the computerised service (18) of the call management centre and/or the service provider, connected to the communication network, the said computer-based means (21) including:
    * a database (23) containing the references of the cards, customers and their identification data,
    * means (24) for processing and means (25) for comparing electronic signals and identification data contained in the database, such that in the event of a match, the customer can be immediately connected to the service provider affiliated to the call management centre.
  7. System according to Claim 6,
    - the said card (10) additionally including:
    * an incremental counter (105) interconnected with the transmission means (13) and with the encryption means (103), incrementing by at least one unit each time the card (10) is operated by the device (14),    such that the state of the incremental counter (105) is transmitted to the computer-based means (21) and the acoustic signals are encrypted according to the state of the incremental counter,
    - the said computer-based means (21) additionally including:
    * memorisation means (23, 230) for memorising the state C(p,m) (246) of the incremental counter (105) at the time of the last validated operation,
    * comparison means (245) for comparing the state C(p,n) (242) of the incremental counter (105) transmitted during the current operation with the memorised incremental counter state C(p,m) (246), such that verification of the current operation is rejected if C(p,n) (242) is less than or equal to C(p,m) (246) and is continued if C(p,n) (242) is strictly greater than C(p,m) (246),
    - the said means (24) for processing and the said means (25) for comparing electronic signals and identification data contained in the database including means (239) for recalculating the electronic signals according to the state C(p,n) (242) of the incremental counter (105) and the identification data and then comparing them (249) with the transmitted electronic signals,
       such that in the event of a match, the customer can be immediately connected to the service provider affiliated to the call management centre.
  8. System according to Claims 6 or 7, the said computer-based means (21) additionally including second comparison means (26) for comparing a customer's personal identification number (or PIN) contained in the database with a PIN transmitted by the customer using a keypad linked to the telephone equipment, or to any terminal emulating this function, and/or to the card and transmitted to the call management centre's computer-based means via the communication network (15).
  9. System according to Claims 6, 7 or 8, the said card (10) additionally transmitting, when it is operated (14) by the customer (11), an encrypted acoustic signal for validating instructions given by the customer, the call management centre (30) or the services (41) of the service provider (40) additionally including:
    - means (21a) for detecting and means (21b) for recording the validation signal.
  10. System according to Claim 9, the said means (21a) for detecting and the said means (21b) for recording the validation signal being associated with means (28) for issuing an acknowledgement of receipt (29) of the instructions given, which is intended to be addressed to the customer.
HK00107942.4A 1996-09-25 1997-09-25 Method and system for ensuring the security of telephone call management centres HK1029688B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR9611913 1996-09-25
FR9611913A FR2753858B1 (en) 1996-09-25 1996-09-25 METHOD AND SYSTEM FOR SECURING TELEPHONE CALL MANAGEMENT CENTERS
PCT/FR1997/001684 WO1998013991A2 (en) 1996-09-25 1997-09-25 Method and system for ensuring the security of telephone call management centres

Publications (2)

Publication Number Publication Date
HK1029688A1 HK1029688A1 (en) 2001-04-06
HK1029688B true HK1029688B (en) 2006-08-11

Family

ID=

Similar Documents

Publication Publication Date Title
US6904520B1 (en) Method and system for ensuring the securing of computer servers of games
US6704715B1 (en) Method and system for ensuring the security of the remote supply of services of financial institutions
US6445780B1 (en) Method and system for ensuring the security of telephone call management centers
US6829711B1 (en) Personal website for electronic commerce on a smart java card with multiple security check points
JP4097040B2 (en) Tokenless identification system for approval of electronic transactions and electronic transmissions
US7231372B1 (en) Method and system for paying for goods or services
JP4104171B2 (en) Security system and method for services provided by telecommunications operators
US7032109B1 (en) Method and system for ensuring the security of service supplies broadcast on a computer network of the internet type
WO2000062214A1 (en) Credit card security technique
WO1999031621A1 (en) Tokenless financial access system
WO1994002909A1 (en) Non-contacting transaction system for ticketing
CN1322334A (en) General Electronic Trading System and Method
HK1029688B (en) Method and system for ensuring the security of telephone call management centres
US6931527B1 (en) Method and system for ensuring the security of fax transmission using an identifying card
JPH06103425A (en) IC credit card system
JP3085334B2 (en) IC card terminal and IC prepaid card system using the same
HK1029689B (en) Method and system for ensuring the security of service supplies broadcast on a computer network of the internet type
GB2513198A (en) Security systems and methods
EP1559239B1 (en) Method and devices for performing security control in electronic message exchanges
US20040153420A1 (en) Method of recording in a chip card and chip card for implementing this method
JP2007133714A (en) Electronic authentication method and electronic settlement method
JP2002063526A (en) System and method for individual authentication when using credit card
MXPA99010425A (en) Electronic transaction