WO2006133515A1 - A method of confirming the identity of a person - Google Patents

A method of confirming the identity of a person Download PDF

Info

Publication number
WO2006133515A1
WO2006133515A1 PCT/AU2006/000848 AU2006000848W WO2006133515A1 WO 2006133515 A1 WO2006133515 A1 WO 2006133515A1 AU 2006000848 W AU2006000848 W AU 2006000848W WO 2006133515 A1 WO2006133515 A1 WO 2006133515A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic device
identity
person
device identifier
identifying information
Prior art date
Application number
PCT/AU2006/000848
Other languages
French (fr)
Inventor
Alvin David Toms
Original Assignee
Cerebrus Solutions Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from AU2005903141A external-priority patent/AU2005903141A0/en
Application filed by Cerebrus Solutions Limited filed Critical Cerebrus Solutions Limited
Publication of WO2006133515A1 publication Critical patent/WO2006133515A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits

Definitions

  • the present invention relates to confirming the identity of a person.
  • the present invention provides a new way of confirming the identity of a person, which can be used alone or in combination with other methods .
  • a method of confirming the identity of a person comprising: receiving identifying information of the person,- receiving an electronic device identifier; checking a database for a recorded association between the identifying information and the electronic device identifier; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier.
  • the method further comprises : contacting the person using the electronic device having the received electronic device identifier; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier and the person is successfully contacted.
  • the method further comprises: contacting the person via the electronic device having the received electronic device identifier by using its electronic device identifier and confirming that the electronic device is in the person's possession; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and confirmation is received that the electronic device is in the person' s possession.
  • the method further comprises : checking for a negative indication that the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and there is no negative indication relating to the possession of the electronic device .
  • a method of confirming the identity of a person comprising: receiving identifying information of the person; receiving an electronic device identifier; checking a database for a recorded association between the identifying information and the electronic device identifier; indicating that the identity is not confirmed in the event that there is no association between the identifying information and the electronic device identifier.
  • the method further comprises : contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier; indicating that the identity is not confirmed in the event that the person is not successfully contacted.
  • the method further comprises: contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier to confirm it is in the person's possession; indicating that the identity is not confirmed in the event that the person is not successfully contacted or confirmation is not received that the electronic device is in the person's possession.
  • the method further comprises : checking for a negative indication that the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; indicating that the identity is not confirmed in the event that there is a negative indication relating to the possession of the electronic device.
  • the method further comprises indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted, confirmation is received that the electronic device is in the person' s possession and there is no negative indication relating to the possession of the electronic device.
  • the electronic device is a telephone and the electronic device identifier is a phone number.
  • the identifying information is one or more of: a name of the person; an address of the person,- a social security number of the person; a password, pass-phrase or PIN; and/or a biometric reading.
  • a negative indication relating to the possession of the device is given in the event that the device is logged as being lost, stolen or suspected of being lost or stolen.
  • a system for confirming the identity of a person comprising: means for receiving identifying information of the person; means for receiving an electronic device identifier; storage means for holding a database recording associations between identifying information of people and electronic device identifiers; means for checking the database for a recorded association between the received identifying information and the received electronic device identifier; identity confirmation means for indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier.
  • system further comprises: means for contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier; wherein the identity confirmation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier and the person is successfully contacted.
  • system further comprises : means for contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier to confirm it is in the person' s possession; wherein the identity confirmation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully- contacted and confirmation is received that the electronic device is in the person's possession.
  • system further comprises: means for checking for a negative indication that the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; wherein the identity confirmation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and there is no negative indication relating to the possession of the electronic device.
  • Figure 1 is a schematic block diagram of a system for confirming the identity of a person according to a preferred form of the present invention
  • Figure 2 is a schematic block diagram of a system for confirming the identity of a person according to another embodiment of the present invention.
  • Figure 3 is a schematic flow chart of one embodiment of a method of performing the present invention. DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
  • the present invention confirms or assists in conforming the identity of a person.
  • the present invention can be used by providers of credit, such as banks and the like and companies that provide goods or services in advance of payment, such as telecommunications companies.
  • Most telephone numbers are closely associated with a specific person or group of people for long periods of time because people are reluctant to change their telephone numbers. This means that information associated with a telephone (such as the phone number) typically describes the person or group of people who are normally associated with the telephone, and their behaviour.
  • a mobile phone number is usually only associated with one person, whereas a residential home phone number is usually associated with a family or co-tenants.
  • the electronic device identifier could be an Internet Protocol address that is being used to access the service, or some other identifier of the hardware such as a MAC address.
  • FIG. 1 a simplified form of a system for providing identity verification 10 according to an embodiment of the present invention is shown. It includes an input means 12 for receiving an electronic device identifier such as a telephone number, an input means 14 for receiving a nominated identity, an identity checking means 16, and an output means 18 for providing an indication as to whether the identity nominated is verified based on the telephone number supplied.
  • an electronic device identifier such as a telephone number
  • an input means 14 for receiving a nominated identity
  • an identity checking means 16 for providing an indication as to whether the identity nominated is verified based on the telephone number supplied.
  • the input means 12 and 14 may be one and the same means, and indeed will usually be in the form of a keyboard connected to a computer system but may also be for example a telephone key pad.
  • the identity checking means 16 will usually be in the form of a second computer system connected to the first computer system by a network.
  • the first computer system will be arranged to provide the inputted telephone number and nominated identity to the second computer system, which will check the identity as will be described below.
  • the second computer system is arranged to provide an indication of whether the identity is confirmed or not to the first computer system.
  • the output means 18 will usually be in the form of a display screen of the first computer system. It will be appreciated that the roles of the first and second computer systems could be performed by a single computer system or by many computer systems.
  • the computer systems which perform the method described herein operate under the control of one or more computer programs that configure and direct the computer systems to perform the invention.
  • the computer program (s) may be stored on a computer readable storage medium, such as an installed memory device or a disk drive for access by the computer processor during operation, or on a removable medium, such as a floppy disk, CD, DVD, flash memory stick, etc. for loading onto the computer system.
  • the identity - S - checking means 16 comprises a means 60 for retrieving the identity serviced by the telephone number (usually the account holder) and a comparator 64.
  • the means 60 for retrieving the identity will usually be in the form of an identity requesting means and an identity retrieving means.
  • a telecommunications company will usually operate the identity retrieving means, whereas the credit provider will usually operate the identity requesting means (especially if they are not the same entity) .
  • the identity requesting means is configured to request the identity serviced by the telephone number from the identity retrieving means.
  • the identity retrieving means Upon receipt of this request, the identity retrieving means is configured to access a database stored on a storage means 62 and retrieve the identity details (name, address, etc.) from the database.
  • Telecommunications databases usually contain three types of information:
  • Customer data This data relates to the specific personal details of individual subscribers and/or authorised users of a telephone service .
  • the personal details would typically include information such as names, personal and work addresses, previous personal addresses, marital statuses, employment statuses, ages, bank account details, payment plan details, alternative contact numbers, job title, etc.
  • Different telecommunications databases may contain more or less information than that described above depending on the types of services being offered by the network operator and the intensity of their application risk management programmes. Advanced operators may store voiceprints that can be used to perform speaker verification prior to the provision of restricted high value services such as international calling.
  • Usage data This data relates to how the services offered to a particular subscriber or group of subscribers are used. Typically this data will contain information about the values of calls made, the durations of calls, their density, the types of number dialed, the cell sites from which calls were made, etc.
  • Various operators may extract more or less data than this depending on the level of sophistication of their data mining capabilities, and the extent to which they are able to use the data they extract for fraud detection and prevention, active selling, dynamic credit allocation, behavioural risk scoring, and similar applications. Advanced operators may dynamically build a database of voiceprints of users of a service, usually for the purposes of fraud detection. All data may relate to recent behaviour but some operators may also retain historical data for the purposes of identifying changes in behaviour.
  • Payment data This data relates to the size, timing, and methods by which payments are made for the services consumed. Typically this data will contain information about whether payments tend to be made in part of in full, whether they tend to be early or late, whether they are by cheque, direct debit, standing order, credit card, etc. Historical data may be obtained so that trends and changes in behaviour can be identified, and may be used for a variety of purposes such as behavioural risk scoring, and dynamic credit allocation.
  • the databases used by banks and credit card companies contain natural analogues of all of the above data types, most of which will be readily identifiable to those familiar with the banking and financial industries.
  • the customer data retained by a credit card operators will contain substantially the same information as that used by a telecommunications operator. If the credit limit offered by the card operators is high, however, they may be more diligent in collecting the information, and may add to it using sources such as credit bureaus in order to further reduce their risk.
  • the usage data that is collected by credit card operators may be less rich than that collected by telecommunications operators, simply because there are fewer descriptors associated with a credit card transaction than with a telephone call.
  • credit card transactions may be summarized in terms of time, location, and value.
  • the payment data stored by credit card issuers is again substantially the same as the payment data stored by telecommunications network operators because the means by which payment can be made may be essentially the same in each case.
  • the retrieved identity is sent to the comparator 64.
  • the comparator 64 compares the identity provided by input means 14 with the identity provided by the identity retrieving means . In the event that the identities match a positive indication is provided to the output means 58. In the event that the identities do not match a negative indication is provided to the output means 58.
  • the comparator 66 may be configured to provide an indication of a partial match to the output means 18, when the identity details partially match.
  • the telephone account may be in the name of one family member, but the person being identified may be a different person residing in the same residence or having the same surname.
  • a partial match may be given in those circumstances .
  • the partial match may be sufficiently close, it may be deemed to be a match for purposes of providing an indication that the identity is confirmed. This may especially be the case if the credit provided allows a family member's phone number to be provided and the address is being confirmed.
  • Privacy laws or concerns may be addressed by the telecommunications company encoding the identity retrieved from the database by using an encoder 66.
  • the encoder can use a suitable technique, such as hashing, to obtain data representing the identity. The data may not be reversible back to the identity, but would be created in a manner such that it would be highly unlikely that a different identity being encoded would create the same data.
  • the operator of the credit facility would encode the identity details provided by the applicant using encoder 68, using the same encoding technique, in order to compare the resulting data.
  • identity information can be subject to a series of normalisation procedures prior to encoding, such as converting text into a phonetic representation in order to minimise the effects of misspelling by data entry operators.
  • a sophisticated comparator and encoder arrangement may be able to determine a degree of match from the encoded identity details .
  • This may include a lookup means 70 for checking a database on a storage means 72 for a record on whether the phone is logged as lost or stolen.
  • a telephone dialler 74 which dials the phone number given to check that the person being identified can be contacted or person' s details are being confirmed. This may be done in person in one embodiment to see if the phone rings and is answered by the person in front of the person confirming the identity. Otherwise other mechanisms manual or automatic may be used. For example a password/phase/PIN could be requested and verified or a biometric reading taken by the phone or a device associated therewith.
  • the person being identified may have for example requested an unsecured credit facility, such as the provision of a service (for example a new telephone service) or the provision of a loan.
  • an unsecured credit facility such as the provision of a service (for example a new telephone service) or the provision of a loan.
  • the credit applicant needs to have their identity verified. There may be other reasons for verifying the identity of the person.
  • the person provides their nominated identity 102 by input means 14 and supplies their telephone number (which may be for a land line or a mobile telephone) at 104. This is entered into the input means 12.
  • the identity checking means 16 may normalise telephone number format to eliminate possible confusions that can occur when the same number can be represented in several different ways.
  • the same telephone number can typically be given at the level of the local exchange (for example, 534489) , at the level of the regional exchange (for example, 01477534489) or at the level of national interconnect (for example 00441477534489) .
  • This normalisation process can be performed using industry standard techniques that are based on segmenting the number to identify missing elements that can then be supplied from lookup tables.
  • the lookup means 60 retrieves the information associated with the telephone number from the storage means 62 at step 106.
  • the nominated identity is compared 108 to that retrieved for the storage means 62. If the nominated identity does not match that retrieved identity, then the identity is not confirmed at 110. Note that depending on the configuration desired by the credit provider a partial match e.g.: address and/or family name may be considered to be sufficient for the identity to be confirmed. At this stage a check can also be preformed to determine whether the telephone is logged as being lost or stolen in a database of the telecommunications company. If the phone is lost or stolen then the identity is not confirmed 110.
  • the telephone number is then contacted 114 to see whether the nominated person has the phone in their possession. This may occur simply by determining who answers . Of course it is ideal if the credit applicant is standing in front of the person performing the identity check to see the applicant's mobile phone ring and see them answer. Questions may be asked to see if the credit applicant has the phone in their possession. For example a password or phase may be given. Contact of the user of the telephone does not necessarily occur simply through a voice call; text messaging is also appropriate. In this regard a code may be messaged that is entered to confirm the person' s identity.
  • This process can be conducted manually or automatically. In one form of automation of this process, a voice print can be taken and compared to a sample to confirm the identity of the person. Other biometric readings can also be used either to confirm the phone is in the possession of the person or as the nominated identity (in which case the input means 14 will be a biometric reader and lookup database) .
  • the identity is not confirmed 110. Otherwise the identity is confirmed 116.
  • the conformation or non confirmation is given by output means 18.
  • the present invention can be used in developing countries where the information infrastructure is extremely limited, making it difficult to verify a person' s identity by other means .
  • Such a modification may include: - using an electronic device identification number rather than the telephone number.
  • IP Internet Protocol
  • an electronic device identification number could be used where the IP address has an associated payment/use history with an internet service provider.
  • another unique identifier can be used such as a network interface card or microprocessor address/identifier (e.g. MAC address or processor serial number)
  • MAC address e.g. MAC address or processor serial number

Abstract

A method of confirming the identity of a person comprises receiving identifying information of the person (14), and receiving an electronic device identifiers (12). A database (62) is checked for a recorded association between the identifying information and the electronic device identifier. In the event that there is an association between the identifying information and the electronic device identifier, there is an indication (18) given that the identity is confirmed. An identity checking (16) means is also disclosed.

Description

A METHOD OF CONFIRMING THE IDENTITY OF A PERSON
FIELD OF INVENTION
The present invention relates to confirming the identity of a person.
BACKGROUND
It is often difficult to confirm the identity of a person for many reasons . Some people do not have photograph identification, and even those that have photo- identification can have it stolen. Also photo identification can be forged.
The present invention provides a new way of confirming the identity of a person, which can be used alone or in combination with other methods .
BRIEF SUMMARY OF THE INVENTION
According to one aspect of the invention there is provided a method of confirming the identity of a person, the method comprising: receiving identifying information of the person,- receiving an electronic device identifier; checking a database for a recorded association between the identifying information and the electronic device identifier; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier. In a preferred embodiment the method further comprises : contacting the person using the electronic device having the received electronic device identifier; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier and the person is successfully contacted.
In a further preferred embodiment the method further comprises: contacting the person via the electronic device having the received electronic device identifier by using its electronic device identifier and confirming that the electronic device is in the person's possession; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and confirmation is received that the electronic device is in the person' s possession.
In a further preferred embodiment the method further comprises : checking for a negative indication that the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and there is no negative indication relating to the possession of the electronic device . According to a second aspect of the present invention there is provided a method of confirming the identity of a person, the method comprising: receiving identifying information of the person; receiving an electronic device identifier; checking a database for a recorded association between the identifying information and the electronic device identifier; indicating that the identity is not confirmed in the event that there is no association between the identifying information and the electronic device identifier.
In a preferred embodiment the method further comprises : contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier; indicating that the identity is not confirmed in the event that the person is not successfully contacted.
In a further preferred embodiment the method further comprises: contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier to confirm it is in the person's possession; indicating that the identity is not confirmed in the event that the person is not successfully contacted or confirmation is not received that the electronic device is in the person's possession.
In a further preferred embodiment the method further comprises : checking for a negative indication that the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; indicating that the identity is not confirmed in the event that there is a negative indication relating to the possession of the electronic device.
Typically the method further comprises indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted, confirmation is received that the electronic device is in the person' s possession and there is no negative indication relating to the possession of the electronic device.
Preferably the electronic device is a telephone and the electronic device identifier is a phone number.
Usually the identifying information is one or more of: a name of the person; an address of the person,- a social security number of the person; a password, pass-phrase or PIN; and/or a biometric reading.
A negative indication relating to the possession of the device is given in the event that the device is logged as being lost, stolen or suspected of being lost or stolen.
According to a third aspect of the present invention there is provided a system for confirming the identity of a person, the system comprising: means for receiving identifying information of the person; means for receiving an electronic device identifier; storage means for holding a database recording associations between identifying information of people and electronic device identifiers; means for checking the database for a recorded association between the received identifying information and the received electronic device identifier; identity confirmation means for indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier.
In a preferred embodiment the system further comprises: means for contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier; wherein the identity confirmation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier and the person is successfully contacted.
In a further preferred embodiment the system further comprises : means for contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier to confirm it is in the person' s possession; wherein the identity confirmation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully- contacted and confirmation is received that the electronic device is in the person's possession.
In a further preferred embodiment the system further comprises: means for checking for a negative indication that the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; wherein the identity confirmation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and there is no negative indication relating to the possession of the electronic device.
DESCRIPTION OF DIAGRAMS
In order to provide a better understanding of the present invention preferred embodiments will now be described in greater detail, by way of example only, with reference to the accompanying diagrams, in which: Figure 1 is a schematic block diagram of a system for confirming the identity of a person according to a preferred form of the present invention; Figure 2 is a schematic block diagram of a system for confirming the identity of a person according to another embodiment of the present invention; and
Figure 3 is a schematic flow chart of one embodiment of a method of performing the present invention. DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS
The present invention confirms or assists in conforming the identity of a person. The present invention can be used by providers of credit, such as banks and the like and companies that provide goods or services in advance of payment, such as telecommunications companies.
Most telephone numbers are closely associated with a specific person or group of people for long periods of time because people are reluctant to change their telephone numbers. This means that information associated with a telephone (such as the phone number) typically describes the person or group of people who are normally associated with the telephone, and their behaviour. A mobile phone number is usually only associated with one person, whereas a residential home phone number is usually associated with a family or co-tenants.
This is also applicable to identifiers of electronic devices other than telephones, such as a computer identifier or a PDA identifier. The electronic device identifier could be an Internet Protocol address that is being used to access the service, or some other identifier of the hardware such as a MAC address.
Referring to Figure 1, a simplified form of a system for providing identity verification 10 according to an embodiment of the present invention is shown. It includes an input means 12 for receiving an electronic device identifier such as a telephone number, an input means 14 for receiving a nominated identity, an identity checking means 16, and an output means 18 for providing an indication as to whether the identity nominated is verified based on the telephone number supplied.
The input means 12 and 14 may be one and the same means, and indeed will usually be in the form of a keyboard connected to a computer system but may also be for example a telephone key pad. The identity checking means 16 will usually be in the form of a second computer system connected to the first computer system by a network. The first computer system will be arranged to provide the inputted telephone number and nominated identity to the second computer system, which will check the identity as will be described below. The second computer system is arranged to provide an indication of whether the identity is confirmed or not to the first computer system. The output means 18 will usually be in the form of a display screen of the first computer system. It will be appreciated that the roles of the first and second computer systems could be performed by a single computer system or by many computer systems.
The computer systems which perform the method described herein operate under the control of one or more computer programs that configure and direct the computer systems to perform the invention. The computer program (s) may be stored on a computer readable storage medium, such as an installed memory device or a disk drive for access by the computer processor during operation, or on a removable medium, such as a floppy disk, CD, DVD, flash memory stick, etc. for loading onto the computer system.
Referring to Figure 2 , which shows the identity checking means 16 of the system 10 in more detail. The identity - S - checking means 16 comprises a means 60 for retrieving the identity serviced by the telephone number (usually the account holder) and a comparator 64. The means 60 for retrieving the identity will usually be in the form of an identity requesting means and an identity retrieving means. A telecommunications company will usually operate the identity retrieving means, whereas the credit provider will usually operate the identity requesting means (especially if they are not the same entity) . The identity requesting means is configured to request the identity serviced by the telephone number from the identity retrieving means. Upon receipt of this request, the identity retrieving means is configured to access a database stored on a storage means 62 and retrieve the identity details (name, address, etc.) from the database.
Telecommunications databases usually contain three types of information:
i) Customer data. This data relates to the specific personal details of individual subscribers and/or authorised users of a telephone service . The personal details would typically include information such as names, personal and work addresses, previous personal addresses, marital statuses, employment statuses, ages, bank account details, payment plan details, alternative contact numbers, job title, etc. Different telecommunications databases may contain more or less information than that described above depending on the types of services being offered by the network operator and the intensity of their application risk management programmes. Advanced operators may store voiceprints that can be used to perform speaker verification prior to the provision of restricted high value services such as international calling.
ii) Usage data. This data relates to how the services offered to a particular subscriber or group of subscribers are used. Typically this data will contain information about the values of calls made, the durations of calls, their density, the types of number dialed, the cell sites from which calls were made, etc. Various operators may extract more or less data than this depending on the level of sophistication of their data mining capabilities, and the extent to which they are able to use the data they extract for fraud detection and prevention, active selling, dynamic credit allocation, behavioural risk scoring, and similar applications. Advanced operators may dynamically build a database of voiceprints of users of a service, usually for the purposes of fraud detection. All data may relate to recent behaviour but some operators may also retain historical data for the purposes of identifying changes in behaviour.
iii) Payment data. This data relates to the size, timing, and methods by which payments are made for the services consumed. Typically this data will contain information about whether payments tend to be made in part of in full, whether they tend to be early or late, whether they are by cheque, direct debit, standing order, credit card, etc. Historical data may be obtained so that trends and changes in behaviour can be identified, and may be used for a variety of purposes such as behavioural risk scoring, and dynamic credit allocation.
The databases used by banks and credit card companies contain natural analogues of all of the above data types, most of which will be readily identifiable to those familiar with the banking and financial industries. For example, the customer data retained by a credit card operators will contain substantially the same information as that used by a telecommunications operator. If the credit limit offered by the card operators is high, however, they may be more diligent in collecting the information, and may add to it using sources such as credit bureaus in order to further reduce their risk. The usage data that is collected by credit card operators may be less rich than that collected by telecommunications operators, simply because there are fewer descriptors associated with a credit card transaction than with a telephone call. For example, credit card transactions may be summarized in terms of time, location, and value. The payment data stored by credit card issuers is again substantially the same as the payment data stored by telecommunications network operators because the means by which payment can be made may be essentially the same in each case.
The retrieved identity is sent to the comparator 64. The comparator 64 compares the identity provided by input means 14 with the identity provided by the identity retrieving means . In the event that the identities match a positive indication is provided to the output means 58. In the event that the identities do not match a negative indication is provided to the output means 58.
The comparator 66 may be configured to provide an indication of a partial match to the output means 18, when the identity details partially match. For example, the telephone account may be in the name of one family member, but the person being identified may be a different person residing in the same residence or having the same surname. A partial match may be given in those circumstances .
Details of the extent of the match may also be given. If the partial match is sufficiently close, it may be deemed to be a match for purposes of providing an indication that the identity is confirmed. This may especially be the case if the credit provided allows a family member's phone number to be provided and the address is being confirmed.
Privacy laws or concerns may be addressed by the telecommunications company encoding the identity retrieved from the database by using an encoder 66. The encoder can use a suitable technique, such as hashing, to obtain data representing the identity. The data may not be reversible back to the identity, but would be created in a manner such that it would be highly unlikely that a different identity being encoded would create the same data. The operator of the credit facility would encode the identity details provided by the applicant using encoder 68, using the same encoding technique, in order to compare the resulting data. To improve the robustness of the comparison, identity information can be subject to a series of normalisation procedures prior to encoding, such as converting text into a phonetic representation in order to minimise the effects of misspelling by data entry operators. A sophisticated comparator and encoder arrangement may be able to determine a degree of match from the encoded identity details .
Further optional parts to the system 50 may be provided. This may include a lookup means 70 for checking a database on a storage means 72 for a record on whether the phone is logged as lost or stolen.
Another optional part is a telephone dialler 74 which dials the phone number given to check that the person being identified can be contacted or person' s details are being confirmed. This may be done in person in one embodiment to see if the phone rings and is answered by the person in front of the person confirming the identity. Otherwise other mechanisms manual or automatic may be used. For example a password/phase/PIN could be requested and verified or a biometric reading taken by the phone or a device associated therewith.
If these checks are passed then an indication confirming the identity or confirming the person' s identifying details is output by output means 76, which is in turn provided to output means 18.
Referring to Figure 3, the method 100 of use of one embodiment of the present invention using the system of Figure 1 will now be described. The person being identified may have for example requested an unsecured credit facility, such as the provision of a service (for example a new telephone service) or the provision of a loan. As part of the credit application process the credit applicant needs to have their identity verified. There may be other reasons for verifying the identity of the person. The person provides their nominated identity 102 by input means 14 and supplies their telephone number (which may be for a land line or a mobile telephone) at 104. This is entered into the input means 12.
The identity checking means 16 may normalise telephone number format to eliminate possible confusions that can occur when the same number can be represented in several different ways.
For example, the same telephone number can typically be given at the level of the local exchange (for example, 534489) , at the level of the regional exchange (for example, 01477534489) or at the level of national interconnect (for example 00441477534489) . This normalisation process can be performed using industry standard techniques that are based on segmenting the number to identify missing elements that can then be supplied from lookup tables.
If the embodiment of Figure 2 is used the lookup means 60 retrieves the information associated with the telephone number from the storage means 62 at step 106.
The nominated identity is compared 108 to that retrieved for the storage means 62. If the nominated identity does not match that retrieved identity, then the identity is not confirmed at 110. Note that depending on the configuration desired by the credit provider a partial match e.g.: address and/or family name may be considered to be sufficient for the identity to be confirmed. At this stage a check can also be preformed to determine whether the telephone is logged as being lost or stolen in a database of the telecommunications company. If the phone is lost or stolen then the identity is not confirmed 110.
The telephone number is then contacted 114 to see whether the nominated person has the phone in their possession. This may occur simply by determining who answers . Of course it is ideal if the credit applicant is standing in front of the person performing the identity check to see the applicant's mobile phone ring and see them answer. Questions may be asked to see if the credit applicant has the phone in their possession. For example a password or phase may be given. Contact of the user of the telephone does not necessarily occur simply through a voice call; text messaging is also appropriate. In this regard a code may be messaged that is entered to confirm the person' s identity.
This process can be conducted manually or automatically. In one form of automation of this process, a voice print can be taken and compared to a sample to confirm the identity of the person. Other biometric readings can also be used either to confirm the phone is in the possession of the person or as the nominated identity (in which case the input means 14 will be a biometric reader and lookup database) .
If the correct person is not in possession of the phone, then the identity is not confirmed 110. Otherwise the identity is confirmed 116. The conformation or non confirmation is given by output means 18. The present invention can be used in developing countries where the information infrastructure is extremely limited, making it difficult to verify a person' s identity by other means .
The skilled addressee will readily appreciate that numerous modifications and variations may be made to the present invention without departing from the basic inventive concept. Such a modification may include: - using an electronic device identification number rather than the telephone number. For example an Internet Protocol (IP) address could be used where the IP address has an associated payment/use history with an internet service provider. In cases where a dynamic IP address is provided another unique identifier can be used such as a network interface card or microprocessor address/identifier (e.g. MAC address or processor serial number) This is particularly useful if the application for credit is conducted on-line, since the identifier can be automatically provided to the input means 12. it is envisaged that convergence of telephone devices and personal computing devices will at some point eliminate the difference between a telephone number and a device address. For this reason an electronic device identifier is intended to include any identification of a device to which relevant information can be associated for performing an identity check.
All of those modifications and variations as would be apparent to the skilled addressee are intended to fall within the scope of the present invention, the nature of which is to be determined by the foregoing description and appended claims.

Claims

The claims defining the invention are as follows:
1. A method of confirming the identity of a person, the method comprising: receiving identifying information of the person; receiving an electronic device identifier; checking a database for a recorded association between the identifying information and the electronic device identifier; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier.
2. A method according to claim 1, wherein the method further comprises : contacting the person using the electronic device having the received electronic device identifier; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier and the person is successfully contacted.
3. A method according to claim 1, wherein the method further comprises : contacting the person via the electronic device having the received electronic device identifier by using its electronic device identifier and confirming the electronic device is in the person's possession; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and confirmation is received that the electronic device is in the person's possession.
4. A method according to claim 1, wherein the method further comprises : checking for a negative indication that the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and there is no negative indication relating to the possession of the electronic device.
5. A method of confirming the identity of a person, the method comprising: receiving identifying information of the person; receiving an electronic device identifier; checking a database for a recorded association between the identifying information and the electronic device identifier; indicating that the identity is not confirmed in the event that there is no association between the identifying information and the electronic device identifier.
6. A method according to any one of claims 1 to 5, wherein the method further comprises: contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier; indicating that the identity is not confirmed in the event that the person is not successfully contacted.
7. A method according to any one of claims 1 to 5, wherein the method further comprises : contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier to confirm it is in the person's possession; indicating that the identity is not confirmed in the event that the person is not successfully contacted or confirmation is not received that the electronic device is in the person's possession.
8. A method according to any one of claims 1 to 5, wherein the method further comprises: checking for a negative indication that the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; indicating that the identity is not confirmed in the event that there is a negative indication relating to the possession of the electronic device.
9. A method according to any one of claims 1 to 5 , wherein the method further comprises indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted, and there is no negative indication relating to the possession of the electronic device.
10. A method according to any one of claims 1 to 5, wherein the electronic device is a telephone and the electronic device identifier is a phone number.
11. A method according to any one of claims 1 to 5 , wherein the identifying information is one or more of: a name of the person; an address of the person; a social security number of the person,- a password, pass-phrase or PIN; and/or a biometric reading.
12. A method according to any one of claims 1 to 5, wherein a negative indication relating to the possession of the device is given in the event that the device is logged as being lost, stolen or suspected of being lost or stolen.
13. A method according to any one of claims 1 to 5, wherein checking the database and indicating the identity is confirmed comprises retrieving stored identifying information from the database from the received electronic device identifier comparing the retrieved identifying information to the receiving identifying information and if they are the same indication that the identity is confirmed.
14. A method according to claim 13 , wherein in the event of a partial match between the retrieved identity and the received identity, a partial confirmation is indicated.
15. A method according to claim 13, wherein in the event that the retrieved identity is sufficiently close to the received identity then an indication of a confirmation is given.
16. A method according to claim 13, wherein in the retrieved identity is encoded prior to comparison, the received identity is encoded and the encoded retrieved identity is compared to the encoded received identity.
17. A method according to claim 16, wherein the received identity is normalised prior to encoding.
18. A method according to any one of claims 6 or 7 wherein the person is automatically contacted via the electronic device in the presence of another person confirming the identity of the person.
19. A system for confirming the identity of a person, the system comprising: means for receiving identifying information of the person; means for receiving an electronic device identifier; storage means for holding a database recording associations between identifying information of people and electronic device identifiers; means for checking the database for a recorded association between the received identifying information and the received electronic device identifier; identity confirmation means for indicating that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier.
20. A system according to claim 13, wherein the system further comprises: means for contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier; wherein the identity confirmation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier and the person is successfully contacted.
21. A system according to claim 13, wherein the system further comprises: means for contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier to confirm it is in the person' s possession; wherein the identity confirmation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and confirmation is received that the electronic device is in the person's possession.
22. A system according to claim 13, wherein the system further comprises: means for checking for a negative indication that the possession of the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; wherein the identity confirmation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted and there is no negative indication relating to the possession of the electronic device.
23. A system of confirming the identity of a person, the system comprising: means for receiving identifying information of the person; means for receiving an electronic device identifier; storage means for holding a database recording associations between identifying information of people and electronic device identifiers; means for checking the database for a recorded association between the identifying information and the electronic device identifier; identify confirmation means for indicating that the identity is not confirmed in the event that there is no association between the identifying information and the electronic device identifier.
24. A system according to claim 17, wherein the system further comprises : means for contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier; wherein the identify conformation means indicates that the identity is not confirmed in the event that the person is not successfully contacted.
25. A system according to claim 17, wherein the system further comprises : means for contacting the person via the electronic device having the received electronic device identifier using its electronic device identifier to confirm it is in the person's possession; wherein the identify conformation means indicates that the identity is not confirmed in the event that the person is not successfully contacted or confirmation is not received that the electronic device is in the person's possession.
26. A system according to claim 17, wherein the system further comprises: means for checking for a negative indication that the electronic device having the received electronic device identifier is in the possession of its owner or a rightful person; wherein the identify conformation means indicates that the identity is not confirmed in the event that there is a negative indication relating to the possession of the electronic device.
27. A system according to claim 17, wherein the identify conformation means indicates that the identity is confirmed in the event that there is an association between the identifying information and the electronic device identifier, the person is successfully contacted, and there is no negative indication relating to the possession of the electronic device .
28. A system according to any one of claims 19 to 27, wherein checking the database and indicating the identity is confirmed comprises retrieving stored identifying information from the database from the received electronic device identifier comparing the retrieved identifying information to the receiving identifying information and if they are the same indication that the identity is confirmed.
29. A system according to claim 28, wherein in the event of a partial match between the retrieved identity and the received identity, a partial confirmation is indicated.
30. A system according to claim 28, wherein in the event that the retrieved identity is sufficiently close to the received identity then an indication of a confirmation is given.
31. A system according to claim 28, wherein in the retrieved identity is encoded prior to comparison, the received identity is encoded and the encoded retrieved identity is compared to the encoded received identity.
32. A system according to claim 28, wherein the received identity is normalised prior to encoding.
33. A system according to any one of claims 31 or 32 wherein the person is automatically contacted via the electronic device in the presence of another person confirming the identity of the person.
34. A computer program for confirming the identity of a person comprises instructions for controlling a computer to perform the method of any one of claims 1 to 18.
35. A computer program for confirming the identity of a person comprises instructions for controlling a computer to operate as the system of any one of claims 19 to 33.
36. A computer readable storage medium comprising the computer program of either claim 34 or 35.
PCT/AU2006/000848 2005-06-16 2006-06-16 A method of confirming the identity of a person WO2006133515A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AU2005903141 2005-06-16
AU2005903141A AU2005903141A0 (en) 2005-06-16 A method of confirming the identity of a person

Publications (1)

Publication Number Publication Date
WO2006133515A1 true WO2006133515A1 (en) 2006-12-21

Family

ID=37531893

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU2006/000848 WO2006133515A1 (en) 2005-06-16 2006-06-16 A method of confirming the identity of a person

Country Status (1)

Country Link
WO (1) WO2006133515A1 (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2348778A (en) * 1999-04-08 2000-10-11 Ericsson Telefon Ab L M Authentication in mobile internet access
WO2001052518A1 (en) * 2000-01-07 2001-07-19 Vesta Corporation Fraud prevention system and method
WO2003005273A1 (en) * 2001-07-06 2003-01-16 Hossein Mohsenzadeh Secure authentication and payment system
WO2003034633A2 (en) * 2001-10-17 2003-04-24 Npx Technologies Ltd. Verification of a person identifier received online
US20030172272A1 (en) * 2000-05-24 2003-09-11 Ehlers Gavin Walter Authentication system and method
WO2003096252A1 (en) * 2001-05-16 2003-11-20 Ecardless Bancorp, Ltd. Purchasing on the internet using verified order information and bank payment assurance
US20040097217A1 (en) * 2002-08-06 2004-05-20 Mcclain Fred System and method for providing authentication and authorization utilizing a personal wireless communication device
WO2004090819A2 (en) * 2003-04-14 2004-10-21 Tagboard Limited Payment apparatus and method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2348778A (en) * 1999-04-08 2000-10-11 Ericsson Telefon Ab L M Authentication in mobile internet access
WO2001052518A1 (en) * 2000-01-07 2001-07-19 Vesta Corporation Fraud prevention system and method
US20030172272A1 (en) * 2000-05-24 2003-09-11 Ehlers Gavin Walter Authentication system and method
WO2003096252A1 (en) * 2001-05-16 2003-11-20 Ecardless Bancorp, Ltd. Purchasing on the internet using verified order information and bank payment assurance
WO2003005273A1 (en) * 2001-07-06 2003-01-16 Hossein Mohsenzadeh Secure authentication and payment system
WO2003034633A2 (en) * 2001-10-17 2003-04-24 Npx Technologies Ltd. Verification of a person identifier received online
US20040097217A1 (en) * 2002-08-06 2004-05-20 Mcclain Fred System and method for providing authentication and authorization utilizing a personal wireless communication device
WO2004090819A2 (en) * 2003-04-14 2004-10-21 Tagboard Limited Payment apparatus and method

Similar Documents

Publication Publication Date Title
US20060218407A1 (en) Method of confirming the identity of a person
US20060233332A1 (en) Credit worthiness rating method
US8588748B2 (en) System and method for mobile identity protection of a user of multiple computer applications, networks or devices
US20030195859A1 (en) System and methods for authenticating and monitoring transactions
US7693789B2 (en) System and method for detecting fraudulent calls
US6044349A (en) Secure and convenient information storage and retrieval method and apparatus
US20170132631A1 (en) System and method for user identity validation for online transactions
US8745698B1 (en) Dynamic authentication engine
US8515847B2 (en) System and method for password-free access for validated users
US20030225686A1 (en) Systems and methods for selective validation of phone numbers
US20030217014A1 (en) Systems and methods for storing and using phone number validations
US20030009426A1 (en) Methods and apparatus for protecting against credit card fraud, check fraud, and identity theft
US20070174186A1 (en) Authenticated and distributed transaction processing
US20100299261A1 (en) Credit applicant and user authentication solution
US20090119106A1 (en) Building whitelists comprising voiceprints not associated with fraud and screening calls using a combination of a whitelist and blacklist
US20030216987A1 (en) Systems and methods for accessing and using phone number validation information
US20040215574A1 (en) Systems and methods for verifying identities in transactions
US7224786B2 (en) System and method for detecting unauthorized access using a voice signature
CA2457688A1 (en) System for managing and reporting financial account activity
WO1999045693A1 (en) Method and system for controlling authorization of credit card transactions
WO2007114826A1 (en) Transaction processing systems and methods
CN102171716A (en) A process and system for providing real-time processing service
US20080217399A1 (en) System and method for controlling usage of a payment card
US20100161468A1 (en) Systems and methods for authenticating parties engaging in a financial transaction
US8953754B1 (en) Pre-authentication system and method for outgoing communication

Legal Events

Date Code Title Description
DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06752614

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 06752614

Country of ref document: EP

Kind code of ref document: A1