摘要 |
A user-authentication system includes an authorized user device (AUD) for transmission of dtmf tones to a user-verification system (UVS) over a telephone network, where user-verification is performed and authorized users are granted access to a desired service. In a memory module of the AUD, a plurality of passphrases and identifying data are stored for subsequent transmission to the UVS. The UVS includes a memory module for receiving and storing the passphrases and identifying data, and a processor for determining whether user-stated passphrases correspond to the stored passphrases, and for prompting the user with knowledge-based questions and determining whether the identifying data corresponds to answers given by a user in response to the knowledge-based questions. The UVS further includes security safeguards such a transmitter transmitting a signal relating to time while a user is stating a passphrase, to determine whether a user-stated passphrase comprises a previously recorded passphrase, and an analyzer device determining whether the access number used to reach the user-verification system are appropriate for the specific user-device. |