IT202300024366A1 - USER VERIFICATION METHOD AND RELATED ELECTRONIC AUTHENTICATION SYSTEM - Google Patents

Description

DESCRIPTION

Attached to a patent application for an INDUSTRIAL INVENTION having as its title

User verification method and related electronic authentication system

Technical field of the invention

The present invention relates to a method of verifying a user, an electronic authentication system and a storage medium readable by an electronic computer.

Known technique

Today, with the rise of increasingly sophisticated artificial intelligence and increasingly aggressive cyber attacks, the need to verify that a user is actually a real person and not an automated system is increasingly evident in cybersecurity. This issue is particularly important for voice authentication systems, as an attacker could record the user's voice and play it back to authenticate on their behalf.

An authentication system contains the modules essential for recognizing a user, such as Speaker Identification (SID), which authorizes the user through voice, and Face Recognition (FR), which authorizes the user through facial image. Authorization modules are not designed to be resistant to attacks, as adding this constraint to the training process would reduce their efficiency.

Possible attacks that authentication systems can be subjected to include:

- Recording Attack, in which the attacker records the user's voice and plays it back;

- Speech Synthesis Attack, in which the attacker uses a speech synthesizer to reproduce the user's voice;

- MultiModal Synthesis Attack, in which the attacker uses a speech synthesizer to reproduce the user's voice and an image generator to reproduce the user's face;

- Expert Attack, in which the attacker can interact with the device's screen to read text information, generate audio of the user speaking the text information, generate video of the user speaking the text information (e.g., DeepFake), and synchronize the generated audio and video;

- Injection Attack, in which the attacker is able to inject video/audio directly into the device he is using, bypassing the acquisition hardware.

Brief summary of the invention

The technical task of the present invention is therefore to provide a method of verifying a user, an authentication system and a storage medium readable by an electronic computer that are capable of overcoming the drawbacks that have emerged from the prior art.

The purpose of the present invention is therefore to provide a method of verifying a user, an authentication system and a computer-readable storage medium that allow for effective verification and recognition of an entry attempt by bots or hackers.

A further object of the present invention is therefore to provide a method of verifying a user, an authentication system and a computer-readable storage medium that are capable of being easily updated in order to be able to recognize new types of attacks.

The specified technical task and the specified purposes are substantially achieved by a user verification method, an authentication system, and a computer-readable storage medium comprising the technical features set forth in one or more of the appended claims. The dependent claims correspond to possible embodiments of the invention.

In particular, the specified technical task and the specified purposes are essentially achieved by a method of verifying a user in an authentication system.

The method comprises a step that involves detecting one or more environmental data associated with the user, a space in which the user is located, and/or a user device on which the authentication system is installed or installable; this is followed by a step that involves comparing the detected environmental data with expected environmental data.

In other words, the system creates an estimate of the environmental and hardware conditions in which the user is located.

Preferably, the detection and comparison step is designed to verify that the detected conditions are consistent with the expected ones.

The method also includes a step that selects a security level based on the comparison. In other words, the method loads a security level based on the detected environmental and hardware conditions that is compatible with a security level required by a user or service provider.

Preferably, if it is not possible to select a compatible security level, the verification method further includes the step of detecting one or more environmental data in order to improve the detected environmental conditions.

Preferably, if the environmental conditions are known a priori, it is possible to define a more accurate and stringent safety level.

The method also provides for performing, depending on the selected security level, a user authentication operation in order to obtain authentication data associated with the user, a space in which the user is located and/or a user device on which the authentication system is installed or installable.

The method also involves extracting a plurality of features from the authentication data.

Preferably, the authentication operation execution step is achieved by proposing to the user one or more actions to be performed to obtain specific authentication data and/or specific characteristics.

Features relate to actions performed by the user, details about the space the user is in, and how authentication data is obtained from the authentication system.

The method also compares the features with a predetermined number of environmental verification parameters. The predetermined number of environmental verification parameters is selected based on the confidence level. In other words, the method loads the number of queries needed to meet the required confidence level.

The method also analyzes environmental data, authentication data, and features during the feature comparison to identify an anomaly among the environmental data, authentication data, and features. In other words, the method defines "liveness modules" to be executed during the authentication (or challenge) operation or during the feature comparison to ensure that the obtained data is authentic and not specifically generated to meet the environmental verification parameters.

Preferably, the feature extraction step is achieved by combining two or more features to obtain complex features with which to perform the comparison step with the environmental verification parameters.

Preferably, the combination of features also allows for a reduction in the number of environmental verification parameters to be compared and/or the number of actions to be carried out.

Preferably, the comparison step is accomplished by assigning a weight to the environmental verification parameters and selecting specific environmental verification parameters based on an overall weight required by the selected security level.

Preferably, the verification parameter weighting step allows you to define a minimum threshold level for each environmental verification parameter (or query) in order to determine a minimum level of security to be guaranteed.

Finally, the method authenticates the user if the comparison satisfies the environmental verification parameters and if the analysis reveals no anomalies among the environmental data, the authentication data, and the characteristics.

The specified technical task and the specified purposes are further achieved by an authentication system comprising means for obtaining environmental data and authentication data and a processing unit configured to perform one or more of the steps of the above method.

In general, it should be noted that in this context, the processing unit is presented as being divided into distinct functional modules (memory modules or operating modules) for the sole purpose of clearly and comprehensively describing its functionality.

In reality, this processing unit may consist of a single electronic device, appropriately programmed to perform the described functions, and the various modules may correspond to hardware entities and/or software routines that are part of the programmed device. Alternatively or in addition, these functions may be performed by a plurality of electronic devices on which the aforementioned functional modules can be distributed.

The processing unit may also use one or more processors to execute the instructions contained in the memory modules.

The specified technical task and purposes are further achieved by a computer-readable storage medium comprising instructions that, when executed by a computer, cause the computer to perform the above-mentioned user verification method.

Preferably, a computer program (stored on the storage medium) includes instructions for being run on the system including one or more of the features described in this specification.

In one embodiment, the computer program is stored in a memory of the user interface device.

In one embodiment, the computer program is stored remotely. In this embodiment, it is a "SAAS" (Software As A Service) computer program, meaning it is configured to be implemented only when there is an Internet connection.

Brief description of the drawings

Further features and advantages of the present invention will become clearer from the indicative, and therefore non-limiting, description of an embodiment of a verification method, an authentication system and a storage medium readable by an electronic computer.

This description will be set out below with reference to the attached drawings, provided for indicative purposes only and therefore not limiting, in which: - figure 1 is a schematic representation of the method which is the object of the present invention.

Detailed description of the invention

The present invention relates to a method of verifying a user in an authentication system 1.

The present invention also relates to an authentication system 1 capable of implementing the aforementioned method.

The authentication system 1 comprises means 2a for acquiring environmental data and authentication data and comprises a processing unit 2b (e.g., a microprocessor) configured to perform one or more of the steps of the above method.

In general, it should be noted that in this context, the processing unit 2b is presented as being divided into distinct functional modules (memory modules or operating modules) for the sole purpose of clearly and comprehensively describing its functionality.

In reality, such processing unit 2b may consist of a single electronic device, appropriately programmed to perform the described functions, and the various modules may correspond to hardware entities and/or software routines that are part of the programmed device. Alternatively or in addition, such functions may be performed by a plurality of electronic devices on which the aforementioned functional modules may be distributed.

The processing unit 2b may also use one or more processors to execute the instructions contained in the memory modules.

By authentication system 1 we therefore mean the set of hardware and software components that make up a system that regulates access via a user device 2 by a user 3.

User device 2 may include smartphones, personal computers, tablets, smart TVs and other similar devices equipped with audio, video and/or sensor devices of various types (such as, for example, but not limited to, accelerometers, gyroscopes and the like).

The method involves detecting one or more environmental data associated with user 3, a space 4 in which user 3 is located and/or user device 2 in which authentication system 1 is installed or installable.

The method also compares the detected environmental data with expected environmental data. In other words, the method (i.e., authentication system 1) creates an estimate of the environmental and hardware conditions in which user 3 is located. In particular cases, the environmental conditions are known a priori (for example, user 2's device is a fixed terminal inside a bank or a station), and it is therefore possible to verify that the detected conditions are consistent with the expected environmental conditions. The method also selects a security level based on the comparison. In other words, based on the environmental conditions, the method determines a set of rules that determine a minimum level of security that authentication system 1 can guarantee, as will become clearer later in this description. In other words, the method identifies essential characteristics that must be satisfied by the environmental data in order to verify user 3.

The method also provides for performing, depending on the selected security level, an authentication operation 5 of user 3.

Authentication operation 5 allows obtaining authentication data 5a associated with user 3, space 4 in which user 3 is located, and user device 2 in which authentication system 1 is installed or installable.

Preferably, the step of detecting the environmental data and the step of performing the authentication operation 5 are performed by acquiring audio 6a and/or video 6b and/or geolocation data and/or movement data.

In other words, the user device 2 is equipped with environmental data acquisition means 2a. Such acquisition means 2a may include a camera (for obtaining a video and/or an image), a microphone (for obtaining audio), or motion sensors (for obtaining the geographic or motor positions of the user 3).

Preferably, the authentication operation execution step 5 is achieved by proposing to the user one or more actions 5b to be performed to obtain specific authentication data.

Therefore, the authentication operation 5 is a challenge that the method (i.e., the authentication system 1) proposes to user 3 with the aim of collecting the aforementioned authentication data upon entry. For example, user 3 may be asked to slightly rotate user device 2 in order to allow the acquisition of geometric and gyroscopic data relating to space 4.

The method also provides for extracting a plurality of features 7a from the authentication data. The features 7a are related to actions performed by the user 3, to details of the space 4 in which the user 3 is located and/or how the authentication data are obtained from the authentication system 1. Preferably, the feature extraction step 7a is performed by extracting one or more details from an audio, a video, an image and/or from position/movement data of the user 3 or the user device 2. Preferably, the step of executing the authentication operation 5 is performed by proposing to the user one or more actions 5b to be performed to obtain specific features 7a.

7a features (or features) are extracted using Video Analysis, Image Analysis, and Audio Analysis components. These components can leverage a combination of machine learning and computer vision, image processing, and audio processing techniques. Specifically, the modules can interact with each other to reduce processing time and provide more detailed 7a features. For example, the Video Analysis module can provide an estimate of the environmental geometry by leveraging the Image Analysis modules for each frame. In turn, the Audio Analysis module can extract information about the audio background from the provided estimate of the environmental geometry.

Preferably, the feature extraction step 7a is achieved by combining two or more features 7a together to obtain complex features 7b.

In other words, the extracted features 7a can be combined to obtain higher-level features. For example, a segmentation map produced by the Video/Image Analysis modules can be combined with the image textures and the pose estimation of user 3 to obtain a complex feature 7b that describes the geometry and appearance of a body part of user 3 (e.g., the face, a hand, an eye, a mouth, etc.).

The term "segmentation map" refers to an image obtained through an image segmentation process starting from a starting image, that is, an image composed of a set of segments, contour lines, or pixel aggregates capable of completely describing each area of the original image.

The goal of a segmentation map is therefore to classify each pixel of an image according to various criteria, including:

- semantic segmentation that defines the class to which the represented object belongs --e.g. pixels belonging to different people in a photograph all have the same value, but different from that of the background and other objects;

- instance segmentation that defines, for each pixel, the object to which this pixel belongs --e.g. pixels belonging to different people in a photograph all have different values;

- "panoptic" segmentation which combines semantic and instance segmentation.

The method also includes the step of comparing the characteristics 7a with a predetermined number of environmental verification parameters 8. The predetermined number of environmental verification parameters 8 is selected based on the security level and determines the essential characteristics that must be satisfied in order to verify the user. The environmental verification parameters 8 (or query) are a well-defined request regarding a characteristic 7a to be verified in one or more input data and require a probabilistic response determined by a mathematical model.

For example, an environmental verification parameter 8 could be evaluating whether the input image is static or not, whether space 4 is closed, or whether user 3 is in a context consistent with the time and place where user 3 is located, or whether user 3 has spoken by moving his lips.

Other environmental verification parameters 8 may be related to whether user 3 moved his lips, whether the geometries in the background are consistent, whether user 3 blinked, whether user 3 moved his head, whether the image during acquisition is too still and other similar parameters.

The introduction of additional environmental verification parameters 8 offers the possibility of increasing the security level of the authentication system 1 in the face of more technologically advanced attacks. Therefore, based on the environmental data collected and the comparison, a suitable security level is selected which may require, depending on the context, more complex environmental verification parameters 8 and therefore the need to obtain the complex characteristics 7b.

For example, if authentication system 1 is installed and functioning in a portable electronic device (e.g., a smartphone), user 3 has the physical ability to hold the device, and user 3 is not facing a flat background, the security layer will require checking whether user 3 is in an enclosed space and whether the context is consistent with the time and location of user 3.

Preferably, the comparison step is achieved by assigning a weight to said environmental verification parameters 8 and selecting specific environmental verification parameters 8 based on an overall weight required by the selected safety level. In other words, it is possible to define a minimum threshold level for each environmental verification parameter 8 in order to determine the minimum safety level that must be guaranteed.

Therefore, the responses (resulting from the comparison) to the environmental verification parameters 8 are provided in the form of probabilities calculated given the input features 7a (or complex features 7b). The method therefore involves assigning a weight or minimum response threshold to each environmental verification parameter 8 based on the security level. The minimum threshold is essential, for example, for the environmental verification parameters 8 relating to the presence of a face. The responses of the features 7a are combined according to a mathematical model and a final threshold that determines a final decision regarding the authentication of user 3.

The method also includes the step of analyzing, during the comparison of features 7a (i.e., the complex features 7b), the environmental data, the authentication data, and the features 7b in order to identify an anomaly among the environmental data, the authentication data, and the features 7a. In other words, the method involves verifying that the data input to the authentication system 1 is real using liveness modules.

Preferably, the anomaly analysis and identification step is achieved by performing a further authentication operation 5 in order to obtain further authentication data or further characteristics 7a (or 7b) to compare with the previously obtained authentication data or with the previously obtained characteristics 7a (or 7b). In other words, this Content Verification module requires user 3 to re-propose specific content proposed by the authentication system 1 during the authentication phase. This category of modules is designed to protect the system from "recording" attacks, since it requires re-proposing dynamic content or solving a simple challenge that requires an ever-changing interaction from user 3.

Preferably, the anomaly analysis and identification step is achieved by verifying synchrony between the acquired audio and the acquired video. For example, the method involves verifying the synchrony between the lips of user 3 and the spoken words, or the position of device 2 in the surrounding space 4 obtained by cross-referencing the estimate of the environmental geometry obtained from the video with position data obtained by user device 2, for example, from device 2's gyroscope.

Preferably, the anomaly analysis and detection step is performed by verifying that the environmental data and authentication data are not generated using generative AI models. In other words, the method verifies that the acquired video is actually captured by a camera and is not a video generated by the aforementioned generative models. The modules therefore verify the realism of the input image.

Preferably, the anomaly analysis and detection step is accomplished by comparing video frames with each other, analyzing a user 3 motion pattern, and/or image textures.

Preferably, the anomaly analysis and detection step is accomplished by verifying that the audio is consistent with the video by analyzing background noise and obtaining data from the user device 2.

Preferably, the anomaly analysis and detection step is accomplished by verifying that environmental data and/or authentication data have not been injected into the user device 2.

The method finally requires the step of authenticating user 3 if the comparison of characteristics 7a satisfies the environmental verification parameters 8 and if the analysis does not reveal any anomalies between the environmental data, the authentication data, and characteristics 7a (or 7b). In other words, the method returns a result 9 relating to successful authentication or authentication refused.

If authentication is successful, it means that a predetermined number of environmental verification parameters 8 have been confirmed and that the analysis has not revealed any anomalies.

In case of refusal, it is possible that some environmental parameters have not been confirmed and/or that the analysis has revealed anomalies considered critical and significant of an attack on the authentication system 1.

The present invention further relates to a computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to perform the above method of verifying a user.

The present invention further relates to a computer program comprising instructions for performing the above user verification method when the program is executed by a computer or processing unit 2b.

Advantageously, the present invention is able to overcome the drawbacks that have emerged from the prior art.

Advantageously, the present invention features high robustness and safety.

Advantageously, the present invention provides a modular system that can be configured according to the user's needs, the context of use and the available computational power.

Advantageously, the 8 environmental verification parameters and the modules for detecting an anomaly can be updated as technology progresses.

Advantageously, the method is able to track the 8 failed environmental verification parameters in order to verify which modules for detecting an anomaly are most discriminating for a certain type of attack.

Claims (12)

1. Method of verifying a user (3) in an electronic authentication system (1), the method comprising the steps of: - detect one or more environmental data associated with said user (3), with a space (4) in which said user (3) is located and/or with a user device (2) in which said electronic authentication system (1) is installed or can be installed; - compare said detected environmental data with expected environmental data; - select a security level based on the above comparison; - perform, in function of said selected security level, an authentication operation (5) of the user (3) in order to obtain authentication data (5a) associated with said user (3), with a space (4) in which said user (3) is located and/or with a user device (2) in which said authentication system (1) is installed or installable; - extract, from said authentication data (5a), a plurality of features (7a), said features (7a) being related to actions performed by the user (3), to details of the space (4) in which the user (3) is located and/or how said authentication data (5a) are obtained from the authentication system (1); - compare said characteristics (7a) with a predetermined number of environmental verification parameters (8), said predetermined number of environmental verification parameters (8) being selected as a function of said safety level; - analyze, during said comparison of characteristics, the environmental data, the authentication data (5a) and said characteristics (7a) in order to identify an anomaly between said environmental data, said authentication data (5a) and said characteristics (7a); - authenticate said user (3) if from said comparison said characteristics (7a) satisfy said environmental verification parameters (8) and if from said analysis no anomalies have emerged between said environmental data, said authentication data (5a) and said characteristics (7a). 2. Verification method according to claim 1, wherein the step of detecting environmental data and the step of performing said authentication operation (5) are performed by acquiring audio (6a) and/or video (6b), and wherein said feature extraction step (7a) is performed by extracting one or more details from an audio, a video and/or an image. 3. Verification method according to claim 1 or 2, wherein said environmental data comparison step is achieved by assigning a weight to said environmental verification parameters (8) and selecting specific environmental verification parameters (8) as a function of an overall weight required by the selected security level. 4. Verification method according to one or more of the preceding claims, wherein said feature extraction step (7a) is achieved by combining two or more features (7a) together in order to obtain complex features (7b) with which to perform said comparison step with the environmental verification parameters (8). 5. Verification method according to one or more of the preceding claims, wherein said step of executing the authentication operation (5) is achieved by proposing to the user one or more actions (5b) to be performed to obtain specific authentication data (5a) and/or specific characteristics (7a). 6. Method according to one or more of the preceding claims, wherein said step of analysis and identification of an anomaly is achieved by performing a further authentication operation (5) so as to obtain further authentication data (5a), or further characteristics (7a) to be compared with the authentication data (5a) previously obtained or with the characteristics (7a) previously obtained. 7. A method according to claim 2, wherein said step of analyzing and identifying an anomaly is performed by at least one of the following: - checking for synchronization between the acquired audio and the acquired video; - estimating an environmental geometry obtained from the video and from position data obtained through the user device (2); - verifying that said environmental data and said authentication data (5a) are not generated using generative models. 8. Method according to claim 7 when dependent on claim 2, wherein said step of analysis and identification of an anomaly is realized by comparing the frames of said video with each other, analyzing a movement pattern of the user (3) and/or the textures of the image. 9. The method of claim 2, wherein said step of analyzing and identifying an anomaly is accomplished by verifying that the audio is consistent with the video by analyzing background noise and obtaining position data from the user device (2). 10. Method according to one or more of the preceding claims, wherein said step of analysis and identification of an anomaly is performed by verifying that the environmental data and/or the authentication data (5a) have not been injected into the user device (2). 11. Authentication system (1) of a user, the system comprising: - acquisition means (2a) configured to detect environmental data associated with the user (3), a space (4) in which the user (3) is located and/or a user device (2) in which the electronic authentication system (1) is installed or installable; - a processing unit (2b) configured to: ? compare said detected environmental data with expected environmental data; ? select a security level based on said comparison; ? perform, based on said selected security level, an authentication operation (5) of the user (3) in order to obtain authentication data (5a) associated with said user (3), with a space (4) in which said user (3) is located and/or with a user device (2) in which said authentication system (1) is installed or installable; ? extract, from said authentication data (5a), a plurality of features (7a), said features (7a) being related to actions performed by the user (3), to details of the space (4) in which the user (3) is located and/or how said authentication data (5a) are obtained from the authentication system (1); ? compare said characteristics (7a) with a predetermined number of environmental verification parameters (8), said predetermined number of environmental verification parameters (8) being selected as a function of said safety level; ? analyze, during said comparison of characteristics, the environmental data, the authentication data (5a) and said characteristics (7a) in order to identify an anomaly between said environmental data, said authentication data (5a) and said characteristics (7a); ? authenticate said user (3) if from said comparison said characteristics (7a) satisfy said environmental verification parameters (8) and if from said analysis no anomalies have emerged between said environmental data, said authentication data (5a) and said characteristics (7a). 12. A computer-readable storage medium comprising instructions which, when executed by a computer, cause the computer to perform the method according to one or more of claims 1 to 10.