Dynamic security system and method, such as for use in a telecommunications system

Abstract

Rather than employing simple static personal identification numbers (PINs) that are susceptible to hacking, the disclosed security system provides multiple levels of security that may be selected by a user, based on his or her particular level of sensitivity at any given time or with respect to any given data. One level employs an algorithm that changes values, where the algorithm is known by the user. For example, the algorithm may be a series of digits based on the following: hour of day, day of week, quarter of the year, a.m. or p.m., day of the month, and month of the year. If the user knows the order of such, the user can readily generate the appropriate numeric code corresponding to the current time, and since the time continually changes, the code necessarily changes likewise. Another level sends a random part to a user, such as over their pager or phone, which they append to some user-defined, fixed portion of their PIN, or used in addition to their PIN. Another level or method requires the user to interact with a series of predetermined questions that each require a numeric response. The order of the questions would be scrambled each day, or periodically, to help change the user's response to improve security and employ questions that typically only the user would know. Another level of security employs voice fingerprinting or voice pattern recognition. Yet another level employs a N by M matrix of random numbers, from which a user selects numbers from predetermined positions to generate a current security code. Various levels of security may be performed on the server, and are based on user's selections, thus eliminating the need for special hardware.