Access with voice biometricsAs voice biometrics continue to improve, it will naturally become a form of authentication as all voices have subtle differences, similar to fingerprints. Consumer-facing organisations are already starting to trial voice recognition as a method of authentication. A number of UK banks are seeing the need for this and have introduced new voice related security measures. Voice biometrics is also finding its way into the workplace, with employees being able to access work profiles and systems by simply speaking. But for it to become the norm for everybody, three things need to happen:
(1) Find a way to make voice biometrics unobtrusiveIt’s unfortunate that a large proportion of security systems tend to be obtrusive; take airport screening lines that must be navigated in order to board a flight. It’s an added frustration because the vast majority of passengers are harmless, but have to pay the security toll so the few malicious ones can be detected. Perhaps the biggest promise of biometrics is seamless security. This is especially true of voice biometrics since voice command is increasingly becoming an embedded part of consumer life.
(2) Security needs to be improvedUnlike passwords, your voice cannot be changed. But, this does not mean that voice biometrics cannot be compromised. There are a number of ways that an attacker can steal a user’s voice. A fraudster could use speech synthesis or an app to impersonate a user. Given enough audio, modern systems can build a voice that sounds very similar to the person being modelled. This cloned voice could not only be used during authentication, but to also carry on a conversation with the agent or system, potentially accessing or compromising more sensitive data.
(3) Future-proof the technologyVoice biometrics must be robust to noise, channel and voice changes over time. The human voice develops as we people age and so voice authentication must continually learn and adapt to the user’s ever changing voice. However, they must be careful not to adapt too easily and learn from the voice of an imposter.
Is there an alternative?Voice biometrics will only be trusted and widely adopted if they become unobtrusive, secure and future-proofed. Even when this happens, the unfortunate truth is that this layer of defence alone is not enough to stop criminals. Voice recognition does help to identify true customers, but fraudsters have many techniques which help them bypass this layer of security. If a fraudster knows a company is using voice biometrics, they will do things specifically to make them fail. To help secure your business, it is essential that all angles are covered. Without multiple layers of security covering all channels, from face-to-face verification, to online and over the telephone, fraudsters will be able to manipulate particular points of exposure. More advanced technology that builds upon some of the security validation foundations of voice biometrics, but introduces multi-factor authentication is Phoneprinting. The technology identifies specific components about each call such as the location a call is coming from, the device, whether it’s a mobile or landline and whether the phone has been used to call the company before. Combined, this can aid in detecting fraudulent activity before it becomes an issue and get us closer to the Hollywood vision we’ve be enjoying for the last 50 years.
Matt Peachey is VP and GM for International at PindropImage: Shutterstock
Share this story