Your voice is your new password

Voice biometrics replaces PINs, passwords and multiple identification questions and is touted to provide a higher level of security

 

04 Apr 2018 . 209,546 Views

The rise of identity theft coupled with the desire by companies to proactively secure client data has witnessed a surge in use of voice biometrics.

Voice biometrics, (sometimes called voice authentication) is a type of user security that uses a customer’s voice, relying on the fact that vocal characteristics, just like fingerprints and people’s irises (eyes), are unique for each individual.

While voice biometrics can be used alone to provide secure authentication via “voiceprints”, it can also best be deployed as part of a two-factor authentication process, where a user knows a stored pin or password but also has a second prompt feature to authenticate his/her identity. This provides an extra layer of security for sensitive information .

The advantages of voice ID were best summed up by Safaricom Director of Strategy and Innovation Joe Ogutu, when launching the company’s voice biometric facility dubbed ‘Jitambulishe’ in December last year.

“Our contact centre agents spend a greater portion of their call time verifying customers over phone. The introduction of this service will ensure that customers get faster and more accurate services. We anticipate that the number of fraud incidents shall also reduce as a result,” he said.

‘Jitambulishe’ allows customers to use their voices for authentication before accessing assisted services such as resetting M-PESA PIN, and PUK, significantly cutting down the steps a customer goes through before they are assisted.

To activate the service, the customer’s voice patterns are captured and used to create a unique “voiceprint”, which is stored as a secure string of numbers and characters. These attributes help identify and verify callers when they call the customer care desk.

Though the explosion of voice ID as a security feature is pretty much recent, the first instance of Voice ID use dates back to 1867, when Alexander Melville Bell, the father of telephone inventor Alexander Graham Bell, started researching on voice security factors and invented Universal Alphabetics.

This system made it possible to transcribe what a person says and how they said it by replicating the position a mouth makes when speaking a certain speech pattern.

Voice biometrics works by retrieving three aspects of one’s speech. First is ‘What you are saying’, which is retrieved using automatic speech recognition technology. Second is ‘How you speak’, which involves language, accent and speaking style.

This is the information used by linguists and phoneticians to identify a speaker, their culture and mood. Third, the most important information from ones voice is through the vocal tract: Basically the shape of ones larynx, mouth and nose. This information is particular to an individual and cannot be changed or disguised and is not dependent on language. This is the fundamental basis on which voice biometrics works.

Dr. Luka Wandanje, a linguistics instructor at GEMS Cambridge International School, says most people mimic others and can be extremely good at the art of voice deception, but can never change the deployment of vocal tract abilities.

“When one is born, just like with the finger prints or iris, which are never same across individuals, the voice tract also remains same and particular to an individual. When I speak in my native language, or English, I alter my intonation or pitch, but if I have my voice captured on a biometrics tool, I won’t fool it, because the waves of the vocal tract when speaking cannot be changed”, he says.

“Because of the permanent characteristics a biometric tool measures, it cannot be fooled into thinking it is another person. Not even a cold or flu can alter this,” he adds.

During enrollment into the voice biometric system, one’s voice is recorded, creating what is called a voiceprint for comparison with samples taken for user identification.

To enhance the security of stored samples, one may be asked to repeat pre-recorded voiceprints randomly and this is what the system uses to proof a request for entry.

Martin Kinyua, an anti-fraud officer at ENG Systems says most cases of banking fraud are trail based meaning, stolen passwords, signatures and electronic theft.

“If banks embrace voice fingerprints, the return on investment will be worth the pain,” he says. “The best thing about voice ID is that it can be single factored in authentication meaning, for one to lose information, it would require loss of more than one issue of authentication – which is rare,” he adds.

The use of voice ID has also seen the rise of the voice assistant, with Amazon’s ubiquitous voice assistant, Alexa, taking top honors. So ingrained in the E-commerce world is Alexa that JP Morgan Chase bank uses it for trades. Other areas that voice ID can be used include, Wire Transfer, Government Immigrant Check-in, Customer Service Authentication and Employee Workforce Management Check-in.

Critics however are keen to point out that voice biometrics is not fool proof. Citing examples such as lack of accuracy or partial capture of data and binding which oft leads to system failure and which is irreversible.

Podcasts

Social Feed

  • Safaricom Newsroom @SafaricomNews
    Discover what makes Masoko’s Minal Pattani tick. Read her story here https://t.co/YLgMqZ5U3L. @MasokoKe https://t.co/OnrRIvRO9V
    #SafaricomNews
  • Safaricom Newsroom @SafaricomNews
    M-TIBA is using the mobile phone to increase access to affordable medical care. Listen as Bridgit shares her story… https://t.co/cE12XK6FQl
    #SafaricomNews
  • Safaricom Newsroom @SafaricomNews
    M-TIBA is a simple tool that is revolutionizing how Kenyans save & pay for quality healthcare. In this week’s podca… https://t.co/u6sqalrB3R
    #SafaricomNews