An introduction to voice biometrics

I know who I am, but can I prove it? A person’s identity sits at the very core of their existence. I don’t mean from a metaphysical point of view, but from an everyday, practical perspective.

Our ability to prove our identity governs everything from our ability to go on holiday to accessing our place of work or simply paying our bills. Our identity is a power thing. It has great value. Which is why is has become a valuable commodity for criminals, cyber or otherwise.  It’s no surprise that data breach statistics for the past five years reveal identity theft is the motivation behind over 60% of stolen records.

In a security aware environment, the burden of ’proof of identity‘, naturally, becomes more onerous. That burden becomes greater still when we introduce distance into the equation. A single reference point is no longer enough to prove who we are in many applications. Multi-factor authentication has become the new standard for everything from remote access to business applications to caller identification in contact centres.

Two-factor authentication typically comprises something you know, such as a password or a PIN, and something you own (a mobile phone or a pass card). With the emergence of mainstream biometrics, multi-factor authentication now involves something you are!

Fingerprints have been used as a form of identification since the very end of the nineteenth century. One hundred years later, facial and iris recognition technologies came to the fore, but there are impracticalities associated with all those methods of identification.

If biometrics are to be used for mainstream identification purposes, they need to be used in conjunction with ubiquitous technology. What’s more ubiquitous than the telephone? After all, two-thirds of the world’s population, or 4.8 billion people, own one.

Despite living in a multi-channel world, the majority of contact centre engagements are still via the telephone. It just makes sense to leverage voice as a means of user identification and verification.

Our voiceprint is as unique as our fingerprints. Instead of swirls and ridges, it’s everything from our physicality and idiosyncratic articulatory movements to our dialect or regional accent that makes us sound different.

Our voiceprint is the result of a detailed statistical analysis of all those variables. It is stored as characters encoded in a manner similar to one-way encryption. So, from a security perspective, it’s not possible to recreate (or reverse engineer) a spoken reference from a discrete voiceprint file.

Establishing a voiceprint can take the form of a prompt and response session with a customer, using a pre-determined set of phrases that cover the primary sounds of speech. Alternatively, a profile can be built up over time, during the course of a natural conversation.

Once created, a voiceprint is used as a biometric reference that has significant implications for fraud prevention. Passphrases can be lost or stolen. Whilst it’s possible to lose your voice, it’s much harder to have it stolen.

Find out more information on speaker verification and authentication, check out our Look who’s talking white paper.