Authentify Voice Biometric Applications

A voice biometric is a numerical model of the sound, pattern and rhythm of an individual’s voice. A voice biometric or "voice print," is as unique to an individual as a finger or palm print. Any Authentify application that employs a voice channel during the Authentify session is able to add voice biometric authentication for even higher levels of authentication and security.

Why is Voice a Good Fit for Biometric Authentication?

Authentify developed a process using voiceprints as a biometric to deliver extremely effective authentication results. While all physical traits used for biometric authentication posses both advantages and disadvantages, the use of a voiceprint presents several advantages in scenarios where biometrics are being used to authenticate online users. Voiceprints are difficult to forge, reliable, easy to use, offer information delivery options, and they produce a detectable audit trail.

A speaker’s voice is extremely difficult to forge for biometrics comparison purposes, since a myriad of qualities are measured ranging from dialect and speaking style to pitch, spectral magnitudes, and format frequencies. The vibration of your vocal chords and the patterns created by the physical components resulting in human speech are as distinctive as fingerprints.

Attempts to impersonate a voice or provide voice recordings to gain fraudulent authentication fail due to the distinctive details of the voiceprint used for comparison. While voice impersonations may sound like an exact match to the human ear, detailed, mathematical analysis of the print tends to reveal vast differences. Likewise, voice recordings that sound like an exact match to the human ear most often reveal distortions caused in the recording process when measured for biometric authentication purposes.

To further thwart the use of pre-recorded voiceprints, Authentify employs a model of voiceprint comparison known as text independent directed speech. In this model, verification is performed against a phrase that is randomly generated, instead of using a phrase known to the user ahead of time such as an account password. The chances of a fraudulent user able to match the randomly generated phrase and provide a passable voice recording are remote.

Voice Print Reliability

The first step in understanding the reliability of a biometric authentication is to understand what a biometric actually evaluates. The goal, in biometric terms, is to limit a user from accessing an account that is not theirs (a False Positive) while limiting the times a user may be denied access to an account that is legitimately theirs (a False Negative).

It is also important to understand that all biometrics are based on probabilistic measures.

As you may have heard a character in TV courtroom drama claim, “There is only 1 chance in 28 million that this DNA belongs to someone else,” he or she is pointing out the chance of error associated with probabilistic measures. This is true of all biometrics. In practice, a biometric is a mathematical model of a physical characteristic. As with all mathematical models there is always a small error introduced in the translation of the physical measure to the digital representation. In the case of biometrics, the analytical part of the “process” is comparative. How closely does the new instance of the biometric model match the original instance of the biometric model, and what is the probability that the origin is the same? If the two samples match exactly, it is likely a fraudulent sample as the introduction of mathematical error would cause minor variation.

Any process that uses biometrics can be tuned to raise or lower the probability level at which a new model is accepted or rejected when compared to the original. This permits you to balance the two types of errors – the false positives and the false negatives. There is a point, referred to as the “Equal Error Rate,” at which, probabilistically speaking, there is an equal chance of being falsely rejected, or falsely accepted. Stronger security will, by design, skew toward greater instances of false negatives. Better to inconvenience a legitimate user than make it too easy for a fraudster.

Some of the same algorithms used for voice biometrics and the associated probabilistic models are also used for fingerprints, Iris scans and other biometrics. It is the day-to-day variation of the particular biometric and how that variation is dealt with in the model that produces different results for voice vs. fingerprints vs. iris scans. Your iris is the least variable of your physical traits. As a result, IRIS scans are the most accurate biometric. Unfortunately, Iris scanning equipment is expensive and not particularly well received by average users. Voice on the other hand has often been cited as the most acceptable of biometrics. People are used to being recognized by the sound of their voice or recognizing others by the sound of theirs.

Voice Biometrics and the Authentify Process

The positive characteristics of voice biometrics compared to other means of biometric measurement contributes to a multi-factor authentication mechanism offering a higher degree of certainty that an acceptance is correct. In fact, scientists at the IBM Watson Research Center have studied an approach similar to that of the Authentify process. They concluded that by requiring users to enroll via an HTML form and a telephony server, employing random directed speech and biometrics - casual impostors would be falsely accepted by the system in less than 0.00001 % of the cases, balanced by a .8% false rejection of the clients. Much better results than can be obtained using biometrics alone.

Voice biometrics also offer an advantage because they are easy to use. End users do not have to install any devices or software to participate in the authentication process. The familiarity of the telephone device makes it possible for users to comfortably interact with the voice biometric application without any additional training.

Perhaps the most unique characteristic of a voice biometric application is its ability to deliver additional information to or from the user. While other biometric devices such as iris and fingerprint scans deliver the biometric measurement alone, the voice component allows information such as new pin numbers or acknowledgement of license agreements to be delivered as part of the voice biometric application. This information delivery capability significantly extends the usefulness of voice biometrics in real world application environments.

Finally, after the authentication transaction is complete, Authentify’s voice biometric application leaves the client with a humanly detectable audit trail. All voice interactions are recorded and the transaction information including call time and result are stored along with the recordings. A strong audit trail proves valuable for analyzing past transactions or answering questions about the validity of completed transactions.

While any biometric authentication returns a probability-based measurement of a physical trait, Authentify has honed the use of voice biometrics to provide a robust authentication tool that harnesses the inherent advantages of voice biometrics such as ease of use, reliability and information delivery capabilities. Beyond these advantages, Authentify’s tool strengthens the authentication process with extended features such as text independent directed speech and a strong audit trail for added security.

Authentify Demos

Authentfy Architecture Overview (pdf)

Multi-Factor
White Paper (pdf)