Authentication has been a major talking point for the past few years, particularly as the value of data has only increased and security has correspondingly increased in importance. As a result, more secure and reliable means of identity verification have also become more critical. Now, voice authentication is being considered as such a means.
Let’s examine the many variables associated with voice authentication to see how much promise it actually shows.
It may help to specify how authentication in general works, just so we can get a full appreciation of how voice authentication would function.
In any variety of authentication measures, the user provides some kind of proof of identity. If that proof matches the reference that the security system is comparing it to, the user is given access. In terms of voice authentication, the user’s voiceprint of a specific phrase would be compared to the stored copy of what that user’s voiceprint should resemble.
So, if your passphrase was “The rain in Spain falls mainly over the lazy dog,” the system would check for the correct phrase, but also check that the tones and inflections present in the user’s voice matched the patterns in that user’s voiceprint. As a result, voice authentication is typically classified under the “something you are” subset of multi-factor authentication along with retinal scans, facial recognition, or palm scans.
Like any other authentication measure, there are already countless stories of voice recognition being bamboozled, meaning that more work is needed to keep your solutions secured. Hackers have already been able to fool voice authentication using recorded snippets, and have hidden malicious commands in white noise to gain control over voice-activated devices.
Having said that, it is important that we also address that any form of identity authentication is inherently less secure when used exclusively, rather than as part of a multi-factor authentication strategy. Furthermore, voice authentication is now being developed with two fraud-fighting technologies built-in. The first, liveness detection, works to differentiate between a live voice and a recorded one. The second, continuous authentication, does what its name suggests and verifies the user throughout the time they are active. That way, an attacker that just switches back to themselves after using a recorded voice to log in would be caught regardless.
We’ve referenced a few already, but here are a few essential functions that any voice-based authentication system should involve:
So, would you consider implementing voice authentication as an option in your company’s protections—specifically as part of a multi-factor authentication requirement? Are you concerned about the protections you currently have in place? Give us a call, we’ll help ensure that your business is properly secured. Call 724-473-3950 today.
Dan has 25 years of progressive experience in the IT industry. He has led three successful companies focused on small and medium business IT solutions since 1997.