Voice authentication is a biometric method of speaker recognition based on measuring the distinctions in individual voices to uniquely identify users.
Instead of a password, which might be forgotten or not strong enough to ensure security, voice authentication allows people to use their voices themselves as passwords. Voice authentication can also be used in conjunction with other methods for multifactor authentication.
The technologies behind voice authentication developed in tandem through developments in speech synthesis and speech recognition, two overlapping fields of study. Study of the structures used to produce speech revealed hundreds of measurable characteristics that are distinct in the voices of individuals. In combination, those metrics make up a unique voice print for each user that is harder to fake than a finger print.
There are two methods used in voice authentication: text-based (constrained mode) and text-independent (unconstrained mode). Text-based modes use scripted words which may also be verbal passwords; the words used can be changed. Text-independent modes can use whatever words are spoken to recognize individuals and thus can be used for surreptitious identification. In each method, the recorded audio waveforms are analysed to pick out hundreds of behavioral and physiological individual characteristics.
Biometrics is the measurement and statistical analysis of people's physical and behavioral characteristics. The technology is mainly used for identification and access control, or for identifying individuals that are under surveillance. The basic premise of biometric authentication is that everyone is unique and an individual can be identified by his or her intrinsic physical or behavioral traits. (The term "biometrics" is derived from the Greek words "bio" meaning life and "metric" meaning to measure.)
There are two main types of biometric identifiers:
Physiological characteristics: The shape or composition of the body.
Behavioral characteristics: The behavior of a person.
Examples of physiological characteristics used for biometric authentication include fingerprints; DNA; face, hand, retina or ear features; and odor. Behavioral characteristics are related to the pattern of the behavior of a person, such as typing rhythm, gait, gestures and voice. Certain biometric identifiers, such as monitoring keystrokes or gait in real time, can be used to provide continuous authentication instead of a single one-off authentication check.
Other areas that are being explored in the quest to improve biometric authentication include brainwave signals, electronic tattoos, and a password pill that contains a microchip powered by the acid present in the stomach. Once swallowed, it creates a unique ID radio signal that can be sensed from outside the skin, turning the entire body into a password.
Biometric verification becoming common
Authentication by biometric verification is becoming increasingly common in corporate and public security systems, consumer electronics, and point-of-sale applications. In addition to security, the driving force behind biometric verification has been convenience, as there are no passwords to remember or security tokens to carry. Measuring someone’s gait doesn’t even require a contact with the person.
Biometric devices, such as fingerprint readers, consist of:
A reader or scanning device.
Software that converts the scanned information into digital form and compares match points.
A database that stores the biometric data for comparison.
Accuracy of biometrics
The accuracy and cost of readers has until recently been a limiting factor in the adoption of biometric authentication solutions but the presence of high quality cameras, microphones, and fingerprint readers in many of today’s mobile devices means biometrics is likely to become a considerably more common method of authenticating users, particularly as the new FIDO specification means that two-factor authentication using biometrics is finally becoming cost effective and in a position to be rolled out to the consumer market.
The quality of biometric readers is improving all the time, but they can still produce false negatives and false positives. One problem with fingerprints is that people inadvertently leave their fingerprints on many surfaces they touch, and it’s fairly easy to copy them and create a replica in silicone. People also leave DNA everywhere they go and someone’s voice is also easily captured. Dynamic biometrics like gestures and facial expressions can change, but they can be captured by HD cameras and copied. Also, whatever biometric is being measured, if the measurement data is exposed at any point during the authentication process, there is always the possibility it can be intercepted. This is a big problem, as people can’t change their physical attributes as they can a password. While limitations in biometric authentication schemes are real, biometrics is a great improvement over passwords as a means of authenticating an individual.
Bring Your Own Authentication (BYOA):
Bring Your Own Authentication (BYOAuth) is a computing concept in which an employee-owned device, such as a key fob or smartphone, can be used to provide authentication credentials within a business environment.
BYOAuth typically requires a standards-based multifactor authentication (MFA) framework that supports a wide variety of authentication technologies, such as fingerprint scanning, voice recognition or iris scanning. If the authentication technology is built into a consumer mobile device, it may be possible for an app to use the device's capabilities to provide an authentication factor.
Because MFA in enterprises can be expensive and require specialized hardware, as well as costly back-end integration, many enterprises are open to the idea of implementing BYOAuth to not only lower MFA implementation costs, but also to foster greater ease of use for employees.