Biometric voice authentication is a great option for specific identity management and sign-on circumstances. Here’s a guide to when and why we recommend and implement voice authentication for clients.
Biometric voice authentication uses your voice to verify account identity. Everybody’s voice is different, based on their own biology (i.e., mouth shape, nasal cavity shape, etc.) and the way they speak (i.e., accents, inflections, learned intonations, etc.) Because of these differences, each voice offers a voiceprint that can be used to identify a user.
Biometric voice authentication relies on creating a “template” of the user’s voice. There are over 100+ elements that can make up the user’s voice template, made up of physical traits, like nasal passages, and learned traits, like pronunciation. Then, when the user submits their voice password for authentication, the new voice recording submission is compared to the template. The voice template can be created actively, by asking the user to speak specific words, or passively, by recording speech over time — like during the course of a conversation.
There are many biometric voice authentication technologies and software developers. Almost all of them can be categorized as Text-Dependent or Text-Independent.
Text-dependent voice authentication requires the user to speak a specific word or phrase. For example, the user may have to say their name, or a specific password phrase. Text-dependent authentication is more common for passwords.
Text-independent voice authentication learns a person’s speech patterns, voice range, and other inflections or intonations to differentiate one user from another. Text-Independent voice authentication is more common for voice command software and services, like your Google Home Assistant or Apple Siri.
Biometric voice authentication is more secure than traditional passwords, but less accurate than other biometric authentication options, like fingerprints and facial recognition. The biggest advantage of voice authentication is that it is fast and frictionless. As part of a multifactor authentication flow, a voice authentication step feels easy to users, whereas remembering a second password or other information may feel cumbersome. That said, while voice authentication may feel easy, as an authentication tool it has several disadvantages in real-world scenarios:
The biggest security threat to voice authentication is voice deepfakes or spoofing — using a recording of the user’s voice as a submission of authentication. This is generally mediated by “liveness detection” software solutions — these tools attempt to isolate synthetically-generated voices.
Yes, in specific circumstances. Biometric voice recognition is a fantastic option if users do not have use of their hands (i.e, driving, etc.) or if they’re unable to type accurately (i.e., driving, very young, vision impaired, etc.) These instances are outliers in Identity and Access Management processes. So, voice authentication tends to be a specialized request — for example, we recently implemented Nexa|Voice for a client.
Biometric voice authentication costs are additive, similar to facial recognition, in regard to implementation and management. Note that both facial recognition and voice recognition may require additional technology investments for users. Why? Users will need a means of submitting their voice for authentication, which is easily, and typically, solved via the user’s mobile phone.
The best voice authentication solutions are evolving quickly. We see improvements being released monthly. So, schedule a free consultation for our latest recommendations. Here are a few of the best voice authentication solutions we consider for our clients:
Obviously, voice authentication requires a connected device with a microphone. Just as importantly, the user must be in an environment that allows them to record/submit their voiceprint accurately. A quiet office or living room makes this simple. However, when a user is on-the-go, in public spaces, or surrounded by others, then submitting an accurate voiceprint becomes difficult.
From a technology stack standpoint, the requirements are similar to any SSO or MFA implementation:
That said, 8 CPU cores and 16-24 GB RAM are recommended.
The most important factor is experience and effective workflow, whether in-person, on-site, virtual, or off-site. That said, we think working with a consultant near you is an advantage. This will allow your consultant to better communicate with existing IT teams, and better understand your current information architecture. A non-local consultant becomes a good option if they follow security best practices, and have an established virtual workflow. Why? Location is less significant when virtual workforce tools are effectively adopted by consultant and client, whether a small business or global enterprise. Plus, on-site specialists can become costly. Bottom line, look for a consultant who offers an excellent communication process, clear workflow, and custom security solution for your business.
Sennovate delivers custom identity and access management solutions to businesses around the world. With global partners and a library of 1000+ integrations, we implement world-class cybersecurity solutions that save your company time and money. We offer a seamless experience with integration across all cloud applications, and a single price for product, implementation, and support. Have questions? The consultation is always free. Email [email protected] or call us at: (925) 918-6618