The human voice can be used as a secure, quick way to identify people, claims Bretislav Beranek of voice-recognition software company Nuance. Beranek claims that voice ID is gaining ground – and could even be used to authenticate users for credit cards.
Writing for tech blog GigaOM, Beranek says, “The human voice is unique, much like a fingerprint. It’s also impossible to forget, unlike a PIN or password, and with us all the time, unlike a key fob security token.”
Beranek admits that voice identification is mainly deployed as part of automated voice response systems and contact centres – but claims that the increasing use of voice identification within those systems will pave the way for wider use of the technology.
Beranek says that voice biometrics will find increasing use in app security – due to customer familiarity with “voice assistants” such as Apple’s Siri.
Siri has been widely used in hacks against Apple devices, according to recent reports, some on We Live Security. But Siri does not use voice biometrics for security – and Beranek predicts this will be a growth area.
“When businesses extend voice biometrics to their mobile apps, they also take advantage of consumer familiarity with virtual personal assistants and other speech-controlled services that people have come to expect on their mobile devices,” Beranek says.
“ These services have helped to make consumers comfortable with the concept of asking their phone – rather than a person at the other end – for information. Combine the convenience and comfort with the proven security, and we quickly see why voice biometrics as an entry point to a mobile app could become an ideal solution.”
Beranek predicts an increasing use of the technology in web environments, and even to secure credit card transactions via phone.
Apple’s use of a fingerprint scanner on its new iPhone 5S has ignited a new debate over biometric security – not to mention some of the most laborious “hacks” ever invented.
Voice biometrics is just one system under discussion. Some researchers believe that systems which continuously monitor behaviors could be even more secure than those which rely on one simple “check”. One day, your smartphone might “recognise” you by the way you walk, the way your fingers tap on a touchscreen – or even simply where you go during the day.
But the idea of a password as a “key” that unlocks a device might soon seem antiquated – researchers around the world are investigating “implicit identification”, where the computer recognises you through your behavior, not by challenging you for a password. Business magazine Quartz describes such systems as “always on” security in an article here.
SilentSense, announced in the wake of iPhone 5, can identify a user within 10 taps of the touchscreen with 99% accuracy, according to Cheng Bo of the Illinois Institute of Technology. The system works with a smartphone’s gyroscope and accelerometer to identify users, and even takes account of their gait as they walk, according to New Scientist.
“While using mobile devices, most people may follow certain individual habits unconsciously. Running as a background service,SilentSense exploits the user’s app usage and interacting behavior with each app, and uses the motion sensors to measure the device’s reaction,” says Bo.
Author Rob Waugh, We Live Security