Recent technology advances, including for the authentication process, have proven to be a double-edged sword. AI algorithms help with everything from cancer screenings to wildlife conservation. Yet, the same tools that enable positive life-changing experiences can also provide fraudsters new tools and capabilities. For example, the methods used for identity theft are becoming increasingly sophisticated. Malicious actors can combine personally identifiable information (PII) from various sources to create a synthetic identity or use deepfakes to mimic real people.
To stay one step ahead of fraudulent actors, organizations are turning to biometric authentication as the next evolution of identity security. Each time someone opens their smartphone with a face identification tool, they’re using facial recognition software, a form of biometric authentication. Other companies have begun to use behavioral biometrics, which analyze user behavior patterns, like mouse clicks or account-login frequency to identify potentially fraudulent behavior. These tools add layers to identity-verification processes, making it harder for criminals to impersonate others.
Another form of biometric authentication is also becoming increasingly popular. Voice biometrics use an algorithmic template of a person’s voice to authenticate their identity and, like other biometric modalities, provide a more robust way to verify someone is who they say they are. With the voice recognition market projected to reach a size of more than $27 billion by 2026, and especially as the technology behind voice biometrics evolves, more organizations can consider adding voice authentication to their identity-proofing arsenal to replace outdated authentication methods like usernames & passwords.
How do voice biometrics work?
Have you ever set up a voice-activated personal assistant? That’s voice biometrics in action. When you first record your voice, you’re allowing Siri or Alexa or other virtual assistants to capture a sample of your voice. Behind the scenes, the voice assistant uses a litany of algorithms to create a biometric engine. Once recorded, your voice makes its way through that engine, allowing the voice assistant to make an initial “enrollment” voice template, or a “voiceprint” from your recorded sample. Many voice biometric tools today combine several templates from your speech to improve recognition accuracy. The next time you unlock your phone through speech, the biometrics engine captures a new sample and compares it against the enrollment template.
This identity-authentication method is known as “speaker verification.” Speaker verification creates a one-to-one match between the sample you give in real time and your enrollment template. By matching the two samples with a voice recognition system, the engine verifies that you are you.
Another way that biometrics engines use voice recognition is through “speaker identification,” a one-to-many arrangement. The speaker identification process compares a voice sample from an unknown person to multiple enrollment voiceprints. The process works by matching the speaker’s voice sample to one of a set of voice templates. Speaker identification is a bit trickier for every business to use, as there are limits to its accuracy. However, advancements in artificial intelligence and its underlying technologies are improving the accuracy of both one-to-many and one-to-one voice biometrics engines.
Voice biometrics engines work because they use unique physiological qualities, like speech patterns, to prevent identity fraud. Unlike authentication methods like passwords or PINs, voice authentication tools don’t rely on inputs, such as a secret code. Instead, this layer of security authenticates who is speaking.
There are a number of inherent benefits to using voice biometrics and a voice recognition system. It’s much harder for fraudsters to imitate someone else when they need a consistently accurate voice recording. Voice biometrics cannot be forgotten or stolen. And voice biometric authentication provides heightened security without compromising on the customer experience, because it provides a simple and intuitive usage pattern. As with any technological solution, voice biometrics comes with its own challenges, but companies that approach voice biometric technology thoughtfully can shore up their data security protocols and improve the customer experience at the same time.
Voice biometrics are a shoo-in for modern security best practices
Voice biometrics provide a strong defense against conventional fraud vectors. However, implementing biometrics as a customer authentication method requires understanding that fraudsters also have access to the same advancements in artificial intelligence and voice verification.
Advances in machine learning and recording technology have made voice biometrics more convenient, in part by reducing the length requirements of voice samples and increasing recognition accuracy. Criminals are also tapping into those innovations to create high-quality deepfakes that mimic a human voice and can trick both humans and voice matching engines alike. The good news is that speech-recognition technology integrates well with other forms of identity verification, like liveness detection which uses a separate set of algorithms to analyze whether the audio source is live or reproduced. Combining voice biometrics with liveness-detection technology helps improve identity recognition by distinguishing between a live human voice and a recorded or synthetic version of someone’s voice.
One other challenge to widespread voice biometric authentication is that it isn’t ideal for all environments, since ambient noises can impact the quality of the sample and the engine’s ability to match that sample accurately. Still, technological advancements, all-to-frequent password and credential data breaches, and customer expectations for a smooth customer experience are paving the way for security tools like voice biometrics to become commonplace soon.
Voice biometric authentication makes for a smooth customer experience
Although companies must implement voice biometric authentication alongside other modalities, like liveness detection, this form of biometric security is still a vast improvement over traditional password and credentials-based security. Voice-recognition biometrics are more secure than passwords and they improve data security while simultaneously removing friction from the customer experience.
Consider a typical multi-factor login experience. You enter your password, and then the service provider asks you to answer a security question, or enter a one-time code sent to your mobile device. The reality is that fraudsters can easily find personal information online which can be used to guess the answers to common security questions, like your mother’s maiden name, or the first street you lived on. They can also intercept one-time passcodes, or even clone your mobile device with SIM card swaps. In addition, these step-up techniques slow down the customer login experience, and do nothing to mitigate the risk of the actual credentials being forgotten, misplaced, or stolen.
Incorporating a voice biometrics solution into the customer authentication process removes friction from the customer experience and fits in nicely with current customer preferences.
Consider that 63% of customers called service providers last year and prefer calling over all other customer-service channels. Younger customers in particular are used to issuing voice commands to many of their devices. In the United States, 46% of people believe biometric identifiers have improved their lives.
Companies are clamoring for new ways to create seamless customer experiences built around these preferences. Nearly seven in 10 organizations want to allow digital customer verification and shopping history without using live agents, but only 38% can currently do so. So why not make voice recognition the heart of customer-service conversations? Voice biometrics can improve data security, create a seamless experience, and allow companies to meet customers where they’re comfortable: having conversations.
Is an on-device or third-party voice biometrics implementation right for my company?
When companies decide to incorporate speech-based verification measures, they have two major options for implementation, on-device authentication and third-party authentication. Smart devices use on-device biometric authentication to enable passwordless sign-in, often through face detection or fingerprint recognition. Or, in the case of voice assistants, devices capture voice patterns and use them to authenticate user requests. On-device authentication may not work in all industries, however.
When biometric authentication fails, most mobile devices revert back to password or PIN entry. These authentication measures are easier for criminals to bypass. Organizations in heavily regulated industries like financial services, with stringent know your customer (KYC) requirements, cannot stop at on-device authentication. These types of organizations might instead look at third-party authentication.
Third-party biometric authentication offers companies a platform-agnostic speaker-verification solution. In this arrangement, the third party is the mobile application or online customer experience workflow. When a customer logs in using biometric verification, the app or workflow matches that information with a template stored in the cloud. Even if a device is lost or stolen, criminals accessing the device will not be able to gain access to the victim’s accounts.
Many third-party solution providers also offer companies tailored control over customer enrollment and configuration. With these kinds of controls, organizations can also decide if they’d like to employ additional modalities alongside voice biometrics to meet risk tolerance or business requirements.
The time for voice biometrics is now
Voice is playing an increasingly prominent role in the customer experience. We used to only defer to voice communications when contacting a call center. Now, voice is a more common interface. For many customers, voice biometrics are likely to resonate given this preference, as well as inclinations for personalized, seamless and humanlike customer service. Voice biometrics answers this call by offering fast, frictionless and highly secure access for a range of use cases, including call center interactions, online applications, smart devices and chatbots.
What’s more, innovations in the field of AI have made voice biometric algorithms faster, more efficient, more accurate and more sophisticated in the service of fraud detection. Even as fraudsters lean into deepfakes, the technology behind voice biometrics is evolving to detect voice patterns, cadence, and intensity, as well as behavioral attributes, such as inflections and accents.
For most organizations the question of voice biometrics is one of “when?” rather than “if?” Forward-thinking companies can begin integrating biometrics into their user interactions today to get ahead of the competition.
Mitek launching MiPass with advanced biometric authentication
If you’re one of those forward-thinking companies, Mitek’s MiPass solution offers multi-modal passwordless authentication using face and voice biometrics for a myriad of use cases. MiPass uses a sophisticated combination of biometrics that are extremely difficult to falsify – face recognition, voice verification, and liveness detection — to strengthen trust in your customers’ real-world identities. MiPass can help you increase security and customer experience by replacing passwords and one-time passcodes with biometric authentication that you can easily embed into your existing platforms and customer workflows.
Check out the new Gartner report: Market Guide for Identity Verification for more on digital identity and fraud prevention: