A British technology company has come up with a voice biometrics solution – Voicekey – that it will promote as a way to secure m-commerce transactions.
Developed from research at Nottingham Trent University, Voicekey has patents pending worldwide. According to the developers, in an increasingly mobile digital age, the need to remotely verify the true identity of an individual in a user friendly manner is becoming ever more necessary.
The company points out that as we move beyond simple mobile applications, that allow remote access to email etc., to more sensitive m-commerce type applications, where we can order goods and make payments on the move so, this need becomes evermore critical.
The Voicekey software extracts key unique features from an individual's voice in order to create bespoke biometric classifiers (voicekeys) that can be stored in a central database or, more preferably, locally on a user’s smartphone devices. This classifier can then subsequently be used to verify the identity of an individual.
In a typical APP version, when first launched a user would enrol within the APP by repeating a simple pattern of words or numbers three times in succession in order to provide a good quality sample of their voice. Bespoke Voicekey algorithms then generate the user specific voice biometric classifier, which after encryption, is stored securely on the mobile phone.
In normal use, the Voicekey APP would then simply prompt the user to repeat a simple random pattern of numbers or phrases. The recorded verification voice sample will then be used, together with stored biometric classifier, to give a yes or no identification of the user.
Voicekey is claimed to have advantages over other verification technologies. These include:
- As the voice characteristics can be selectively stored on a host computer system or on a local device such as mobile phone, Voicekey has flexibility over other solutions that allow it to be tailored depending on the security of the transaction and the business needs;
- Because the biometric classifier is unique to the individual and the challenge phrase can be changed dynamically, the Voicekey technology cannot be compromised by somebody recording and playing back a single recorded phrase of a person's voice;
- With an on-device system in development, Voicekey can also cope with situations where a user is not connected to the internet or has poor reception etc.
Typical applications for the technology include:
- Confirming financial transactions. PINs provide a level of security but are susceptible to capture/fraud – Voicekey offers an alternative for transactions especially where higher values are supported;
- Identifying users contacting call centres. Users and call centre agents spend 22 seconds at the start of every call just verifying the identity of a caller. Voicekey automates this security challenge in order to increase user convenience and save call centre staff time;
- Resetting passwords in corporate environments. Most companies enforce users to change passwords every month, leading to the inevitable “forgotten password” problem. Voicekey has developed an automated solution that can be used to reset corporate passwords once users have been uniquely identified by their voice – streamlining the process, saving valuable IT department time and increasing security and compliance.