Auraya's EVA 2.0 now standard with OpenID Connect 1.0
30 August 2019 15:18 GMT

Auraya announces today that EVA is now compatible with OpenID Connect 1.0, providing improved security and reliability for web-based service solutions. EVA is Auraya’s cloud-service voice biometric extension for Amazon Connect that utilises the next generation ArmorVox engine.

EVA can be deployed in Amazon Connect contact centres using AWS Cloud Formation for fast, secure and reliable voice biometric service for telephony and digital channels. The team at Auraya keeps improving EVA to ensure that organisations are provided with unmatched voice biometric capabilities.

Today’s announcement means that EVA now delivers voice biometric enrolment and verification capabilities to all web browsers utilising Open ID Connect 1.0. EVA uses Auraya’s patented process of capturing a voice sample in a HTML5 browser for voiceprint enrolments and verifications.

Voice biometrics can now securely and simply be added to any web site so users can choose to use their voice instead of typing in a password. More importantly, second-factor authentication or stepup security can be delivered seamlessly and securely in any browser or app.

The voice biometric capability delivered by EVA eliminates the need to use clumsy and insecure onetime passcodes using SMS or email. Voice verification also eliminates the requirement for users to carry hardware tokens to authorise risk transactions in digital environments (such as browsers, apps and bots). Voice biometric authentication provides regulated entities with a non-repudiable digital signature that is unique for each transaction that is authenticated.

This provides a seamless and efficient way to comply with the ever-increasing array of regulations and is another tool in the fight against fraud. Further, with the recent addition of OpenID Connect 1.0, EVA ensures security and reliability in a seamless and standards-compliant way.

OpenID Connect 1.0 adds an additional identity layer on top of the well-known OAuth 2.0 resource authorization standard. These standards are now the default way to provide federated trust and single-sign-on functionality across organisations. Organisations can deploy EVA on any standards-compliant platform to securely verify end-user identity and obtain basic identity claims, all without exposing or being exposed to confidential or personally identifiable information.

Since OpenID Connect 1.0 is based on standard APIs, it is proven to be highly secure and extendable to EVA implementations on digital channels such as web browsers and mobile applications. Organisations can enable EVA through HTML5 browser-based, customer-facing solutions such as online banking services via their website.

Customers can confidently log into their account by using two-factor authentication (number identifier like account number coupled with voice biometrics), whether they are accessing the online banking service through a desktop, laptop, smartphone or a bot. This architecture lets organisations improve privacy and security by replacing insecure and clumsy security systems such as one-time SMS tokens.

Further, EVA can be used to securely deploy two-factor authentication to provide non-repudiable digital signatures that are unique for specific transactions that are often mandated for certain types of transactions.