Their Voice, Your Identity: Proper Authentication in Biometrics


Theres no doubt that there is a lot of really innovative and cool technology in our world.Prior to working with EVS, I worked in telecommunications.I used to love the opportunity to play with the latest and greatest mobile gadgets on the market.When I see a phone screen that scrolls based on the movement of my eyes, I think its a little freaky and really awesome all at the same time.Theres no doubt that things that were once only imagined in movies, are becoming a reality today.

It is also great to see this type of innovation and ingenuity in the fraud prevention industry.A method of verification that is becoming increasing popular, and will continue to experience rapid growth, is voice biometrics.Essentially, a biometrics company will do an analysis of an individuals voice to identity their specific speaking patterns and unique differentiators.This voice information is then stored so that the users voice can be authenticated in the future to login to their account or access a software platform.There is no doubt that this technology is cutting edge, and it appears to be much more secure than the traditional username and password combo that customers are accustomed to in putting.

An issue that companies struggle with is how to authenticate that a voice belongs to a user at the point of enrollment or account creation.To assess this problem, many companies will do a verification of the users information before they take a sample of their voice, so a user will login and input their name, address and possibly additional information, such as last four of SSN or DOB.The company may then use a third party identity verification company, such as EVS, to ensure that the information is accurate.If the information is accurate, the user will then move forward with voice biometrics.While I applaud companies for taking a step towards fraud prevention, I think there is a still a gaping hole in the process.

What happens if John Doe gets my name, address and SSN and provides all valid information?ABC Company then allows them to login to my account, not only at point of enrollment, but on a continual basis, via his voice.This situation could be avoided if proper authentication was included at the very beginning of the process.I would recommend a solution called Dynamic KBA (Knowledge Based Authentication) or out of wallet questions, that could be posed at account creation.These are simple, non-intrusive questions that only the user could answer to validate their identity, and at the same time, it would bridge gap in verification and authentication.It protects the user from potential identity theft and helps to protect the company from lost revenue.

[Contributed by Shea Allen, Account Specialist]