I know I’m slightly late to the game when it comes to voice recognition technology, but I was intrigued when I came across a mobile banking app by Dutch bank ING, which they launched about a year ago. This app uses a voice enabled security and payments system, which makes it possible for its clients to check their balance or make mobile payments using their voice. In order to log in, users will have to say a short phrase which the banking app then matches to a sound file stored on the user’s phone.
The underlying claim here is that the shape of a user’s vocal cavities and the way a user moves her mouth means that speech can be more unique than a fingerprint. Nuance, a US based biometrics company, has developed technology that analyses a user’s voice “for hundreds of unique characteristics that are then compared to the voiceprint on file.”
Instead of having to remember 15,000 different passwords or related security questions — you should be able to tell my frustration with existing security measures here — Nuance aims to do away with all this by matching the user’s voice to a stored voiceprint. This can be either passively, whereby the user can say anything to enable the matching or actively, whereby the user is asked to recite a specific passphrase. As a result, authentication should become a lot easier and less stressful for the user.
From the perspective of a bank like ING or any other company, voice-based security mitigates the risks inherent in knowledge-based security. Four-digit PINs or event digital fingerprints can be easily compromised, for example when a person is attacked. Passwords and security questions can be successfully answered with simple web searches of the account holder.
In contrast, it’s much harder to compromise voice biometrics. A voiceprint is a hashed string of numbers and characters, which means that it’s pretty meaningless to a fraudster. Even more so, each time a hacker tries to speak with a call centre or a mobile app, their own voiceprint will be left behind which can then be used to proactively keep them out of the system.
Thinking of mobile payment giants like WeChat (see Fig. 1) and M-Pesa (see Fig. 2) and the rapid raise of in-app payments, I can see voice-based see voice based technology taking great a great flight over the coming years.
Fig. 1 — WeChat screenshot — Taken from: http://www.digitalstrategyconsulting.com/intelligence/2014/08/wechat_adds_virtual_payments_to_messaging_app.php
Fig. 2 — “How to get started with M-Pesa” — Taken from: https://www.vodacom.co.tz/mpesa/consumers/getting_started
Main learning point: I know that voice recognition isn’t yet where it needs to be in certain cases, but I can see how voice-enabled security and payments can provide a secure and seamless user experience, especially compared to issues related to the current knowledge based approach to passwords and security.
Related links for further learning: