Angelo Gajo | October 21, 2020 | 7 minutes
Web-based applications have become a crucial part of our everyday life with most of us using a web-based app multiple times every day. These web-based applications provide us with the ability to access information and use online services. For example, web-based applications allow users to browse through product offerings, watch product videos, read documents such as terms of services and access banking services online.
Organisations are always trying to make the web-based apps easy to use and personalised to the individual so that they get a great experience. Many of the web-based apps are protected behind security measures such as PINs and passwords to keep the user’s information secure and prevent fraud. However, the problem with using passwords today is that most users have insecure and easy to guess passwords and many use the same password for multiple sites. As web-based applications continue to evolve and expand, better security measures have been explored to ensure that security is strong enough and user experience is not compromised by the security requirements. One way this has been achieved is by using two-factor authentication (2FA) when logging into online services. The most common form of 2FA is sending a one-time passcode (OTP) via email or SMS to the user to input into the login process. Unfortunately, this is a clumsy process with users needing to swap apps on their mobile devices and remember the code and then input the code. Often this process 2FA process is undertaken on the same device which makes the process cumbersome and of course does not increase the security of the login process. If you already have the trusted device in hand, finding then punching in the OTP does not increase the likelihood that the person logging on is, in fact, the account owner.
Voice biometric dramatically improves both the security and user experience in 2FA processes on web apps. Simply displaying an OTP on the login screen and asking the user to say the number whilst activating the device microphone means there is no searching for the code in an email or message which removes complexity. If the person says the right number with a biometrically matched voice then the security system can be assured that the authorised person is in fact logging on using the trusted device.
OTPs usually involves switching between devices to verify your identity (Source: Shutterstock)
Some of the common use cases for web-based applications today include using voice biometrics for authorising digital payments and accessing personalised self-service options on web-based chatbots. With voice biometrics, users are provided with a better option to verify their identity other than PINs, passwords, OTPs and verification email links.
Voice biometric as a 2FA helps mitigate the risks of fraud attempts as voice can not be guessed or brute-forced like passwords or intercepted or phished like verification email links. Users do not have to worry about forgetting their long and complicated passwords and those who prefer to use the same passwords for every platform are provided with a more secure option.
Auraya, a world leader in voice biometric technology, has been a strong advocate for safer and more secure user experience in digital channels via voice biometrics. EVA, Auraya’s voice biometric extension, initially started as an extension for the Amazon Connect platform, allowing customers to implement voice biometric capabilities into their existing Amazon Connect contact centre instances. Today, EVA can be integrated into various channels whether it is telephony or a digital channel such as web-based applications. EVA comes standard with OpenID Connect 1.0, ensuring even better security and reliability for web-based applications. Auraya uses a patented process to capture voice samples on the web, allowing for secure and frictionless voice biometric identification and verification capabilities for the use cases mentioned above.
To reiterate some of the common use cases, using voice biometrics for secure portal login process gives users another option to login which is more secure than outdated methods such as PINs and passwords. Portal access can also be easily managed as organisations can simply remove voiceprints from the list of authorized users. Voice biometrics can also be used to authorise online transactions as it ensures that the right account and cardholder is conducting the transaction and not a fraudster. With voice biometrics, organisations can obtain a non-repudiable digital signature which can also be used as a proof of transaction. Another common use case is using voice biometrics for an expanded and personalised self-service experience with chatbots. Users who visit websites and are greeted with an AI chatbot can conduct more services which may require initial identification and verification. With voice biometrics, users can use services such as accessing and updating their online personal details and paying for monthly bills all within the chatbot. This saves users time as they do not have to constantly jump from web page to webpages to get to the right place.