Understanding the Difference Between Voice Verification and Voice Identification

understanding-the-difference-between-voice-verification-and-voice-identification.jpg

Auraya’s voice biometrics technology can be used to provide several different outcomes. The two most common outcomes are the identification of a person’s identity and the verification of a claimed identity. Additionally, Auraya provides an array of flexible authentication methods using text-dependent, text-independent, text-prompted, digit-independent and digit-dependent tokens for a more secure more personalized and better customer experience.

Verification Stage

The first and most common activity is for a user to verify a claimed identity. Verification involves a one-to-one comparison between the speaker’s spoken words compared to the stored voiceprint of the individual. For this one-to-one comparison to be carried out, the claimed identity of the person trying to be verified needs to be known. This ‘one-to-one’ identity verification process is the most reliable and most secure way to use a voice biometric system to give access to an account.

If voice biometrics is being used to verify the identity of someone calling a contact center on a phone, then the claimed identity of the user may be determined by using the CLID (CLI or ANI) as the proxy for the identity of the caller. If CLI is not known, the caller can be asked to speak an account number, employee/customer number/ postcode or phone number. The solution will then use speech recognition to determine their claimed identity. Any of these spoken identification tokens can also be used to biometrically verify the user.

If the verification is being done on a digital device with an IP address or on a browser with identification information such as email address, then these identifiers can also serve as a proxy for the user identifier. If verification is being done passively, such as verifying a caller whilst they speak with an agent or a bot, the system still needs to know who they claim to be, so a one-to-one match can be undertaken.

It is not recommended to use a touch-tone input for identification as the user then must return to speaking to the device to provide a verification utterance. This mixture of DTMF buttons and speech input can lead to user confusion and poor customer experience.

Identification Stage

The second biometric outcome is to try and identify an individual using only their voice biometric attributes in a one-to-many comparison. This one-to-many comparison is often used in fraudster lookup lists.

However as the size of the search list increases, the identification process becomes more uncertain. In any commercial deployment where security is important, this process alone is not recommended as the chances of a false match increases with the size of the search list.

Therefore, a combination of verification and identification is considered best practice for user experience and security. Ideally, most comparisons will be a one-to-one comparison by using a unique identifier such as a CLI (ANI). If several people share a single home or work phone (that is, same CLI), then voice biometrics can be used to identify which of the people is speaking; and then verify them to the desired threshold. This hybrid approach can work for small groups of people such as in a family or a group that work in the same office and share a common phone. It will not work as efficiently for larger groups where the one from many searches may identify the wrong speaker.

Recommendations

Auraya recommends using phone numbers for most contact center related use cases as most users remember their phone number quickly and can easily say it immediately. If users are able to easily recall and say their account number, member number, employee number or any other identifier number, then these tokens can also be used as well. But beware, many people can type their member or employee numbers but have trouble saying them as the numbers are remembered as a pattern on a keyboard.

Names are not normally recommended as a biometric token as some people may have very short names with very few phonemes. For example, the name Jane Doe would not work well as a voice biometric token as there is not enough data captured to create a high-quality voiceprint. While the date of births can be used as a token, many people do not want to disclose their birth date or may say it in different formats. Each of these variations is sufficiently different to potentially fail the verification threshold.

 

Previous
Previous

Why You Should Ditch "My Voice Is My Secure Password" as a Password Phrase

Next
Next

Auraya Attending RegTech Edge Showcase 2019