Tired of conventional passwords? So is Nuance Communications, a tech firm that is promoting the human voice as a way to secure user accounts.
The company’s voice biometric product is among the technologies that promise to replace traditional -- and often vulnerable -- password authentication systems, which can be easy to hack. That isn’t the case with Nuance’s solution, the company claims.
“To determine if it’s you or not, we are looking at over 100 different characteristics of your voice,” said Brett Beranek, Nuance’s director of product strategy.
The problem with passwords
The need to move beyond passwords hasn’t been more urgent, given that hackers are routinely finding ways to steal them. Last year, Yahoo, LinkedIn and Dropbox all reported major data breaches involving account details such as email addresses and hashed passwords.
With such information, a hacker can plunder through an email account like suspected Russian cyberspies did to U.S. political figures in last year’s election.
However, security provider Nuance is trying to change the status quo. Already, banks and financial institutions have been deploying the company’s voice biometric technology to verify user identities.
“This is more secure than a password,” Beranek said. “We’ve had our customers report a significant reduction in fraud over PIN and password security solutions.”
The technology was first deployed in a customer call center back in 2001. Since then, it’s also been used in finance-related mobile apps and to secure PCs at a handful of organizations, Beranek said.
Every human voice is unique, he added. Factors like a person’s larynx, the shape of the nasal cavity, and whether the subject is missing a tooth, will all determine the way someone sounds. People can also speak in a more monotone or lively manner, or space out their words in varying rhythms.
Nuance’s technology has been built to analyze these differences to accurately determine who is who, Beranek said. It’s been refined to the point, it can weed out voice impersonators, digital recordings and synthetic voices that try to dupe its system.
“In most cases, we can differentiate consistently between identical twins,” Beranek also said.
Nuance Communications is using its voice biometric technology to help companies go passwordless. Credit: Nuance
Verifying a user’s behaviour
Replacing passwords is one thing, but what if your security system could also detect and kick out intruders who managed to break in?
SecureAuth is another company that’s been working on this very technology. It’s offering a system for companies to go “passwordless,” which can also spot any unusual activity on a user account.
The approach leverages an existing device many people have: smartphones built with fingerprint readers, said Keith Graham, CTO of SecureAuth.
Sign up for CIO Asia eNewsletters.