Security on Demand

Article Featured Image

Today’s economic environment requires cautious use of capital by enterprises and service providers, limiting their ability to deploy new technology and equipment even if the return on investment is definite. This could slow the adoption of technology in supporting a business, and although security is a key area of focus for most organizations today, IT still faces budgetary constraints. 

With this context in mind, on-demand voice authentication represents a dramatic deployment alternative to traditional on-premises custom applications, giving enterprises and service providers a far easier approach to securely delivering significant operational savings—typically saving 20 to 40 seconds of agent call-handling time per call. It also delivers improvements in customer satisfaction through enhanced mobility and the elimination of PINs.

Historically, implementing custom solutions required specialized technology skill sets, license costs, server hardware, and ongoing maintenance and upgrades. However, an emerging and viable alternative is on-demand voice authentication, which uses a Web-services approach to take advantage of biometric security without up-front costs. In addition, time to implementation is reduced to just a few weeks because the technology is easily deployed. A company has to only link its application with the service via a simple application programming interface. As a centralized service, voice authentication can also be used to enhance touch-tone or speech IVR applications, Web applications, home-based employee and agent portals, and now mobile devices, especially given the growth of iPhone and Android applications. 

Enrolling a voiceprint is easily accomplished by prompting a caller to speak several two-word phrases (e.g., “black coffee”) that do not contain personally identifiable information. These phrases are used to identify unique vocal characteristics and create a speaker model, or voiceprint, which is then associated with the identity claim and stored in an encrypted format for comparison during future authentication transactions. In subsequent calls, the on-demand service prompts the caller to speak several short phrases (which are randomized from call to call and do not need to be remembered). The resulting voiceprint is compared to the enrolled model, and a decision is calculated in real time. Furthermore, applying business rules to the treatment of scores can yield results that are more intelligent and robust than one factor alone. 

Best Practices

It is important to note that the native identity claim, such as an account number, is first encrypted to create an anonymous identity claim before it is sent to the on-demand service, so it cannot be reverse-mapped to the account owner. The identity claim is then associated with the corresponding voice model, which is stored as an encrypted data string (e.g., “8F 66 80 9B 77 8C 61 81 9D 74…”). As evident from this example, the voice model cannot be used to identify the owner or reconstructed to generate audio. In other words, it is impossible to match an account to a voiceprint, so it cannot be used for spoofing.

In one implementation, an on-demand voice authentication application was successfully deployed within a top-tier retail bank, and the following results were obtained: 

  • The on-demand solution was implemented in less than two months;
  • 100 percent of callers successfully enrolled;
  • The solution was easy to use, and based on pre- and post-use surveys, 85 percent of callers ended up preferring voice authentication to a traditional PIN;
  • The on-demand solution was available 100 percent of the time, providing high availability for a mission-critical solution; and
  • Operational reports available through the enterprise deployment Web portal provided insight into usage, caller behavior, and performance.

On-demand voice authentication solutions allow companies to take advantage of operational cost reductions and improved customer experience, while improving security. Furthermore, by adopting the enrollment, authentication, and deployment best practices discussed here, enterprises can quickly roll out voice authentication capabilities to their employees and customers, accelerate return on investment, and provide a secure, positive customer experience, thereby laying the foundation for an enterprisewide, intelligent multifactor authentication solution.

Jo Ann Parris is vice president of relationship technology management at Convergys. She is responsible for sales, marketing, and solution management for Convergys’ portfolio of self-service and automated solutions. She can be reached at jo.ann.parris@convergys.com.

SpeechTek Covers
for qualified subscribers
Subscribe Now Current Issue Past Issues