August 9, 2021
By Pavel Jirik in Blog
The rapid expansion of biometric authentication technology resulted in the circulation of lots of information and opinions about its use and scope. While its advocates claim that biometrics is an effective solution for increasing security and streamlining many processes, not only related to authentication, others criticize the technology and state that it’s not secure, violates user privacy, and is expensive. But what is the truth behind all these ideas?
Biometric authentication is a technology based on the claim that all humans have unique and unrepeatable characteristics. Some of these may be physical (static), such as a fingerprint or iris, and some behavioral (dynamic), like a signature, typing, or gait. In contrast, others may be intangible, such as behavioral patterns. Voice has both physical and behavioral aspects.
Although biometric authentication methods have been around since the 1990s, only recently has their usage started to become widespread in many industries. Today, biometric authentication methods are implemented in airports, banks, universities, health centers, border controls, and many other entities.
However, the rapid expansion of this technology has led to the circulation of misinformation about it. This article lists the most common myths about biometrics, particularly voice biometrics, and debunks them.
Myth 1: A Person Will Be Able to Imitate My Voice
In 2017, a BBC reporter fooled HSBC’s security system by getting his non-identical twin brother to log in to the reporter’s account using voice authentication. However, this incident relates to active voice authentication, where a person is allowed to repeat the exact phrase over and over—a situation diametrically different from passive voice authentication.
Passive voice biometric authentication systems compare hundreds of unique biometric characteristics of a person’s voice during a free conversation in real time. That’s why, even if an imposter’s voice may sound similar to someone else’s, it would be incredibly hard for them to imitate a voice to the extent that would enable cheating a passive voice biometric authentication system during a natural conversation.
As of today, an instance of someone’s voice being imitated by a person continuously during a phone call in order to impersonate that identity has never occurred in the mode of passive voice biometric authentication.
Myth 2: Voice Recognition Doesn't Work with Accents
This myth is not true due to one simple fact—natural conversation-based voice authentication doesn’t have to understand what’s said, so the accent doesn’t matter here. What voice authentication software does is compare live speech to a stored voiceprint. Even if the live speech and voiceprint have a different accent, the system will work.
Myth 3: Voice Recognition Doesn't Work for Different Languages
The most sophisticated voice biometric systems can verify a person’s identity even if they speak a different language to the one recorded in their voiceprint. So it doesn't matter what language you speak while undergoing voice recognition - the system will compare biometric characteristics of your voice that are unique for you, as its characteristics stay the same no matter what language you speak in.
Myth 4: Voice Biometrics Doesn't Work for Everyone
There are no studies that prove biometrics can’t be applied to everyone. If a person has no health conditions disabling them from speaking, then they are eligible to use voice biometrics and other forms of biometric authentication. Obviously, some people cannot use certain types of biometrics because the system does not recognize their physical characteristics. In cases of injuries, accidents, health problems (such as paralysis), and others, incompatibility may be temporary.
Myth 5: Voiceprints Won't Match a Person After a Few Years
The concern is that as a user ages, their voice will slowly change over time until it no longer registers as a match. In biometric authentication applications, small variations to voice pitch, rhythm, tone, and vocal range are not significant enough to invalidate the match as there are hundreds of other voice characteristics considered. It may be necessary to undergo voice enrollment again after 7, 10, or 15 years, but it’s not a matter of just a few years.
Myth 6: Implementation of Voice Biometrics Is Expensive
It is generally assumed that biometric identification technology is something that only large corporations or government institutions can afford. However, nowadays, multiple companies offer the service, and prices have become affordable for most organizations.
What’s more, one of the advantages of biometrics is that it helps companies reduce and eliminate costs. For example, the time that employees would ordinarily have to spend authenticating users could be used for other, more complex tasks that can’t be done automatically. As more and more organizations opt for digital transformation and aim to have simple tasks completed by digitized systems automatically, biometrics has become an essential ally for preventing fraud and maintaining security standards.
Myth 7: Original Voice and Speech Content Can Be Recreated from a Stored Voiceprint
This myth is another one that is not true. Voiceprints used for voice biometric authentication are not stored in databases as recordings that can be played and reused. Voiceprints are stored in the form of mathematical models, which contain only the important properties and biometric characteristics that the system needs to compare a voice during the authentication process.
Similarly, speech elements can’t be recreated from a voiceprint saved in a database because it’s not the actual voice that is stored but a mathematical representation of it.
Beyond the myths surrounding voice biometrics, the reality is that biometric solutions are becoming more and more common and widely accepted by users.
Biometrics is a fundamental enabling technology for the future of digital banking, but it can be daunting for those who are unfamiliar with it. By dispelling the myths and misconceptions of biometrics, organizations such as financial institutions can help their customers feel more comfortable using this technology to conduct important transactions securely and conveniently when using online channels during the COVID-19 era and beyond.