Biometrics used to be the domain of spy thrillers and Hollywood movies. However as users struggle to manage a growing number of online identities and a multitude of passwords, even that most cautious of organisations, the multinational Bank, are increasingly turning to biometrics to verify the identity of customers.
This trend started with devices such as the iPhone fingerprint sensor, but is increasingly using voice as a way of confirming a customer’s identity. Such systems tend to record voice-prints of the customer over a number of conversations and then use voice characteristics extracted from these voice-prints to verify the identity of a user the next time the customer calls in.
User feedback regularly indicates that users like the convenience of not having to remember passwords, but do not, necessarily, like having to share their sensitive voice-print with the Bank or to be online to use the security features. What happens when someone wants to use their voice identity to access their mobile banking app when on the road or overseas or even use their voice to provide secure access across multiple applications and organisations?
Traditional models all require the voice characteristics to be stored with each organisation. Do all customers want to do this? Voicekey, a spin-out from Nottingham Trent University, has taken a different approach. Instead of storing a user voice print with each organisation, a user enrols their voice with a single software application, which then trains a neural network based biometric classifier to identify the user. The unique settings of this user defined classifier are then encrypted and stored either within a mobile device or in the Cloud. The values recorded are meaningless on their own and cannot be used to identify the user without knowledge of the neural network architecture used in the app.
When a user wants to subsequently identify themselves these settings are loaded back to re-create the trained neural network classifier such that it can be used to verify a user’s identity from their voice with a strong confidence. The user’s voice is therefore never stored at any organisation and, with mobile devices, a single approach can be used to identify the user with multiple organisations.
Voicekey’s patent is granted in both the UK and US and under a continuation-in-part patent application, this patent can also be used for other biometric factors e.g. face and fingerprint.
Voicekey has already produced applications that allow users to store passwords securely on an iPhone using their voice to unlock access. It has also produced an application which enables business users to reset their passwords using their voice to confirm identity - critical when IT helpdesks are often asked to reset passwords with limited proof of who they are talking to.
Tony Allen, CEO of Voicekey, added: “The granting of our patents is an important step for Voicekey. The use of biometrics is growing rapidly and our software has many applications, which the patents will help to protect.”