1 / 21

Voice Biometric Overview for SfTelephony Meetup

Voice Biometric Overview for SfTelephony Meetup. March 10, 2011 Dan Miller Opus Research. Why I’m here. Talk about voice biometrics Share some ideas on stronger authentication for mobile transactions Get your feedback as prospective users/developers/implementers

penda
Download Presentation

Voice Biometric Overview for SfTelephony Meetup

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Voice Biometric Overview for SfTelephonyMeetup March 10, 2011 Dan MillerOpus Research

  2. Why I’m here Talk about voice biometrics Share some ideas on stronger authentication for mobile transactions Get your feedback as prospective users/developers/implementers Describe some “real world” use cases, business cases and demand drivers

  3. Voice Biometrics and Speaker Verification • Voice Biometrics is a technology • Captures an utterance from a live caller • Compares it to previously stored “voiceprint” • Produces a score • Speaker Verification is an application • Employs a biometric engine plus business logic • Enrolls customers by obtaining voice prints • Compares live utterances to voice prints to produce a “pass” or “fail” responses

  4. Speaker Verification Components • Core Verification Engine • Receives voice sample (“utterance”); compares it to a voiceprint (“template”) • Confirms who said it • Core Recognition Engine • Compares utterance to ASR grammar • Determines what was said • Business Logic • Decides if the caller passes or fails • Dictates required “next steps”

  5. What is a Voice Print? Behavioral Characteristics The harmonic and resonant frequencies, such as accents, the speed of your speech, and how words are pronounced and emphasized. Physical Characteristics The unique physical traits of the individual’s vocal tract, such as shape and size. Voiceprint -Together these physiological and behavioral factors combine to produce unique voice patterns for every individual

  6. Verification vs. Identification • For Verification: • User claims an ID • Application matches voiceprint to that claim • For Identification: • No claim of identity • ID System tries to detect “closest match” of captured utterances to voiceprint from a population of registered users

  7. Text Dependent vs. Text Independent • Applications that require a specific pass phrase are Text Dependent • Require training • Customarily involve enrollment • Text Independent applications can use any utterance • Simplify enrollment • Support “conversational authentication”

  8. Why Now?

  9. Fraud protection persistence • Multifactor • Mandated in more use cases • Includes “something you are” • Multimodal • Because “the customer is always on” • Embraces social networks and multiple sign-ons • Mobile • Approaching 6 billion subscribers • Mobile devices are becoming virtual assistants

  10. +1 = Momentum • Passwords getting more difficult • Multiple digits and special characters • Frequently updated • Fragmented across sites (and IDs) • Authentication becoming important • To access multiple sites, domains and devices • For more activities, transactions and interactions • “Open” approaches only as strong as weakest link

  11. Application strengths Mobile payment authorization Device activation Access control Password reset Anonymous authentication

  12. Perspectives from RSA

  13. ANI detection Voice profile (gender, age etc.) based on intuition Phone number Address Weak Identity verification Mother’s maiden name Social Security Number Basic account knowledge (last purchase etc.) The “Phone Channel” Traditionally Has Weaker Security

  14. Fraudster-Operated Call Centers Emerge in the Underground Economy to Facilitate Phone Fraud • “Professional callers”: fluent in numerous languages, both male and female • Caller-ID spoofing • Service availability during American and Western European business hours. • Cost: $7-$15 per phone call, • Complete fraudulent transactions by impersonating people across a broad spectrum of demographics • i.e. 77-year old female fluent in English or a middle-aged man fluent in Italian. Fraudster call center online order form (with English translation)

  15. Fraudster Operated Call Centers Underground forum post advertising "Professional Call Service"

  16. Fraudster Operated Call Centers Review of a fraudster call center service

  17. How Multi-Channel Fraud is Perpetrated * Available H1 2008

  18. Vishing • Tools of the trade: • VOIP (IPBX) • ID Spoofing • Delivery: • War dialing • SMS • Email • Already in play in the US

  19. How Fraudsters Bypass Blacklisted Call Center Numbers Call Center services unsuspicious inbound call displaying spoofed ID of an existing customer Call is forwarded to call center 800 number Call Forwarding Device Fraudster calls Spoofing access point Directs call to non-blacklisted phone number with Spoofed Caller ID

  20. Fraudsters’ Interest in Phone Banking

  21. And Speaker V & I can help • Questions? Contact: dmiller@opusresearch.net Or on Twitter @dnm54

More Related