Secure Password Resets with Voice Biometrics

Passwords have been around for years and are often the main security method used to authenticate a user. Passwords are implemented for security reasons, whether it’s logging into an account or connecting to a wireless network. However, as people use passwords for just about everything on every platform, some have opted to use the same password for different platforms for convenience. Although this helps some people not to forget their password, it also causes a huge security concern if the person becomes a victim of data breach or leak. On the other hand, those who do use different and even randomized passwords often forget their passwords. This results in a jarring password reset user experience where they are required to provide answers to forgotten security questions or switch applications or devices to confirm their identity for a password reset request.

With Auraya’s voice biometric technology, organisations can implement voice biometric verification to assist in improving the password reset user experience. The process would first involve the user enrolling their voiceprint by capturing audio of them speaking their unique phrase or identifier such as their account number or phone number. This audio is encrypted and scrambled to create a voiceprint. Then, whenever they request a password reset, they would simply just need to say their unique phrase to verify their identity. If their voice matches with the enrolled voiceprint attached to the account, then they will be verified successfully and a password reset link can be provided.

This could replace security questions and one-time passwords, meaning that the user would not be required to switch applications or devices and wait for the SMS or email to come through. Organisations can also reduce operational costs from replacing their SMS OTP services. This could also improve security as SMS and emails can be easily intercepted by fraudsters. With voice biometric verification, users only need to verify their identity using their voice and then the password reset link will be provided if they are verified successfully. Using identifiers such as accounts or phone numbers that are easily to remember and are unique to each individual improves security and usability. Additionally, Auraya’s patented technologies can combat cyberattacks such as Identity Theft and Account Takeovers as it can detect generated, mimicked voices and recorded playback voices. 

Protect Against Identity Theft with Voice Biometrics

Recently, two women in Australia were charged with eight counts of obtaining a financial advantage by deception after they were caught using fake identities to steal thousands of dollars from bushfire and coronavirus welfare payments. The women were able to steal AUD 10,000 before being noticed and caught by the Australian federal government’s new anti-fraud task force.

Naturally, fraudsters will always try to take advantage of any opportunities for financial gain, with identity theft being one of the most commonly used methods. Financial organisations must ensure that they implement the best security measures to repel attacks such as identity theft that occur nearly every day.

Fortunately, with Auraya’s voice biometric technology, organisations can greatly reduce the chance of fraud and the resultant misery inflicted on innocent people whose identity is compromised. Organisations can implement secure and delightful voice identification and verification capabilities allowing customers to use their voice to securely verify their identity. By using voice, outdated security methods such as asking for PINs and passwords or personal security questions can be replaced saving organisations time and money. Auraya’s voice biometric technology is also capable of detecting synthetic and recorded playback attempts which further protect against fraud attempts.

Organisations will also be able to manage their voiceprint database in real-time and flag known and potential fraudsters. Repeat offenders will be flagged and identified even if they are impersonating different victims.

Overall, voice biometrics can help strengthen organisational security and improve user experience. Fraudsters can’t simply steal the identities and information of victims as they would be required to say the right information with the right voice.

Biometrics Solutions and Concepts for COVID-19

The Biometrics Institute has released its latest report which combines several expert papers from its member organisations addressing the topic of biometric solutions and concepts for the ongoing COVID-19 pandemic.

Auraya, a world leader in voice biometric technology, contributed to the report by detailing how voice biometrics can be used to improve the security and user experience of the various solutions people are using amidst the COVID-19 pandemic. Read Auraya’s expert section below or visit Biometrics Institute to access the full report.

Auraya: Voice biometric applications to assist in pandemic times

Paul Magee, CEO of Auraya Systems

A pandemic can disrupt and alter the livelihoods of everyone. Lives and circumstances can forcefully and drastically change. We must adapt to minimise the danger and reduce the disruption to our complex lives. While no one wants to experience the devastating loss of life, economic hardships, and inconvenience that the pandemic has thrust onto populations during these strange times can be a catalyst in introducing changes that otherwise could take decades. Perhaps we will never again be so open to changing habits. For years people have resisted the opportunity to work from home, and now that we have been forced to adapt, many now work from home where it makes sense! Another forced change is the use of video conferencing technologies to stay in touch with friends and family. This new means of staying in touch may bring families together long after the virus is defeated. Perhaps business travel will change with more virtual conferences instead of the overuse of big global conferences. Many technology solutions are being delivered to tackle practical living issues in the locked-down world we have been forced to embrace. From fast-tracking new ways to invent and test medicines and create personal protective equipment to online conferencing, home deliveries, and exercising without large communal gyms. People and organisations have proved rapid change is possible, given the right circumstances.

These changes also introduced a new era of trust and cooperation as perfect strangers adapt to new rules around social distancing and people are making personal sacrifices to ensure the safety of unknown community members. In this era of more trust, it is important to reduce the ability of ‘bad actors’ to take advantage. Voice biometrics provides a key element in enabling open and transparent trust to exist as, quietly and unobtrusively, bad actors can be identified and dealt with appropriately, during digital transactions and phone conversations, leaving the rest of us to get on in the new world with more confidence.

As we become more community conscious, we are prone to become more fearful and concerned about our privacy and security. Voice biometrics provides consumers with a simple yet secure and private way to confirm identity with government agencies and other organisations we have entrusted with our assets and personal data.

Auraya’s voice biometric technology is being used to ensure secure, safer, and easier conference calling capability. Cisco’s WebEx conference users can have voice biometrics enabled to gain access to conference calling service on their computer or mobile device by simply saying their name. If their voiceprint has been previously enrolled; and they are invited to the meeting then authorised conference call attendees can gain access from any device. No complex number codes are required to be remembered or punched in. Every time someone speaks, their voice identifies them and their name is displayed. This security option also prevents unknown or unauthorised people from attempting to join conference calls just because they have the meeting room code. Conference hosts can search recorded conferences based on when a specific speaker contributes rather than which device was used, which is especially helpful where there are multiple attendees using one device. Educational institutions can ensure that students that participate in the conference are, in fact, the enrolled students and not a proxy.

Voice biometrics can be utilised in contact centres even when agents are working from home. EVA the Voice Biometric extension for Amazon Connect enables voice biometric solutions to be deployed in days using cloud-based services. Voice biometric solutions can be added quickly and securely to existing Call Centres and ‘work from home’ Call Centres to improve efficiency and security, whilst ensuring regulatory compliance. As Call Centres and digital support services feel the pressure and stress of increased numbers of calls and messages seeking assistance, they are also having to cope with lockdowns in offshore Call Centre locations as well within their own cities. The increased demand in a time of constrained capacity is forcing organisations to adopt new processes and technologies.

Organisations can use voice biometrics to ensure that known or suspected fraudsters are identified and prevented in real-time from perpetrating fraudulent activity. Being able to quickly identify suspected fraudsters not only reduces fraud losses; but it also assists the organisation to efficiently deal with legitimate callers. Where the biometric technology is eliminating known fraudsters, then legitimate customers can be served with higher levels of confidence and with less friction caused by manual verification processes.

In addition to helping deal with fraudsters, voice biometrics can be used to confirm that the authorised Call Centre agent is engaged in every conversation with customers. Organisations can be assured that the authorised agent is the only person that can handle customer calls. Calls that require transferring between agents can also be transferred with confidence and regulatory compliance as each agent’s identity is verified by their voice.

In addition to using voice biometrics to deliver improved efficiency and security in Call Centres, voice is being used in digital channels. For example, a new quarantine mobile app is being delivered in Latin America using Auraya’s voice biometric technology to help enforce quarantine measures. The app uses geolocation technology to ensure that the smartphone remains in the designated quarantine location and random requests for the quarantined person to verify their identity using their voice from the device ensures that the person subject to a quarantine order is with the device at the right location.

This quarantine mobile app can also be used to manage the crisis that exists in some correctional facilities worldwide. The COVID-19 pandemic has raised concerns about the vulnerability of inmates to the disease once it infiltrates correctional facilities. There are calls for a temporary release for some inmates to reduce the danger. The voice biometric mobile app combined with the smartphone geolocation technology can assist in monitoring the locations of inmates that are released to home detention. This allows correctional facilities to implement temporary parole while using this voice biometric system to continually and accurately track their whereabouts.

Secure Video Conferencing with Voice Biometrics

With many people working from home during this COVID-19 pandemic, video conferencing meetings have become a staple in everyone’s lives. Zoom, Google Hangouts, Skype and other forms of video conferencing services have experienced a huge surge in use for both business and personal engagement.

This increased usage has brought a lot of positive benefits to companies. However, along with the popularity of these services, some have attracted negative attention. Adding over 2.22 million monthly active users in 2020, Zoom is fast becoming one of the most used video conferencing services. However, many have noticed several privacy and security issues with Zoom such as a sketchy installer, traffic routing, encryption concerns, and most notably “Zoombombing”.

Zoombombing is the action of guessing Zoom meeting ID numbers by randomly entering 9 to 11 digits for the meeting ID. If the meeting is open and live, the intruder will be able to successfully participate in the meeting and use features such as screen sharing. To tackle this issue, Zoom has recently implemented new features that help improve its security. These new features are waiting rooms and password-protection. However, improving security should not just stop there. Video conferencing services should use voice biometric technology to make it easier for legitimate attendees to get into meetings and make it harder for ‘Bad Actors’. This not only enhances security but also customer experience.

With Auraya’s voice biometric technology, organisations such as Zoom, Google and Microsoft can implement identification and verification capabilities in their video conferencing services. Participants will be required to speak a certain unique phrase such as their name or an employee number or phone number to enter a meeting they have been invited to attend. Once their identity has been verified with their unique voice, they will be able to connect to the meeting. This feature can be implemented whilst waiting to be admitted to a meeting or the verification process can bypass the need to be ‘admitted’. Additionally, organisations can use voice biometric technology to ensure that the participants in the conference meeting are still the authorised participants. Although video footage through webcams can help identify the participants, this feature can help meeting admins passively identify the identity of those without webcams turned on or those attending via phone calls.

With voice biometric technology, there is no need to remember the meeting ID or passwords for the meeting, all it requires is simply the link to the meeting and the voice of the participants.

Voice Biometrics and Multi-Factor Authentication

As discussed in the recent article by ComputerWeekly.com, it is becoming apparent that standard two-factor authentication (2FA) methods were never as secure as they were intended to be. Two-factor authentication usually involves the user inputting a PIN or password for the first authentication and then completing a second authentication via security token or a one-time passcode. The reason why this process is flawed is that most two-factor authentication only authenticates if the right device is being used and not if it was the authorised person. A fraudster who knows or spoofs someone’s password or has access to their device can easily take over their account. Additionally, scams such as brute-forcing passwords and sim-swapping are common methods many fraudsters use.

This issue is one of the many reasons why multi-factor authentication (MFA) coupled with biometrics technology provides far superior security and convenience today. Multi-factor authentication is an authentication process that requires two or more factors. The factors required can be something that you have (like a security USB key or a known smartphone), something that you know (like security questions or passwords) and something that you are (fingerprint or voiceprint recognition). This means that multi-factor authentication not only involves having the right device but also having the right person.

With biometrics technology, multi-factor authentication becomes more robust, improving security and user experience. However, indeed, no security method is ever truly 100% secure. Some Biometric technology has also been on the receiving end of spoof attempts, as fraudsters use 3D printers to create fingerprints and face masks or simply log into a smartphone using the PIN to create a fingerprint which can be used to spoof the MFA security and gain access to the client account. Therefore between these biometric technologies, voice biometrics is harder to spoof because the voiceprint is created and stored in the client organisations own secure infrastructure, making it a device-independent verification. Being device-independent ensures that voice verification is the perfect complement to multi-factor authentication.

Auraya’s EVA voice biometrics is an easy-to-consume, cloud-based voice biometric extension for Amazon Connect telephony and digital channels. It provides ‘voice identification & verification’ and ‘fraud detection’ capabilities, improving security and user experience. With EVA, organisations can use voice biometrics as one of the factors required when using multi-factor authentication for security purposes. This biometric capability can be used in the IVR call centre process, whilst talking with an agent or a bot or online via a website or mobile app or Chat or messenger. EVA is capable of detecting and preventing spoof attempts such as recorded playback of voices and synthetically generated voices. Unlike other biometrics, such as fingerprints where security is compromised once a fingerprint is stolen, any recorded or mimicked voices will not work against security systems that have EVA enabled.

Obtaining Consent to Enrol Voiceprints

RESOURCES

Documents

Discussion Paper on Obtaining Consent to Enrol Voiceprints

Angelo Gajo | April 23, 2020 | 2 minutes

discussion-paper-obtaining-consent-to-enrol-voiceprints
discussion-paper-obtaining-consent-to-enrol-voiceprints-cover

Download

Summary

This discussion paper discusses the issues organisations must consider when asking for informed consent to enrol a voiceprint. The paper also discusses the considerations of enrolling suspected fraudsters into a hotlist to reduce fraud.

Click the download button to save your copy of the document.

MORE


discussion-paper-obtaining-consent-to-enrol-voiceprints

Documents

Obtaining Consent to Enrol Voiceprints

23 April 2020


Documents

ArmorVox Datasheet

15 April 2020

bundle of papers

Documents

Voice Biometrics FAQs

01 November 2018

NEWSLETTER

sign up to our mailing list


Subscribe

ArmorVox Datasheet

RESOURCES

Documents

ArmorVox Datasheet

Angelo Gajo | April 15, 2020 | 2 minutes


armorvox-datasheet-voice-biometrics

Download

Summary

ArmorVox is Auraya’s next-gen voice biometric engine that provide secure and seamless voice identification & verification and fraud detection capabilities in any language on any platform. This datasheet provides a technical overview of ArmorVox’s key benefits, capabilities and features.

Click the download button to save your copy of the document.

MORE


discussion-paper-obtaining-consent-to-enrol-voiceprints

Documents

Obtaining Consent to Enrol Voiceprints

23 April 2020


Documents

ArmorVox Datasheet

15 April 2020

bundle of papers

Documents

Voice Biometrics FAQs

01 November 2018

NEWSLETTER

sign up to our mailing list


Subscribe

Improve Efficiency and Prevent Fraudsters in Call Centres

MEDIA

Auraya Blog

Improving Efficiency and Preventing Fraudsters in Call Centres with EVA Voice Biometrics

Paul Magee | April 9, 2020 | 4 minutes

busy-call-centre-woman-talking-secure-voice-biometrics

Due to the ongoing pandemic, everyone around the world is experiencing dramatic changes in the work environment and their private lives. The work from home (WFH) requirements that most organisations have implemented, plus the new emergency initiatives and support services being delivered by governments and enterprises are creating additional workloads for many contact centres and digital delivery teams.

In addition to the increased call volumes and coping with the issues of working from home or safely working in contact centres, organisations are also having to cope with an increase in scams as bad actors and fraudsters seek to take advantage in these difficult times. For many organisations, security and customer experience are of paramount importance to their customers and front line staff, especially with the avalanche of calls and digital enquiries they may be receiving. Fortunately, with Auraya’s EVA voice biometrics, organisations can handle the increased volume of calls securely whilst protecting the organisation and their customers from bad actors and fraudsters.

EVA provides a secure and scalable cloud-based identity verification capability. Whether the organisation is using a legacy on-premise infrastructure or a cloud contact centre solution such as Amazon Connect, EVA, the Amazon Connect extension for voice biometrics, can be deployed quickly and securely. Organisations can use EVA to verify the identity of its customers as well as its agents and other internal staff. Another EVA capability organisations can utilise is its fraud detection capability. EVA can be used to identify and flag fraudsters in real-time, making it easier to deal with legitimate customers and deter fraud attacks.

Even during these troubling times, Auraya is capable of remotely supporting organisations in delivering an EVA voice biometric solution. EVA can be rapidly deployed in all call centres and reduce the time needed to verify an identity, increasing self-service and decreasing the risk of fraud. Organisations who turn on EVA will be able to more effectively cope with the surge in demand for services that are desperately needed as well defend themselves from being attacked by those who try to take unfair advantage.

Reach out to Auraya to find out more!

MORE


passwords-list-insecure-duplicate-voice-biometric

Blog

Secure Password Resets with Voice Biometrics

17 June 2020

identity-theft-fraud-voice-biometrics-scam

Blog

Protect Against Identity Theft with Voice Biometrics

27 May 2020

covid-19-report-biometrics-institute-response-paper

Blog

Biometrics Solutions and Concepts for COVID-19

20 May 2020

NEWSLETTER

sign up to our mailing list


Subscribe

Voice Biometrics in Online Digital Services

MEDIA

Auraya Blog

How Online Digital Services Providers Can Improve Security and User Experience By Implementing Voice Biometrics

Angelo Gajo | March 27, 2020 | 4 minutes

how-online-digital-service-providers-can-improve-security-and-user-experience-by-implementing-voice-biometrics

The ongoing coronavirus (COVID-19) pandemic is causing great disruption in our lives. Governments from around the world are implementing stringent measures to contain and slow the spread of the virus. These measures include social distancing and working from home. This impediment has further pushed people into a more digital and mobile workforce. However, this digital change has also brought upon an increase in cybercrimes, as cybercriminals take advantage of the vulnerable and/or unaware.

Lately, there have been reports of an increase in cybercriminal activities related to the coronavirus such as phishing scams and ransomware attacks. This prompts organisations around the world such as Norton, the World Health Organisation (WHO) and the Australian Competition & Consumer Commission (ACCC) to release statements regarding protection against cyber scams. With people working from home and beginning to access work portals and databases from their home network, cybercriminals are targeting those with less secure home network infrastructure. Working from home also means adopting new online services to accommodate the digital working environment. Many companies are integrating new services such as project management, customer relationship management and file storage cloud services to continue operations.

As these service providers experience an influx of new customers, they should also prepare for the increased probability of cyberattacks by implementing better, industry-leading, security measures. One security measure these service providers must consider is voice biometrics. Voice biometrics provides the capability to identify and verify an individual by using their voice. Auraya, a world leader in voice biometric technology, provides this capability along with fraud detection capabilities. Auraya’s EVA voice biometrics technology allows service providers to implement voice biometrics into their existing solutions, improving security and user experience.

EVA voice biometrics can be integrated into contact centres, increasing automation and reducing agent-handling times, helping improve efficiency and reduce costs, especially when experiencing an increased number of inbound calls. Service providers can also implement EVA into their online portals, ensuring that only verified users can gain access, securing confidential files and information. Another use case for EVA voice biometrics is using voice biometrics to verify an identity instead of costly and jarring OTP SMS codes when requesting for a password reset.

EVA voice biometrics utilises numerous patented capabilities to ensure the best security and user experience. With Active Learning, each successful verification improves that user’s voiceprint, allowing for a more efficient and secure experience over time. Speaker-specific Thresholds and Speaker-specific Background Models allow organisations to set specific thresholds per user or use case, ensuring a consistent level of security for every user. EVA also provides fraud detection capabilities via fast cross-matching and impostor mapping processes, allowing organisations to check and match voiceprints against other voiceprints in the database and/or against a list of potential impostors. 

MORE


passwords-list-insecure-duplicate-voice-biometric

Blog

Secure Password Resets with Voice Biometrics

17 June 2020

identity-theft-fraud-voice-biometrics-scam

Blog

Protect Against Identity Theft with Voice Biometrics

27 May 2020

covid-19-report-biometrics-institute-response-paper

Blog

Biometrics Solutions and Concepts for COVID-19

20 May 2020

NEWSLETTER

sign up to our mailing list


Subscribe

Melbourne TAFE Experiences Data Breach Attack

MEDIA

Auraya Blog

Melbourne TAFE Experiences Data Breach Attack

Angelo Gajo | March 12, 2020 | 4 minutes

library-computer-students-staff-university-school

Melbourne Polytechnic recently announced on Wednesday that they experienced a “highly complex” data breach. The breach was said to have occurred between September to December 2018. Melbourne Polytechnic was only informed of the data breach on October 2019 after an investigation by the Victoria Police. The data breach exposed over 50,000 files stored in Melbourne Polytechnic’s IT systems, which contained personal, health and financial data of students, staff and suppliers.

Although not as targeted as other industries such as the government or financial industry, the education industry still frequently experiences data breaches. According to the 2019 Verizon Data Breach Investigations Report (DBIR), insecure email credentials, web and mobile application errors and social engineering were the main weak points of the education industry. Financial motives still remained the main motivation with 80% of data breaches being financially motivated. 57% of data breaches in the education industry included at least one external threat actor. Alarmingly, 45% of the data breaches also included at least one internal threat actor.

Therefore, schools and other organisations must proactively continue to manage risks using the most effective security measures. One security method the education industry should consider is implementing Auraya’s EVA voice biometrics technology. EVA is an easy-to-consume, cloud-based voice biometric extension for telephony and digital channels. With voice biometrics, schools and organisations will be able to securely verify their students and staff’s identity using their voice. Students and staff no longer need to remember (or set ‘easy to guess’) passwords or secret answers in order to access portals or even their emails.

EVA is language-independent, allowing all domestic and international students and staff to be verified with their voice. It can also be installed securely on the cloud or on-premise, allowing schools and other organisations to choose where to store their data. But what makes EVA really effective is that it can detect and prevent cybercriminals from hacking into schools and other organisations’ systems. Cybercriminals won’t be able to mimic, record or synthesize other people’s voices in order to break into the system. Their voiceprints can also be recorded and kept on an ‘impostor list’ to ensure any future or repeating offenders are detected in real-time, preventing a data breach from occurring.

MORE


passwords-list-insecure-duplicate-voice-biometric

Blog

Secure Password Resets with Voice Biometrics

17 June 2020

identity-theft-fraud-voice-biometrics-scam

Blog

Protect Against Identity Theft with Voice Biometrics

27 May 2020

covid-19-report-biometrics-institute-response-paper

Blog

Biometrics Solutions and Concepts for COVID-19

20 May 2020

NEWSLETTER

sign up to our mailing list


Subscribe