Q: What is Voice Verification
A: Voice verification, also know as “speaker authentication”, is best described as the automated process of verifying a person’s claimed identity based upon the distinctive characteristics of their voice. Enterprises concerned about how to manage security have at their disposal three means for authenticating individuals – by something they have (i.e. ID badge), by something they know (i.e. password/PIN# or knowledge-based passphrase), or the biometric – by something they “are”. Voice verification technology uses the voice biometric to confirm or deny a person’s claimed identity by comparing the “live” voice sample to a previously enrolled voiceprint. A voiceprint is created by sophisticated technology that captures and measures unique characteristics in the voice biometric, such as cadence, pitch, tone, harmonics, and shape of the larynx.
Q: Do I need extra telephone lines to receive the calls from our staff?
A: Using TeleClock Small Business, all of the hardware and software is installed in your business premises and operates utilizing telephone extensions from your PABX. During quiet times there is no need for any extra telephone lines to operate TeleClock and as most clients operate from within their organization they do not require external telephone connections to TeleClock.
Q: Isn’t this IVR technology complicated and expensive?
A: Other companies would have you believe that the cost for individual companies to buy this type of software and hardware is high. We have developed and sold TeleClock for over 10 years and have been developing similar technology systems for 17 years. The cost and reliability of the TeleClock system is very affordable and as simple as any computer application to operate. If you operate more than two electronic time clocks currently, then TeleClock can be a more cost effective and powerful solution.
Q: What is the difference between voice verification and voice recognition
A: Voice verification focuses on verifying the identity of “who” the speaker is, whereas speech recognition is designed to understand “what” the speaker is saying. Voice recognition engines must support the language that the user communicates in to understand what the user wants to do. To clarify further, voice verification is designed to verify the individual’s unique voice sample to enable secure access to a variety of protected applications. Once access is granted, the user may then utilize voice recognition commands for further navigation throughout the application. VoiceVantage’s speaker authentication technology is capable of operating as a stand-alone solution. While it conveniently integrates with and will certainly enhance and leverage investments in other speech technology (i.e. speech recognition, VoiceXML), VoiceCheck does not require voice recognition technology to perform its function.
Q: What are the advantages of voice verification vs. other biometrics?
A: Voice verification is rated as secure as any other biometric identification method, and according to independent studies , voice verification can be considered even more secure than other biometrics such as fingerprint, hand geometry and facial-scans systems, while also as being rated the least intrusive and most popular biometric. While all biometrics offer improved security over other traditional means of authentication, only voice verification offers several key advantages beyond other biometrics as described below: Your voice cannot be stolen, lost, forgotten, or otherwise compromised. Voice verification technology offers a non-intrusive and non-invasive identity authentication solution. Other biometric solutions can often intimidate or offend potential users because of the invasive connotations associated with them, such as fingerprinting or laser-retinal scanning technologies. Voice is the only completely mobile biometric technology capable of operating anytime, anywhere. Other biometrics force users to be at a “fixed site” or to carry specific hardware with them for the biometric solution to function whereas voice verification utilizes the common microphone found readily available in telephony devices and PC microphones. Voice verification technology is convenient to use. Speech is the most natural form of communication and voice verification is capable of providing a seamless integration into the caller’s overall speech experience. Voice verification technology is cost-effective. It is a “software only” solution that eliminates the costly hardware or scanning equipment costs that other biometric solutions require. Of all the biometric technologies available, voice verification is the only “conscious” biometric. Other biometrics could still be used without the conscious authorization of the individual; for example, an airline pilot could be rendered unconscious yet an intruder could still utilize the pilot’s fingerprint to access protected systems or information.
Q: My staff are spread all over the country, how do they use TeleClock?
A: Clients can implement TeleClock Enterprise for their staff to use to call in to TeleClock. Employees call a 1800 number to access the TeleClock system. Time zone differences are compensated for with the TeleClock software and the calling number and location of staff can also be recorded.
Q: Can our staff use mobile phones to access TeleClock?
A: Certainly. But remember that current technology does not enable you to identify where the call is coming from (other than the number of the mobile phone). The TeleClock OTP token located at each of your work locations can help to identify that employees are at the designated location when they clock in or out.
Q: How does TeleClock Voice Verification work
A: First time users will be required to participate in a one-time enrollment process. When a user enters the enrollment process, a sample of their voice is used to create a template containing the unique feature set of the biometric characteristics and this reference template called a “voiceprint” is then stored. Stored voiceprints are neither “wave files” nor audio samplings, but instead are distinct computations of algorithmic information. The next time the user wishes to access TeleClock, the user will provide their employee code. TeleClock identifies the employee and prompts the person to respond to a query, such as “Please say your pass phrase" - usually the employee name. TeleClock then uses highly sophisticated processes to compare the “live” voice sample to the previously stored reference files and based upon these comparisons, either accepts or denies a user’s identity claim.
Q: How secure is TeleClock Voice Verification
A: In real-world environments, TeleClock can provide higher than 99.5% security, a significant improvement over the inconsistencies of using existing passwords, PINs and security badges. TeleClock can adjust and moderate the verification technology to align their business security mandates with real-world demands. For example, instituting an overly sensitive security threshold setting would minimize impostor access, but it may also result in denying access to a genuine end-user. Conversely, a lower threshold setting could lessen the probability that genuine end-users be rejected, but may also heighten the possibility of false accepts. Flexibility to match such security and convenience demands are met within TeleClock. The following metrics are used to characterize and measure accuracy of voice authentication: False Accept (FA) Error - The % of false accept errors that accept an imposter’s access as a genuine user. False Reject (FR) Error - The % of false reject errors generated when it denies genuine users access. There is a functional intersect point between the two error types: This point is referred to as the threshold weight that represents the limitations imposed by the technology and which affects how the technology responds towards false acceptance errors for a lower threshold weight, and false rejection errors for a higher threshold weight. Ideally, electing a balance between the two is the most desirable outcome for speaker authentication. This balance point is referred to as the Equal Error Rate (EER) and is simply calculated by adjusting the point where the false accept and false reject percentages are equal. Depending on the demands of the application, TeleClock Voice Verification can be adjusted to operate with high security settings (producing a higher FR, lower FA), in this case the frequency of false rejects would be tolerated to ensure optimum security. On the other hand, when high security isn’t the primary function and not inconveniencing users is more critical, moderately increasing the percentages of false accepts (lower FR, higher FA) would be appropriate and desirable. It is also important to understand the relationship between the two separate masses, FA’s are calculated on the total population of genuine users, while the FR’s are, on the contrary, calculated on the portion of users that are imposters and which aggressively attempt to access another person’s protected information. Such statistics typically represent extremely small percentages. Additionally, various environmental conditions, channel variations, and factors temporarily affecting the health of users, background noise, coupled with enterprise-specific application parameters (i.e. threshold settings, passphrase settings etc.) can all affect and impact the occurrences of false accepts and false rejects.
Q: Can someone steal voiceprints and attempt to gain access to TeleClock information?
A: Biometric verification validates a claimed identity by comparing a verification template, such as a live voice sample, to a previously enrolled, reference template. Further, templates themselves are encrypted, and thus, are virtually impossible to steal in the first place. Even if the database of reference templates were stolen, the data is not usable without the algorithm. Additionally, biometric technologies deter infractions since there is an inherent security audit trail within the technology. It is also not possible to “hack” or “reverse engineer” the voice print itself.
Q: What happens if I have a cold?
A: TeleClock continues to function in the event a user has a cold. The TeleClock enrollment process captures the unique characteristics of an individual's vocal tract, which consists of the air passages from the top of the lungs, to the throat, the mouth, and the nasal cavity, ultimately measuring the behavioral characteristics of the person’s voice. Therefore, verification is achieved regardless of the audio changes heard when a person has a cold because the technology is measuring the unique characteristics based on the entire vocal tract – not just the sound of vocal cords vibrating. A severe cold might cause intense swelling of your throat or nasal passages, making it a little more difficult to verify your voice. In such instances the technology is designed to work with the individual if the score achieved on an initial attempt is low but not low enough to reject the user. In this case, TeleClock can be tuned to pose a secondary query to the person before making a final accept/reject decision. In such extreme cases where it is not possible to verify the individual, an individual may choose to fall back on another means of verification such as a backup PIN number that can be entered numerically via the telephone key pad.
Q: What about someone taping my voice and trying to access as “me”?
A: A recorded voice will not be accepted when compared against a stored voiceprint. Firstly, the electronic properties of a recording device, particularly the playback speaker, alter the acoustic properties to such a degree that the recorded voice sample will not match a stored voiceprint of the “live” voice. Also, as each template is unique, it is not physically possible to receive a 100% match between a reference template and a verification template and any attempt to produce a perfect match is considered fraudulent. Concerns about other methods of imposters such as “impersonators”, “mimics” or twins also do not pose a threat or significant risk for TeleClock. Impersonators rely upon recreating accents, tones and specific rhythms but they cannot recreate the personal vocal environment of another individual.
Q: How do you know it’s the right person enrolling their voice in the first place
A: Each organisation, depending on its business requirements and mandates, will have its own requirements regarding best practices on how to best enroll first-time users. Other alternatives, such as specifically issued enrollment information could be forwarded to first-time users or other checks such as telephone caller ID could be implemented by TeleClock to validate users prior to the enrollment process. Additionally, TeleClock can offer integration with reputable third party authentication technologies that further automate the initial enrollment process so as to ensure the correct person is conducting the initial enrollment.
Q: How much speech is required for enrollment and verification and how long does it take?
A: While other verification engines on the market require approximately 2 – 8 seconds of speech to capture and complete the enrollment, TeleClock only requires about 25% of that, or <0.5 seconds. The TeleClock algorithmic technology enables shorter enrollment times which in turn translates into an improved user experience thanks to its very user-friendly, simplistic enrollment process. Real-time enrollment allows users to immediately begin using voice verification to securely access TeleClock automated self-service applications. The TeleClock verification process itself only requires about ~50ms to perform a verification.
|
