Passwords are a problem. Thanks, in part, to weak passwords one in four Australians are the victims of identity theft or fraud.
There are numerous plans being developed to help you remember passwords but voice verification may be able to assist — not just with passwords — with all forms of online verification.
It’s called a “biometric password” and it uses the natural variances in the way we speak. It comes in two varieties: active and passive.
Active voice verification requires you to remember a phrase or a password and repeat it back when you want to log in. This, especially, has a lot of potential for use when signing into apps and services; because we are increasingly talking to our phones and computers anyway and the phrase itself isn’t the key. The sign-on process could even prompt you with the phrase, it’s your voice that matters.
Passive voice verification doesn’t require a specific phrase or words to be uttered. When you first use a service, let’s say on a phone call to a utility provider, it creates a “map” of your voice. The next time you call the service sits in the background and analyses your voice as you chat to the robot or operator. Instead of using your birth date or some other easily retrievable information to verify your identity, it uses your voice. The Australian Tax Office recently became the first Australian organisation to implement this kind of verification process.
Both methods analyse over one hundred characteristics of the way you speak; pauses and pacing, inflection, pitch, etc. Only you speak the way you do.
The technology to achieve biometric verification isn’t new, but it has gotten a whole lot better in the past couple years. In an interview with Business Insider, Robert Schwarz, manager director, Enterprise & Mobile ANZ at Nuance Communications, one of the companies that provide such services, noted there had been major developments in technology to filter out background noise and verify that voices aren’t recordings, while providing authentication without the need for large data transfers.
Schwarz said concerns about security and data transfers are common — if you wanted to sign into an app on your phone using your voice the verification is done on a remote service. He counters that verification is almost instantaneous and it doesn’t actually require a lot of data.
“You’ll speak into it, my voice is my password, it goes back to that server and it authenticates and it basically just lets you in,” he said.
As for security, Schwarz insists there are ways to tell if it’s a person speaking “live” or if it’s a recording. Presumably, these issues are redundant with passive verification anyway.
Just like a lot of the other mooted password fixes, it is up to developers and organisations to implement the changes. The number of patents in the biometric space is booming, but for those of us who can’t stop forgetting passwords, the change can’t come quick enough.