OMNINET Plus has been serving the Washington D.C. metropolitan area since 1994, providing IT Support such as technical help-desk support, computer support, and consulting to small and medium-sized businesses.

Could Voice Authentication Join the Ranks of MFA?

Could Voice Authentication Join the Ranks of MFA?

Authentication has been a major talking point for the past few years, particularly as the value of data has only increased and security has correspondingly increased in importance. As a result, more secure and reliable means of identity verification have also become more critical. Now, voice authentication is being considered as such a means.

Let’s examine the many variables associated with voice authentication to see how much promise it actually shows.

First and Foremost, How Does Voice Authentication Work?

It may help to specify how authentication in general works, just so we can get a full appreciation of how voice authentication would function.

In any variety of authentication measures, the user provides some kind of proof of identity. If that proof matches the reference that the security system is comparing it to, the user is given access. In terms of voice authentication, the user’s voiceprint of a specific phrase would be compared to the stored copy of what that user’s voiceprint should resemble.

So, if your passphrase was “The rain in Spain falls mainly over the lazy dog,” the system would check for the correct phrase, but also check that the tones and inflections present in the user’s voice matched the patterns in that user’s voiceprint. As a result, voice authentication is typically classified under the “something you are” subset of multi-factor authentication along with retinal scans, facial recognition, or palm scans.

How Secure is Voice Authentication?

Like any other authentication measure, there are already countless stories of voice recognition being bamboozled, meaning that more work is needed to keep your solutions secured. Hackers have already been able to fool voice authentication using recorded snippets, and have hidden malicious commands in white noise to gain control over voice-activated devices.

Having said that, it is important that we also address that any form of identity authentication is inherently less secure when used exclusively, rather than as part of a multi-factor authentication strategy. Furthermore, voice authentication is now being developed with two fraud-fighting technologies built-in. The first, liveness detection, works to differentiate between a live voice and a recorded one. The second, continuous authentication, does what its name suggests and verifies the user throughout the time they are active. That way, an attacker that just switches back to themselves after using a recorded voice to log in would be caught regardless.

Best Practices Concerning Voice Authentication

We’ve referenced a few already, but here are a few essential functions that any voice-based authentication system should involve:

  • Multi-Factor Authentication: We really can’t encourage the use of MFA enough. The more proof that a user has to provide to prove their identity, the less likely it is that an unauthorized individual will have what they need to access your resources. Pairing a PIN or password/passphrase with a secondary proof, like voice authentication, makes it much harder for this kind of access to be secured. This primary form of authentication should need to be reconfirmed regularly.

  • Secure Storage: On your end, you need to keep your saved records of all authentication data extremely secure… including the biometric data. Otherwise, MFA could potentially be fooled and the whole system would topple.

  • Obtain Consent: You also need proof that your users have agreed to use biometric data as an authentication measure, for privacy and legal reasons alike.

So, would you consider implementing voice authentication as an option in your company’s protections—specifically as part of a multi-factor authentication requirement? Are you concerned about the protections you currently have in place? Give us a call, we’ll help ensure that your business is properly secured. Call 301-869-6890 today.


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, 29 November 2021
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Cloud Privacy Hackers Hosted Solutions Best Practices Backup Internet Productivity Business Business Computing IT Services Business Continuity Google Software Hardware Malware Miscellaneous Windows 10 Microsoft Innovation Computer Disaster Recovery Mobile Device Management Mobile Devices VoIP Mobile Computing IT Support Efficiency Network Security Data Windows Workplace Tips Managed Service Provider Smartphone Server Virtualization Upgrade Email Save Money communications Android Chrome Employer-Employee Relationship User Tips Small Business Office Budget Best Practice Holiday Apps Microsoft Office Outsourced IT BYOD Hacking VPN IT solutions Information Technology Network Data Management Quick Tips Managed IT Managed IT Services Telephone Systems Recovery Application Firewall Automation Lithium-ion battery Wireless Technology Communication Computers Saving Money Smartphones Operating System Gmail Tablet Business Intelligence Hard Drives Bandwidth Disaster The Internet of Things Remote Computing Social Engineering Ransomware Avoiding Downtime BDR Going Green DDoS WiFi Humor Customer Service Private Cloud Alert Unified Threat Management Administration Big Data Government Phone System Office Tips Cybercrime Browser Remote Monitoring Risk Management Network Congestion Password Gadgets Health Social Biometrics Proactive IT Hosted Solution Cost Management Spam Facebook Streaming Media Telephony Passwords Mobility Data Breach Shortcut Transportation Benefits Law Enforcement App Antivirus Marketing Managing Stress SharePoint Avoid Downtime Distributed Denial of Service Data Backup Robot IT consulting Branding Reputation SaaS Two-factor Authentication Tech Support Teamwork eWaste Data Recovery Retail Data storage Excel Business Management HaaS PowerPoint Internet Exlporer Meetings Shadow IT Remote Workers Google Drive Entertainment intranet IT service Colocation Regulations Virtual Reality IT Technicians Presentation Saving Time Uninterrupted Power Supply Computer Accessories Apple Document Management Buisness Applications Science Reliable Computing Domains hacker Customer Relationship Management Internet of Things Mouse Save Time Laptop iPhone Trending Sports User HIPAA Touchpad Search Cameras Instant Messaging Update Content Filtering Virtual Desktop Files Best Available Wearable Technology Networking Phishing Bluetooth Money Printer Running Cable Safety Maintenance Chromecast Human Resources Operating Sysytem Social Media Fax Server Printer Server User Error Emergency Administrator Education Television Bloatware Solid State Drive Cybersecurity Near Field Communication Access Storage History Analytics WIndows 7 Collaboration