You may already be familiar with the recent Alexa dollhouse shopping spree. A morning TV show covering the story of a six-year-old girl in Texas who accidentally ordered a dollhouse and four pounds of cookies through her parents’ Amazon Echo device also caused multiple Echo devices wake up and place the same order. There are currently two solutions to prevent this from happening; you can either disable voice purchasing altogether or alternatively set up a confirmation code that can be verbally input to the echo device to complete a purchase. Neither of these workarounds is 100% satisfactory. One method removes a pretty useful feature from the Echo device while the other has security issues especially if someone overhears you speaking the confirmation code. What the Amazon Echo and other emerging voice recognition services such as chatbots really need is voice biometric authentication.
For many consumers the Amazon Echo device is their first serious engagement with artificial intelligence and voice recognition. Yes Siri has been available on iPhones for years but the services accessed by Siri have been so limited it was little more than a gimmick. In contrast the voice services currently offered by Alexa are simple and quick to invoke with a voice command rather than having to reach for a mobile device or an app and include the ability to verbally select a radio station or music track, get a weather forecast or set an alarm or reminder. Yet while useful the services currently offered on Alexa are pretty basic compared to the more complex purchasing, banking and social media activities we regularly use our mobile devices for.
To move beyond these lightweight services to the delivery of more complex services via smart speakers or chatbots authentication will be required as it is today when doing mobile banking or purchases via a mobile app. Asking users to manually enter a password, use a finger print or visit an app to authenticate a purchase defeats the purpose of a hands free device. Instead voice biometrics will be the key feature that ensures services provided by smart speakers, chatbots and ultimately the IoT can be authenticated and remain friction free.
Voice biometrics isn’t without its own security issues. You only have one voice signature yet you can have multiple passwords. If your voice signature is compromised or hacked you have a problem. Active voice biometrics addresses this security issue by combining voice authentication with a pre-recorded phrase which acts as an additional layer of security. In the same way that banks and credit card companies currently flag up unusual credit card activity a further layer of frictionless security can be provided by analysing the context of the voice commend for example where and when the voice command was made.
Billions of IoT devices doesn’t mean billions of new screens, mobile apps and visual user interfaces all competing for our attention. Most of the services delivered by the IoT will be invisible initiated by a voice commands and only prompting a user when a decision is required. Voice will be the primary user interface for the IoT. In order to move beyond the lightweight IoT and voice services we have today to the delivery of more complex IoT and voice initiated processes voice authentication is a key capability. Pretty soon a voice signature will be as much part of your bank account security as your home address and pin number are today.