Text-dependent systems like passwords are familiar and generally reliable, since they can be memorized and kept secret by a select few, said Phil Shinn, chief technology officer of SpeechPro.
But people can be coerced to share that “secret” and hardware can be hacked, as well. To combat this, many financial institutions trust corporate and private banking customers with expensive hardware tokens for security and authentication. The tokens are thought to be safer than mobile phones.
Yet, even the software set up to receive and transfer passwords through a backend system via tokens can crash. According to Shinn, 15% to 20% of IT budgets are spent dealing with password issues, such as when a correct password is rejected. Because of the numerous pitfalls in text-dependent authentication, SpeechPro is developing text-independent authentication software.
“By 2020, we won’t be using passwords anymore,” Shinn said.
SpeechPro’s innovation is “bi-modal” authentication, which use of voice biometrics, which is rapidly growing in importance in mobile fintech, as well as facial recognition. Shinn demoed an onboarding process for Bank Innovation. The app opens, and the user’s face is centered on the screen a la Snapchat. Then the user is prompted to count digits zero through nine out loud; first up, then down, then randomized. During this forty-second process, the software studies the subtle movement of the user’s lips, which are as unique, Shinn argued, as one’s psychological contours.
However, if passwords are already both robust and ubiquitous, why upgrade to voice and face biometrics — that is, other than the fact that many people pick weak, hackable passwords and have a hard time remembering more robust monikers? Shinn displayed a graph, overlaying three modes of inputs on axes mapping false acceptance vs. false rejection. Text scores showed the highest percentage of false acceptance, followed by voice. But bi-modal authentication has a much lower rate of false acceptance than either, which makes it a strong choice for ensuring data security against would-be hackers.1 - Reader Likes This Post