This Small Business Technology Transfer (STTR) Phase II project focuses on the research and development of a novel voice authentication security system which combines speech verification with speaker verification. As a basis for authentication, the proposed system generates a one-time pass-phrase which users are challenged to respond to immediately. Following the challenge, the dual verification engine verifies that the response is the required pass-phrase and that it is associated with the person articulating the pass-phrase. The proposed system addresses the vulnerabilities of previous voice authentication systems associated with 'ear shot' surfing, eavesdropping and theft. The proposal offers a solution for identity theft threats where personal information cannot be said aloud and further addresses password systems limitations. The proposed project will develop and construct a system which expands the voice capabilities to include a wider selection of users, channels and types of speech. The system will expand pass-phrase generation to support large customers and its passphrase 'topic selection' privacy feature. Additionally, the system will automatically enroll users over multiple calls overcoming previous limitations due to inadequate speech across channels.
The outcomes of the proposed project include secure authentication through speech via the widely growing number of speech recognition applications, voice channels and converged platforms. As more individuals use their voice on a variety of devices and networks such as VoIP or cellular, real-time, speech applications will benefit from the proposed method. The proposed speech security system method may also be the choice for those with visual or other applicable handicaps. Because of the continuous rise of security breaches and related identity theft, the outcomes of this project should significantly impact society by providing a robust security option for speech-enabled user interfaces.
STTR Dynamic Pass phrase Voice Security System (DPSS) The Small Business Technology Transfer project conducted research and development of a novel voice biometric authentication security system which is highly resistant to even the most sophisticated spoofing attacks. As a basis for authentication, the Dynamic Pass phrase Voice Security System (DPSS) generates a one-time pass-phrase which users are challenged to repeat. The dual verification engine which uniquely combines speech verification with speaker verification verifies that the user’s voice response is the required pass-phrase and belongs to the claimed user. DPSS addresses the vulnerabilities of previous voice authentication systems associated with ‘ear shot’ surfing, eavesdropping and theft of raw or processed voice biometric data. The system is a solution for identity theft threats whereby personal information is not said aloud and further addresses password systems limitations. DPSS research and development performed under the grant incorporated a variety of users, channels and types of speech and found that the system performed with good accuracy meeting the requirements of modern multi-factor authentication solutions. DPSS’s one-time pass-phrase is able to generate an endless number of pass phrases on-the-fly ensuring robust protection against spoofing attacks whereby hackers attempt to playback recorded audio to fool a voice security system. The rapidly emerging internet and smart phone multi-modal computing environment is especially prone to automated spoofing attacks given the large amount of personal data publically available on the internet. In addition to its powerful security capabilities, the system takes advantage of speech as a natural interface, generating easy to say pass phrases to be repeated by the user which are convenient and facilitate a hands free interface. DPSS incorporates a number of management techniques that improve control and privacy. One such method is the use of a ‘topic selection’ whereby pass phrases are generated from a topic area such as ‘sports’ or ‘numbers’. The impacts of the proposed activity include secure authentication through speech via the widely growing number of speech recognition applications, voice channels and unified communications platforms. As more individuals use their voice on a variety of devices and networks, real-time, speech enabled applications will benefit from the proposed method. The proposed speech security method may also be the choice for those with visual or other applicable handicaps. Society is concerned with the continuous rise of security breaches and related identity theft. The system offers an important multi-factor authentication option to this problem with the possibility of positively impacting individuals and organizations that lose millions of dollars to fraud annually. The combination of security and authentication technologies in new and unique ways enhances our understanding of how a dynamic biometric, such as speaker verification, can be used to advance the technology as never before used. The research and development effort emphasizes the collaboration of industry and university and broadens the participation of underrepresented groups though a woman owned and operated business.
