Take one laptop with information you’d like to keep private, add new voiceprint technology and a dash of salt and you’ve secured your privacy, according to a Carnegie Mellon University team.
Raj and Manas Pathak, researchers at the school’s Language Technologies Institute (LTI), believe their voice verification technology will not only prevent impersonators from breaking into your system, but protect your voice identity in the wider world as well.
While many still use passwords to secure their computers, others have moved towards voice authentication systems. It’s built into the new Windows 8 operating system, for example, and many new smartphones.
A voiceprint is a spectrogram that picks out the acoustic qualities of speech — like a unique fingerprint for your voice. But they’re vulnerable to impersonation if someone can successfully imitate the user’s voice characteristics.
Say you’ve upload personal videos containing of you talking on YouTube, or you’re a fan of iPhone’s Siri assistant — these are just two places where your voice could be easily captured and copied, they noted.
And in a world where service providers are increasingly automating customer service, it’s not impossible to imagine that access to our insurance or bank accounts could someday soon rely on voiceprints.
That video of you and your kids on YouTube could theoretically be harvested for access to your personal health data and your bank accounts, in other words.
The researchers goal was to develop technology that can identify your voiceprint without actually hearing your voice. Ideally, this technology wouldn’t keep an encrypted voice record for comparison and verification either.
Their system converts the user’s voiceprint into alphanumeric strings to safeguard the unique voice characteristics, and deploys them as passwords, along with what researchers in this area sometimes call “salt” that provides extra security.
“Salt” in voice biometrics could be described as a random string of digits that would be specific to each smartphone.
To overcome day-to-day variations in the sound of a person’s voice, the system creates hundreds of alphanumeric strings using different mathematical functions, compares them to the registered file and authenticates the voice if enough match up.
National Science Foundation and Portugal’s Foundation for Science and Technology (FCT) funded this research, which was presented September 21 in Germany at the Information Security Conference.
According to the team, their technology is accurate 95 percent of the time.