Understanding Active and Passive Voice Biometrics
Active and passive voice biometrics applications are now available on the market, but what is the difference between the two? Let’s explore.
Biometric voice recognition technologies that analyze the human voice for unique characteristics to verify identity are becoming popular in call center environments and in other settings where audio can be captured for voice matching. However, passive and active approaches to voice authentication for fraud prevention don’t work in exactly the same way, especially from a user perspective. Here’s a look at the differences.
Active Voice Biometrics Authentication
“Active” simply means that the caller or user is expected to actively participate in the verification process. Typically, this means repeating a particular phrase multiple times to set up the voiceprint in the biometrics system. Many systems use the common phrase, “My voice is my password, verify me.” as the standard phrase for all registered users. They are asked to repeat this phrase after claiming their identity on each call or interaction.
With this type of software, only the speaker’s vocal characteristics for a specific phrase are being used for identity matching. This makes active voice authentication “text dependent.” In other words, the speaker has to repeat the exact phrase they were prompted to use at enrollment.
Active voice biometrics verification combines two forms of identification:
“Who You Are” (unique vocal characteristics of a specific caller)
“What You Know” (information only the caller should know, such as their account number)
More complicated multi-factor authentication could involve setting up a unique passphrase for each user. However, this would make the entire system more complicated and add the risk of the user forgetting their unique passphrase. This complexity and risk of false negatives is one reason why active voice authentication technology usually doesn’t take this approach.
Things to Know about Active Verification
- Active authentication can be convenient for mobile account access in the same way that a fingerprint or iris scan can be used. It requires very little spoken input from the caller, and its simplicity can be an attractive feature for fully self-service applications.
- Enrolling users in an active system takes more effort for the user and may negatively impact adoption rates.
- If the system is not able to detect the difference between pre-recorded and live voices, it could be fooled by an identity thief with access to recordings of the user’s voice. This risk depends on the sophistication of the algorithms and AI used in the technology.
Passive Voice Biometrics Authentication
With passive voice verification, the user does not have to actively participate by repeating a specific phrase to set up their voiceprint. Their voiceprint (or AudioPrint™) is created based on their vocal patterns and characteristics during natural conversation. This identification method works regardless of what words the caller is saying or what language they speak.
Initial enrollment and verification on subsequent calls occurs in the background during conversation. This is what makes the system passive. Only the initial seconds of conversation are required to match the caller’s voice to their voiceprint. This type of authentication is usually (but not always) text independent. This means it will match the voice regardless of what is being said.
Things to Know about Passive Verification
- Passive authentication doesn’t require the user to speak a specific phrase. The voiceprint can be matched quickly to verify the caller’s identity.
- Sophisticated algorithms include the audio characteristics of a user’s calling device to add another layer of security to the voiceprint (this is how an Illuma Shield™ AudioPrint™ is created).
- Since passive voice authentication solutions run in the background of a natural conversation between a caller and a contact center agent, ‘Liveness Detection’ is inherently built in. This makes a passive voice authentication system nearly impossible to fool.
- Machine learning engines operate in the background on every call to further enhance and refine the user’s voiceprint. This leads to even faster authentication and reduces false negatives.
Passive & Active Voice Biometrics in the Hybrid Live/Digital Landscape
In digital-only interactions where there is limited voice input from the caller, active voice biometrics offer a more secure alternative to pins/passcodes that could be intercepted or hacked. For the best user experience, especially in live call settings where there is extended conversation between a caller and a contact center agent, passive authentication offers greater benefits.
Both types of biometric voice verification offer a high level of security compared to older authentication methods including security questions or pins and passcodes. The appropriate method depends on the use case.
Emerging Technology: Text Dependent Passive Voice Biometrics for the Chat & IVR
As interactive digital experiences such as voice chatbots continue to evolve, passive but text dependent verification becomes an option for an additional range of digital transactions. The amount of speech being used in chatbot interactions is typically small, so the opportunity to match a voiceprint for chat or IVR caller authentication is also limited.
In these use cases, matching the voiceprint to a phrase the caller will inevitably use to claim their identity is a frictionless approach to voice verification. For example, a caller will have to speak their account # for the IVR chatbot to pull up account information. Storing this unique phrase as a sample provides more points for matching for accuracy. Making the ID claim is an active piece of the authentication process, but the actual AudioPrint™ matching still happens in the background without additional user effort and without all users across the system being required to repeat a standard passphrase.
At Illuma, we specialize in passive voice biometrics for credit union call centers to deliver an exceptional member experience with state-of-the-art security. Learn more here.