MOBILE VOICE BIOMETRICS MEETING THE NEEDS FOR CONVENIENT USER AUTHENTICATION. A Goode Intelligence white paper sponsored by AGNITiO



Similar documents
NEXT GENERATION AUTHENTICATION FOR THE MOBILE READY ENTERPRISE

TWO-FACTOR AUTHENTICATION GOES MOBILE

Improving Online Security with Strong, Personalized User Authentication

How Secure is Authentication?

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS

Moving Beyond Passwords: Consumer Attitudes on Online Authentication A Study of US, UK and German Consumers

HARDENED MULTI-FACTOR AUTHENTICATION INCREASES ENTERPRISE PC SECURITY

STRONGER AUTHENTICATION for CA SiteMinder

Scalable Authentication

FIDO Modern Authentication Rolf Lindemann, Nok Nok Labs

Opinion and recommendations on challenges raised by biometric developments

TECHNICAL WHITE PAPER NOK NOK LABS MULTIFACTOR AUTHENTICATION. Any device. Any application. Any authenticator.

S E P T E M B E R

Software Token Security & Provisioning: Innovation Galore!

ImageWare Systems, Inc.

Authentication Solutions Through Keystroke Dynamics

Accelerate your sales with SuiteBox

Proposal Document TitleDocument Version 1.0 TitleDocument

NFC & Biometrics. Christophe Rosenberger

Mobile App Containers: Product Or Feature?

Securing the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility

DigitalPersona Pro Enterprise

Voice biometrics. Advait Deshpande Nuance Communications, Inc. All rights reserved. Page 1

expanding web single sign-on to cloud and mobile environments agility made possible

Electronic Prescribing of Controlled Substances: Establishing a Secure, Auditable Chain of Trust

Biometrics is the use of physiological and/or behavioral characteristics to recognize or verify the identity of individuals through automated means.

Multi-Factor Authentication Job Aide

McAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync

MOBILITY. Transforming the mobile device from a security liability into a business asset. pingidentity.com

solutions Biometrics integration

Google Identity Services for work

Biometric For Authentication, Do we need it? Christophe Rosenberger GREYC Research Lab - France

A CIO s Guide To Mobility Management

IDENTITY SOLUTIONS FOR A BETTER WORLD

Entrust IdentityGuard

An Overview of Samsung KNOX Active Directory and Group Policy Features

WHITE PAPER Usher Mobile Identity Platform

The Convergence of IT Security and Physical Access Control

IDENTITY-AS-A-SERVICE IN A MOBILE WORLD. Cloud Management of Multi-Modal Biometrics

WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES

Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access

Device-Centric Authentication and WebCrypto

Strong Authentication for Secure VPN Access

Physical Security: A Biometric Approach Preeti, Rajni M.Tech (Network Security),BPSMV preetytushir@gmail.com, ratri451@gmail.com

Case Study: SSO for All: SSOCircle Makes Single Sign-On Available to Everyone

Mobilizing Your CRM. Whitepaper. August Exploring the Benefits and Considerations. Copyright CWR Mobility B.V.

Research Information Security Guideline

Security in an Increasingly Threatened World. SMS: A better way of doing Two Factor Authentication (2FA)

WHITE PAPER. Let s do BI (Biometric Identification)

Guide to Evaluating Multi-Factor Authentication Solutions

Key Trends in Enterprise Mobility. Shaun Collins

AWS Account Management Guidance

The PortalGuard All-In-One Authentication Solution-set: A Comparison Guide of Two-Factor Capabilities vs. the Competition

How Secure is Authentication?

IDENTITY MANAGEMENT. February The Government of the Hong Kong Special Administrative Region

How To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (

Hard vs. Soft Tokens Making the Right Choice for Security

Voice Authentication On-Demand: Your Voice as Your Key

CSS CORP SMART MOBILITY SERVICES

ANALYTICS WHITE PAPER. MicroStrategy Analytics: Delivering Secure Enterprise Analytics

Progressive Authentication on Mobile Devices. They are typically restricted to a single security signal in the form of a PIN, password, or unlock

AUTHENTIFIERS. Authentify Authentication Factors for Constructing Flexible Multi-Factor Authentication Processes

SECURITY SYSTEM WITH AUTHENTICATION CODE AND ADAPTIVE PHOTO LOG

The Internet of Things (IoT) Opportunities and Risks

May For other information please contact:

Guide to building a secure and trusted BYOID environment

"Secure insight, anytime, anywhere."

Mobile Identity: Improved Cybersecurity, Easier to Use and Manage than Passwords. Mika Devonshire Associate Product Manager

Authentication Strategy: Balancing Security and Convenience

One-Time Password Contingency Access Process

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

Protect Your Customers and Brands with Multichannel Two-Factor Authentication

The Convergence of IT Security and Physical Access Control

interactive product brochure :: Nina: The Virtual Assistant for Mobile Customer Service Apps

Create Mobile, Compelling Dashboards with Trusted Business Warehouse Data

HOTPin Integration Guide: DirectAccess

SIGNificant e-signing for the ipad and Android

Guide for Setting Up Your Multi-Factor Authentication Account and Using Multi-Factor Authentication. Mobile App Activation

Beyond passwords: Protect the mobile enterprise with smarter security solutions

White Pages Managed Service Solution Rapid Global Directory Implementation. White Paper

Automatic Speaker Verification (ASV) System Can Slash Helpdesk Costs

Agenda. Announcement: Verint Acquires Victrio Victrio Solutions Client Results in Deployment Critical Success Factors Verint + Victrio Synergy

Considerations for Wearables in Enterprise

Solution Brief Efficient ecommerce Fraud Management for Acquirers

PULSE SECURE FOR GOOGLE ANDROID

ZENworks Mobile Management 3.0.x Deployment Quick Start

Securing Corporate on Personal Mobile Devices

API-Security Gateway Dirk Krafzig

What is Driving Rapid Growth in the Australian Mobile Advertising Market?

White Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services. Table of Contents. 1. Two Factor and CJIS

SURVEILLANCE ENHANCED FACE RECOGNITION

Copyright FIDO Alliance All Rights Reserved.

A strategic approach to fraud

Multi-Factor Authentication for first time users

SEC100 Secure Authentication and Data Transfer with SAP Single Sign-On. Public

EXECUTIVE VIEW MYDIGIPASS.COM. KuppingerCole Report. by Alexei Balaganski August by Alexei Balaganski

Dell One Identity Cloud Access Manager How to Develop OpenID Connect Apps

HIGH-SECURITY MOBILITY MANAGEMENT FROM BLACKBERRY

When enterprise mobility strategies are discussed, security is usually one of the first topics

Transcription:

MOBILE VOICE BIOMETRICS MEETING THE NEEDS FOR CONVENIENT USER AUTHENTICATION A Goode Intelligence white paper sponsored by AGNITiO

First Edition September 2014 Goode Intelligence All Rights Reserved Sponsored by AGNITiO Published by: Goode Intelligence www.goodeintelligence.com info@goodeintelligence.com Whilst information, advice or comment is believed to be correct at time of publication, the publisher cannot accept any responsibility for its completeness or accuracy. Accordingly, the publisher, author, or distributor shall not be liable to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by what is contained in or left out of this publication. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electrical, mechanical, photocopying and recording without the written permission of Goode Intelligence.

CONTENTS Mobile Biometric Authentication Services Provide Convenient User Authentication... 2 Voice Biometrics A Natural Fit For Mobile & Wearable Authentication... 3 Introduction... 3 Advantages of Voice Biometrics... 4 Mobile Voice Biometrics Showcase AGNITiO KIVOX Mobile... 5 Introduction... 5 Biometric Voiceprint... 5 Key Benefits... 6 Anti-Spoofing... 6 AGNITiO KIVOX Mobile Summary... 7 About Goode Intelligence... 8 Goode Intelligence 2014 www.goodeintelligence.com

We are at a stage in technology development when the password is no longer convenient or secure enough to meet the needs of online authentication. A new breed of standards-based authentication solutions are being brought to market that meet the needs to identify people across a wide range of electronic devices for business and personal digital services. This white paper from research and consultancy company Goode Intelligence (GI) explores mobile voice biometric authentication services. MOBILE BIOMETRIC AUTHENTICATION SERVICES PROVIDE CONVENIENT USER AUTHENTICATION There are currently a number of inter-connected drivers that have created an environment where biometrics can be easily integrated into smart mobile devices (SMDs) and can provide a reliable and convenient alternative to existing authentication technologies in particular the replacement of passwords. These drivers include improved biometric performance, sensor design, integration of biometrics into strong authentication platforms (two-factor (2FA) and multi-factor authentication (MFA) services), the development of enabling authentication standards and protocols (includes the work of the FIDO Alliance) and the realisation that we desperately need a better, more agile, way to authenticate millions of users accessing digital services on a wide range of connected devices including mobile and wearable. Biometrics on mobile devices has moved from a curiosity to become a must-have for high-end smartphones During 2013 and 2014, both Apple and Samsung have launched flagship mobile devices that intelligently allow users to authenticate using a biometric; not just to unlock the device but to authorise payments, allow account authentication, protect passwords, support single-sign-on (SSO) and to unlock secure enterprise containers. That s a game changer and we are just at the beginning of this revolution in authentication provision. Goode Intelligence White Paper GI s white papers offer analyst insight from research extracted from primary sources including surveys, analyst reports, interviews and conferences. GI Definitions MBAS: Mobile Biometric Authentication Services. The use of biometrics on mobile devices for authentication purposes. SMD: Smart Mobile Device. A term coined by Goode Intelligence to denote a connected mobile device running a mobile Operating System. This includes Smartphones, Phablets and Tablets. 2FA: Two-factor Authentication. Something the user knows and something they own or have access to. MFA: Multi-factor Authentication. Requires a user to provide more than one form of identifying factor for identity verification and authentication purposes. Goode Intelligence 2014 P a g e 2 www.goodeintelligence.com

We are very much at the beginning of another transformational aspect of authentication; the use of wearable technology for authentication purposes, in particular leveraging the next wave of biometric technology to create seamless, continuous, authentication. What will be truly transformational about the use of biometrics on wearable devices is the birth of the universal authenticator a device that intuitively knows who we are, where we are, what we want to do and can open doors physical and virtual. There are a number of biometric modalities that are currently being used on mobile devices. Some of these; fingerprint and iris recognition for instance, require specific hardware to operate, whilst some, voice and facial, can be supported on standard devices without modification. One of the biometric modalities that is being successfully deployed to mobile devices is voice. VOICE BIOMETRICS A NATURAL FIT FOR MOBILE & WEARABLE AUTHENTICATION Introduction Voice biometrics is a natural fit for mobile phones as we speak into them and users are getting more comfortable with using voice recognition solutions such as Siri and Google Android Voice control. By 2018 there will be 572 million people using voice biometric authentication on their mobile devices 1 The FIDO Alliance: An organization that has developed authentication standards and specifications to improve online authentication for both mobile and desktop computing experiences. Wearable Technology: Refers to smart computing that is worn by its user and includes smart glass, bands, watches and clothes. Biometric Modalities: Refers to the type of biometric being used. Modalities include voice, fingerprint and iris etc. Using voice for biometrics authentication is a natural extension to these recognition solutions and is following on from the success of fingerprint biometrics being integrated into flagship smartphones. There are a number of voice biometric technologies that are suitable for mobile and wearable device. These include matching a voice to a template stored on the device (local) using software voice biometric services and matching the template stored in the cloud. In terms of the choice of what model a service provider will deploy is very much dependent on security and policy models. 1 Mobile & Wearable Biometric Authentication Market Analysis and Forecasts 2014-2019; Goode Intelligence, June 2014. Goode Intelligence 2014 P a g e 3 www.goodeintelligence.com

Voice is also suited as a biometric authentication solution across a wide range of devices including mobile phones, tablets, wearable devices, PCs, gaming systems (handheld and console), smart TVs, fixed line telephones and even automobiles. It offers device OEMs and System Integrators (SIs) a costeffective and flexible choice when compared to other biometric modalities that may be hindered by hardware integration effort. Advantages of Voice Biometrics Voice biometrics has a number of distinct advantages as a method for user authentication. It is a biometric authentication method that is considered to be the most preferred technology when compared with other biometric methods. 2 The advantages of voice biometrics for user authentication on mobile and wearable devices were included in a report published by Goode Intelligence 3 and these are summarised in figure 1 below. Preferred Biometric Methods Voice US 83% UK 85% Germany 91 % Source: The Ponemon Institute Figure 1: Advantages of Voice Biometrics for User Authentication 2 Moving Beyond Passwords. Consumer Attitudes On Online Authentication. A Study of US, UK and German Consumers. Published by The Ponemon Institute and sponsored by Nok Nok Labs. 3 Mobile & Wearable Biometric Authentication Market Analysis and Forecasts 2014-2019; Goode Intelligence, June 2014. Goode Intelligence 2014 P a g e 4 www.goodeintelligence.com

MOBILE VOICE BIOMETRICS SHOWCASE AGNITIO KIVOX MOBILE Introduction An established voice biometric specialist that has invested in the development of a mobile voice biometric authentication solution is AGNITiO. AGNITiO s KIVOX Mobile is part of the KIVOX family of products. It enables highly secure on-device speaker verification for applications on smartphones and other mobile devices. As the technology is on-device it does not rely on a network connection or cloud service to operate. If a user wants to unlock a phone or access protected files where there is no network coverage, for example while on an airplane, then they can do so. AGNITiO has a proven track record in voice biometrics, and KIVOX Mobile utilizes the same proprietary technology that their customers in law enforcement, military and intelligence industries are using. Biometric Voiceprint A Biometric Voiceprint (BVP) is created by a user either by using a pre-defined passphrase or by choosing their own. To start using KIVOX Mobile a user is required to follow three simple steps: 1. Teach the phone to recognize the user s voice by speaking into the standard microphone. 2. Authorize any app integrated with KIVOX Mobile to use the voiceprint. 3. Unlock, log-in, authenticate, and pay to conduct multiple transactions by using voice. Goode Intelligence 2014 P a g e 5 www.goodeintelligence.com

KIVOX Mobile offers a successful detection rate of more than 99.5 percent, with a false acceptance rate of less than 0.1 percent Key Benefits The key benefits of AGNITiO s KIVOX Mobile include the ability to verify a user ondevice without the need for internet connection. There are many other benefits for choosing KIVOK Mobile and these are summarised in Figure 2 below. Figure 2: Key Benefits of AGNITiO KIVOX Mobile KEY BENEFITS Two-Factor secure authentication: Device + Voiceprint Verify who is using the mobile phone at any time without needing a network connection Works in any language Passphrase can be different for each user No need for additional hardware (sensor, card reader, etc.) User friendly experience Proprietary patented anti-spoofing protection KIVOX Mobile is FIDO Ready Certified (Universal Authentication Framework UAF) Source: Agnitio If biometrics technology is to be used on mass consumer applications, it needs to be accurate and secure. There have been examples of mobile biometric technologies being successfully spoofed (fooled or bypassed), and KIVOX Mobile has a number of anti-spoofing features (summarised in the following section) that prevent an attacker from fooling the technology into believing that an imposter is actually the authorised user of a device or application. Anti-Spoofing Spoofing attacks against voice biometric technology include the replay attack, where a fraudster plays a recording of the user s voice in order to access the device or the applications that is protected by voice biometrics. Another spoofing example is the Goode Intelligence 2014 P a g e 6 www.goodeintelligence.com

cut-and-paste attack where a fraudster builds a pre-defined sentence with words extracted from longer recordings of the legitimate user s voice. AGNITiO s proprietary patented 4 anti-spoofing technology in KIVOX Mobile is designed to protect against spoofing and detects 97% of known replay attacks, as well as many other spoofing attacks such as cut-and-paste. The anti-spoofing protection is achieved as part of the verification process without the need for any additional steps such as liveness detection. AGNITiO KIVOX Mobile Summary KIVOX Mobile from AGNITiO is a biometrics product that allows users to unlock a device or authenticate into an application through a very natural medium the user s voice. It is accurate and secure and is in tune with the needs to conveniently authenticate people into mobile devices and applications. SUMMARY AND CONCLUSIONS A number of inter-connected drivers have created an environment where biometrics can be easily integrated into mobile devices that can provide a reliable and convenient alternative to existing authentication technologies in particular the replacement of passwords. The use of biometrics on mobile devices has moved from a curiosity to become a must-have for high-end smartphones, and Goode Intelligence believes that this trend will accelerate throughout 2014 and 2015 to result in the majority of newly shipped mobile devices supporting biometric authentication. Mobile Biometric Authentication Services are being aided by global authentication standards such as those created by members of the FIDO Alliance. Voice biometrics is a modality that is well suited to mobile devices, and Goode Intelligence forecasts that by 2018 there will be 572 million users of mobile voice biometrics 5. AGNITiO is a voice biometrics specialist that through its KIVOX Mobile product has a solution that is ready to meet the authentication challenges for mobile users wanting a secure and convenient method to unlock mobile devices and authenticate into applications. 4 AGNITiO s proprietary anti-spoofing technology is backed by four patents. 5 Mobile & Wearable Biometric Authentication Market Analysis and Forecasts 2014-2019; Goode Intelligence, June 2014. Goode Intelligence 2014 P a g e 7 www.goodeintelligence.com

ABOUT GOODE INTELLIGENCE Since being founded by Alan Goode in 2007, Goode Intelligence has built up a strong reputation for providing quality research and consultancy services in information security including: Mobile Security Authentication and Identity Biometrics Internet of Things Security For more information on this or any other research please visit www.goodeintelligence.com. This document is the copyright of Goode Intelligence and may not be reproduced, distributed, archived, or transmitted in any form or by any means without prior written consent by Goode Intelligence. Goode Intelligence 2014 P a g e 8 www.goodeintelligence.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information