Home Companies Industry Politics Money Opinion LoungeMultimedia Science Education Sports TechnologyConsumerSpecialsMint on Sunday

Tricking it could be easier said than done

Tricking it could be easier said than done
Comment E-mail Print Share
First Published: Tue, Jul 29 2008. 10 45 PM IST

LatticeBridge     Infotech’s Mohan Ram
LatticeBridge Infotech’s Mohan Ram
Updated: Tue, Jul 29 2008. 10 45 PM IST
New Delhi: Note to fraudsters attempting identity theft on a new voice biometric system: Just don’t bother.
LatticeBridge Infotech’s Mohan Ram
The idea of using a person’s voice to authenticate identity may not convince the sceptics, at least in the beginning. Surely, fooling the system must be as easy as clearing your throat, and putting on a convincing falsetto or baritone? Or, doing what the mimics do?
No, says C. Mohan Ram, managing director of LatticeBridge Infotech Pvt. Ltd, a Chennai-based start-up. Voice is extremely tricky to imitate, especially if you separate form from content and analyse not just what people are saying, but how they’re saying it.
That’s exactly what Mohan Ram’s firm is basing its voice-based security solution on, improved from a system developed by US-based Nuance Communications Inc.
“The system analyses a number of attributes associated with your voice,” says Mohan Ram, whose firm’s sales grew to almost Rs10 core in fiscal 2008 from Rs2.2 crore in 2005-06. “Voice gives you two-factor authentication, making it nearly impossible to break.”
Most biometric identification systems, such as fingerprints and retina scans, only have single-factor authentication, that is, they can only tell who you are. Voice has the added advantage of simultaneously testing you for something only you would know—in this case, your password that could vary from something mundane, such as your date of birth, to the bizarre, such as your rendition of a Bollywood song, or even a phrase in Hinglish.
This so-called two-factor authentication, combined with the mobile phone, makes for a cheap identification system for uses in banking applications for online purchases compared with the more expensive methods such as entering alphanumeric passwords, or using equipment such as fingerprint scanners.
“The price of the core technology has gone down, and software standards have opened up options for the consumer,” says Madhusudan Gupta, a senior research analyst at Gartner Inc., an information technology research firm.
But there is one possible limitation, says Ramakrishnan Sundaram, managing director of Mpower Mobile Inc., a mobile banking solutions provider.
“In a large-scale deployment, most voice biometric systems may require separating identification from authentication,” he says. “Someone calling in may still need to type or speak out, say, their account number first before proceeding to voice authentication.”
At banks and financial services firms, which process a large number of calls and need impenetrable, yet unobtrusive security, voice biometrics has found takers worldwide. Dutch lender ABN?Amro?Bank?NV?(that was acquired by the consortium of Fortis, RBS and Santander), uses voice biometrics for nearly four million customers, who make 35 million calls a year.
Bank of America, the largest commercial bank in the US by deposits, has rolled out a similar system. “Bank of America handles nearly one million calls a day,” says Ram. “They have a 0% false acceptance rate, and a 4-5% false rejection rate.”
A false acceptance occurs when an unauthorized person is erroneously allowed access, and a false rejection when an authorized person is not allowed access.
Indian banks, however, are cautious. “There are still a number of concerns that local banks have,” says Ram, whose company is backed by Ventureast-Tenet Fund, a venture capital fund associated with the Indian Institute of Technology, Madras that funds technology ventures, and the SIDBI Venture Capital Ltd.
Often, bank accounts in India are operated by proxies—relatives or friends—and voice authentication makes that difficult.
Also, selling the concept can be tough. A leading Indian bank, Ram recalls, conducted a severe stress test attempting to break the authentication through line tapping, playing back a recorded password and using random callers. When the system refused to give way, it even called in a professional mimicry artist. False acceptance remained at zero.
LatticeBridge’s clients include phone firms such as Bharat Sanchar Nigam Ltd that uses voice recognition for its value-added services platform, and oil firms such as Indian Oil Corp. Ltd, which has deployed a centralized gas booking system using voice recognition technology.
The company’s specialization is in a narrow branch of voice recognition  that is different from those forms that “train” a system to recognize a customer’s voice.
“What we’re looking at is network and telephony speech— where you have millions of callers using billions of words in trillions of manners,” says Ram.
Technical challenges for voice recognition systems include ambient noise, slurred speech and poor signal quality that may drive up error rates and could be a cause of concern for potential customers.
A voice recognition system, properly implemented, says Ram, can cut the average duration of a phone interaction by more than half. “In a system handling 100,000 calls a day,” he says, “you could save millions of seconds a day and, on a list price, we’ve estimated that the payback period for this technology is around four months.”
Comment E-mail Print Share
First Published: Tue, Jul 29 2008. 10 45 PM IST