Donate to Science & Enterprise

S&E on Mastodon

S&E on LinkedIn

S&E on Flipboard

Please share Science & Enterprise

Protections Added to Voice Authentication Systems

Fingerprint scan (


Computer scientists at Carnegie Mellon University in Pittsburgh devised additional safeguards for voice authentication systems that produce coded identifiers from a voice print comparable to a password. Bhiksha Raj, a professor in Carnegie Mellon’s Language Technologies Institute, with Manas Pathak, a recent Ph.D. graduate, and Isabel Trancoso of INESC-ID in Lisbon, Portugal, will discuss the system on 21 September at the Information Security Conference in Passau, Germany.

Raj and Pathak created a method for converting a voice print — a spectral image with acoustical properties of a person’s voice — into alphanumeric strings that can serve as passwords. The system would enable people to use a voice authentication system, without their actual voice ever leaving their smartphone. This safeguard reduces the risk that an impersonator could obtain the person’s voice biometric data, which could subsequently be used to access the individual’s online records or accounts protected by voice authentication.

“It’s not just that your voice print might be stolen from the system and used to impersonate you elsewhere,” says Raj. “Your voice also carries a lot of information: your gender, your emotional state, your ethnicity. To preserve privacy, we need systems that can identify you without actually hearing your voice or even keeping an encrypted record of your voice.”

The new safeguards are based on the varying characteristics of a person’s voice that makes each voice signal different, even when repeating the same word or phrase. As a resulting, converting a voice print into a single password would not work. The Carnegie Mellon system instead uses different mathematical functions from the person’s voice to generate hundreds of alphanumeric strings.

To authenticate the user, the system compares all of the strings with those that the system has on file when that person first registered. If enough of the strings match, the user is authenticated. Raj and Pathak add extra security to the alphanumeric strings with an additional random string of digits unique to each smartphone.

The researchers tested the methods with standardized speech data sets and found that their system was accurate 95 percent of the time. They say the system is also computationally efficient, making it potentially applicable to most smartphones.

Read more:

*     *     *

Comments are closed.