Post on 05-Dec-2014
description
Case StudyPhone-based Voice Biometrics
for Remote AuthenticationStephen Elliot, Ph.D., Assoc Professor
Purdue University&
Andy Rolfe, VP of Development, Authentify Inc.
02/06/07 – ASEC-106
Objective
• Objective: — Identity verification and authentication (binding a human
to an electronic transaction) have become strategic business issues. How does a voice biometric system perform for a typical remote authentication business scenario, and what conclusions can we make about the use of such a system?
©Th
e N
ew Y
orke
r Col
lect
ion
1993
Pet
er S
tein
er fr
om c
arto
onba
nk.c
om.
All
right
s res
erve
d.
… except Authentify
Overview
• Briefly giving you an overview of:— Biometric use in security systems
— The authentication best practices used
— The test methods
— Sample data
What we are NOT covering in presentation:— Voice biometric or signal processing technology (FFT, HMM, etc.)
— Making any statement about the applicability of the technology for your situation
Enrollment – Initial Screen
User Enters Registration Info
User Inputs Phone Number
The End User’s Phone Rings
The User Answers the Phone
The Authentication Process is Initiated
# Key Liveness Test
User Informed of Recordings
Please Speak Confirmation…
User Speaks Confirmation Number
Please Speak Phone Number…
User Speaks Telephone Number
Call Completed
Call Information from User
Biometrics in Security
• Biometrics primer:— Biometrics are by their nature statistically based
— Biometrics should not be the sole authenticator
— Backup methods for those that cannot (somehow impaired)
— Still have “first time” (registration) challenge
— Quality of implementation critical
• privacy,
• legal issues
• Multi-modal UI not easy
Voice Biometrics
• Why voice?— Familiar paradigm; Very user acceptable; “business like”
— Multi-factor authentication in one session
— Real-time, undeniable contact for remote authentication
— Highly auditable
— Out of band trusted network
— Both physiological and behavioral
— Variable, dynamic samples
— No hardware deployment or training
Ease of Use & Intrusiveness (previous study)
“I very much like the idea of voice identification. This process surpasses any other method of protecting my identity and SSN that I have seen. BRAVO!!
JoAnn W., Financial Advisory Firm
0.00%
10.00%
20.00%
30.00%
40.00%
50.00%
60.00%
70.00%
Not at allIntrusive
4 3 2 VeryIntrusive
0.00%
20.00%
40.00%
60.00%
80.00%
100.00%
Very Difficult Difficult Neutral Easy Very Easy
Security Best Practices
• Policies define process requirements— Policy will (should) reflect risk profile
— Policy must account for risk for each factor of authentication
— Policy will define which factors will (should) be used & when
• Collect and use as many factors as possible— Allows layering and substitution of factors depending on risks
• Fraudster may know everything about you, but does not mean they can answer your telephone
Purdue Study
• Why study?— No live system studies available
— Implementation specific
— Excellent resource nearby (Purdue University Biometrics Lab)
— Baseline for future studies
• biometric aging,
• technology changes,
• etc.
Biometric Comparisons
International Biometric Product Testing Initiative (May – Dec 2000) by National Physical Laboratory, England [ sponsored by the Communications Electronics Security Group (CESG) ]
System used for Study
• This biometric study utilized a commercially available, remote, service oriented security system.
• This system is actively being used by many corporations for mainly Internet commerce and financial applications at a rate of approximately 1.5M transactions per month.
• The test application was run using this active service environment to best test "real life" performance of the technology.
• Test system implementation:— SOA
— 2 step application• Registration• Verification
— Purdue University lab environment
Service Architecture
PBX
Users’ Web Session
WebServers Applet
Internet
Public Switched Telephone Network 555-333-2399( PSTN )
https XML
AuthentifyService Ctr.
Engage the user, their computer and their telephone in asynchronized exchange for a strong out-of-band authentication…
Bind theWeb sessionthe computer,the phone and the Person
CorporateWeb Site
EndUser
Roles & Responsibilities
• Authentify responsibilities:— Design and implementation of enrollment & verification voice applications
— Operation of the commercial service center in Chicago
• Joint responsibilities— Development of the test plan
— Data collection and reporting
— Data analysis and reports
• Purdue biometric lab responsibilities:— Recruitment and instruction of test subjects
— Acquisition, operation and maintenance of equipment used by test subjects
— Provide assistance to ensure proper testing procedures
• The Biometrics Lab at Purdue is designed for research, teaching, and testing
• Testing evaluation was approved by the Institutional Review Board at Purdue University
• This research is typical of the lab’s partnership with company’s focusing on “applied research”
• The lab is part of CERIAS
Biometrics Lab
Test Protocol
• Data was collected at the Purdue University Biometrics Standards, Performance, and Assurance Laboratory, in West Lafayette, Indiana.
• The experimental area consisted of a room with minimal ambient noise. — Noise that was present was predominantly voices of other people, as
the room was utilized for other purposes during the experiment.
— Since more than one individual could do the study at the same time and other individuals could be talking, noise conditions were collected during the study.
Phones & Network Providers
• The land-based phone was a Vodavi Starplus single line telephone. — Land line provided by the university
• The Vonage VoIP system utilized a Linksys phone adapter and Uniden 900 MHz cordless phone. — Network utilized was provided by the
university
— Network Speed 8,600 Kb/s upload / 86,000 Kb/s download
• The Skype VoIP system used a Linksys CIT200 Skype phone
• Cell phone services used:— T-Mobile
— Virgin Mobile
— Boost Mobile
— Tracphone
— Simple Freedom Wireless
Data Capture
• The biometric system consisted of:— Test subject web site where the sessions are initiated and the survey
results are captured
— Data capture enhancements to session processing
— Post processing of voice samples for more thorough test matrix coverage
• Used combined speech recognition and speaker verification
• Used text prompted verification method (dynamic version of text dependent verification)
• Did not use adaptation; did not test identification
Test Data
• Tests were automated to enable repeatable measurement of enrollment and verification rates, and to capture the following data:— Subject Identifier
— Trial Code (predetermined)
— Telephone Number
— Telephony Type (Landline, mobile, VoIP)
— Telephone Manufacturer & Model
— Telephone Location (address)
— Signal Strength (mobile phone only)
— Background Noise (Low | Med | High)
— Background Noise Type (Music | Speech | Noise)
— Subject’s Voice Health (Normal | Hoarse | Very Hoarse)
Data Analysis
• Data collection occurred in a indoor office environment— Conversational background noise
• The test sessions captured all data utilized, so no preexisting sample data was used.
• Enrollment templates and verification samples were compared bothin real-time and off-line after all test data had been collected.
• The combination of real-time sample capture and off-line comparison helps generate a wider range of performance data.
Authentify-Purdue Study ResultsSame Channel Performance -- Landline Verification vs. Landline Voiceprint
2.93% 3.61%
9.00%
1.47% 0.49% 0.49%0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
30.00%
35.00%
40.00%
45.00%
50.00%
Low Med High
Security Level
Erro
r Rat
e
False Accept
False Reject
Land v Land
Authentify-Purdue Study ResultsSame Channel Performance -- Cell Verification vs Cell Voiceprint
3.26%
1.08%
12.87%
1.63%
2.63%
1.90%0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
30.00%
35.00%
40.00%
45.00%
50.00%
Low Med High
Security Level
Erro
r Rat
e
False Accept
False Reject
Cell v Cell
Authentify-Purdue Study ResultsCross Channel Performance -- Cell Verification vs. Landline Voiceprint
0.00% 0.00% 0.00%
11.90% 11.94%
37.43%
0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
30.00%
35.00%
40.00%
45.00%
50.00%
Low Med High
Security Level
Erro
r Rat
e
False Accept
False Reject
Cell v Land
Authentify-Purdue Study ResultsBatch: Landline Verification vs. Landline Voiceprint
7.10%
2.73%
1.64% 0.12%0.71%
3.05%
0.00%
5.00%
10.00%
15.00%
20.00%
25.00%
30.00%
35.00%
40.00%
45.00%
50.00%
Med-High High Very-High
Security Level
Erro
r Rat
e
False Reject
False Accept
Conclusions
• Dynamic sampling is an effective method of supporting multi-factor authentication in a single interaction
• Single voice biometric template capture OK for low to medium risk applications when layered
• Best to use phone number or channel specific templates for medium to high risk applications
• Use known phone number for verification to spawn new enrollment session on secondary device (e.g. use existing landline print toenroll on your new cell phone)
Conclusions
• We have got more work to do:— Qualify batch analysis procedures
— Cell phone connection quality; how to compensate?
— VoIP is worst. Why?
— How much do behavioral characteristics play a role? Do subject utterances change when they “know” they are acting as imposter?
— How well do biometric templates age? Use of adaptation?
— Can we leverage multiple verification engines to obtain a betterresult?
— What role do accents play? Do they only affect reco’, or biometric performance too?
Contact Information
Andrew Rolfe
V.P. of Development & Operations
Phone: 773-243-0339
Email: andy.rolfe@authentify.com
Authentify, Inc.
8745 W. Higgins Road, Suite 240
Chicago, Illinois, 60631
www.authentify.com
Stephen Elliott, Ph.D.
Associate Professor & Director of Biometric Standards, Performance, and Assurance Laboratory
Phone: 765-494-1088
Email: elliott@purdue.edu
Purdue University
401 N. Grant Street
West Lafayette, IN, 47906
www.biotown.purdue.edu
Questions?
Authentify: Booth 803