American Banker magazine wrote an article describing a recent study Pindrop (www.pindrop.com) conducted regarding voice biometrics. The net of the study is that voices change more than one might think. Therefore, voice biometric systems
will have greater difficulty recognizing a person’s voice over time than one might think, with measurable change over two years. The study’s conclusion, therefore, is that voice should only be one factor for fraud detection, and also therefore, not surprisingly, you should use a service like Pindrop. The example highlighted is Barak Obama’s voice changing during roughly his term in office.
Regarding the fundamental research, we concur that people’s voices change over time and also that voice biometrics should never be the only factor in authentication. Neither voice, nor fingerprint, nor iris are 100% accurate, as we describe in our Voice Biometrics Tutorial. All biometric techniques should be just one part of a multi-factor solution.
However, with respect to changing voices, our real-world experience shows that the Pindrop study on the impact of the change, even to infrequent callers, does not seem material. We have customers who have been using our system for six years, and we do not see a trending up of errors. Many of our customers have short-term users who roll-off and replaced by others, but even so, across the entire population, we do not see an issue with changes in voice.
Second, there’s a straightforward way to deal with changing voices: automatically adapt the voiceprints by placing greater weight on the most recent known valid voice samples. So unless the callers are so infrequent, say only once per year or two, then adaptation should be sufficient to the potential change in voice. This eliminates the issue except for all but the most infrequent callers.
Third, a weakness in the Pindrop recommendation may be that in the future, many use cases exist that cannot nor will not have audio coming through a traditional phone network. For example, increasingly, people will use a native mobile applications to capture audio locally and submit to a voice bio system. With the advent of WebRTC, another means of audio interaction will be through a web browser. And Amazon’s Alexa and Google Home are moving the direction of becoming the equivalent of a home telephone.
All of this leads to our conclusion and recommendation: As voice becomes the most convenient means of command and control and as multiple non-telephone communication channels emerge, company should put more, not less, energy into deploying and improving voice biometrics and other new fraud detection and prevention techniques. As an example, we believe it is much smarter to deploy a randomized PIN instead of a static passphrase that most of the big banks are deploying today. And adapting to changing voices is simply one of the inherent requirements for a robust voice biometrics solution.