kivox mobile 5.0 — securing and controlling embedded
TRANSCRIPT
WHITE PAPER
KIVOX Mobile 5.0 — Securing and Controlling Embedded Devices with Natural LanguageKIVOX Mobile 5.0, as part of the KIVOX product family, for the first time in a single Voice iD engine provides a wider set of authentication options based on the level of security required. The new 5.0 version includes a text-independent mode that complements the fixed phrase authentication option. Speaking naturally, users can now authenticate using short natural speech commands in any language. KIVOX Mobile 5.0 can be embedded locally on devices for added security and privacy or used in traditional server mode.
KIVOX Mobile Features• Patented protection against replay and spoofing attacks• Fully embedded for higher privacy protection and lower power consumption• First and only voice authentication solution considered FIDO Ready™
• Fully language independent for easier global deployments• High accuracy rates, even with short utterances and in noisy environments
Accuracy and ConvenienceAccuracy is a key security component of AGNITiO’s Voice Biometrics solutions. The new KIVOX Mobile 5.0 has a flexible range of options to balance security with convenience. Using a fixed phrase, users can achieve authentication accuracy rates over 99.9 percent, and use a tuning mechanism to meet lower false acceptance requirements. The solution also supports text-independent, free speech interaction, so users can speak naturally, in any language.
■ Fixed phrase option: The user enrolls their voice by repeating a fixed phrase three times. Authentication is performed when the user states the same phrase, achieving high levels of accuracy even with short utterances.
■ Natural speech option: Enrollment occurs while the device “listens” to the user’s voice for about 20 seconds. The user is subsequently recognized within two seconds anytime that person speaks any random phrase, command, or utterance.
Both options are available to integrators using a single SDK of KIVOX Mobile 5.0.
The new 5.0 version includes a text-independent mode that complements the fixed phrase authentication option.
““
WHITE PAPER
2 White paper | KIVOX Mobile 5.0 — Securing and Controlling Embedded Devices with Natural Language
Anti-SpoofingAll biometric modalities inherently possess the risk of spoofing attacks. In the case of voice biometrics, spoofing is a technique in which a fraudster obtains a recording of a user’s voice, then replays it into a device or in a self-service authentication system in order to gain access to a user’s information, identity, or personal assets.
AGNITiO has advanced, patented anti-spoofing voice biometrics technology that can identify 97 percent of spoofing attacks. It learns the unique characteristics of individual human voices so it can consistently identify and differentiate a speaker’s authentic voice from recordings.
Embedded vs. Server-Based SystemsAGNITiO works with solution provider partners to integrate voice authentication solutions based on both server-based and embedded requirements.
Server-based voice authentication engines that are run on-premises provide control over service and data storage. Embedded engines running locally provide users control over their biometric credentials. Many Internet Service Providers avoid storing biographical data on their servers to help prevent massive hacking attacks, so they prefer to use an embedded solution. Others want to have full control of the enrollment and matching process as well as protection of personal information. KIVOX Mobile 5.0 can run both in devices and in the cloud.
KIVOX Mobile 5.0 in embedded devices eliminates the need to communicate with servers. This enhances usability when connectivity is lacking, and reduces security risks when transferring voiceprints to store on servers.
KIVOX Mobile embedded devices also protect user privacy by maintaining credentials locally, a valuable market differentiator as the Internet of Things (IoT) market grows.
The KIVOX Mobile 5.0 engine is remarkably small and fits in available chipset platforms, making it easy to incorporate into consumer devices. The technology’s power consumption and memory requirements are limited, so users will not notice a significant decrease in device power.
The product is designed with anti-hacking protection in mind. KIVOX Mobile 5.0 architecture allows integrators to build secure solutions using TEE and Secure Elements to store templates and protect algorithms. Programmed in native code makes reverse engineering very difficult and also is able to protect the audio capture in the devices.
FIDO Ready™
As a founding member of the FIDO Alliance, AGNITiO contributed to the new FIDO specifications released in December 2014. These specifications validate the FIDO Alliance’s vision to create a more secure and private online environment by standardizing critical elements of the authentication process. The FIDO Alliance initiated the change in authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to authenticate users of online services securely.
KIVOX Mobile 5.0 in embedded devices eliminates the need to communicate with servers.
“
“
WHITE PAPER
3 White paper | KIVOX Mobile 5.0 — Securing and Controlling Embedded Devices with Natural Language
Upon the release of the FIDO specification 1.0, KIVOX Mobile was the first and only voice authentication solution considered FIDO Ready™. The technology is being implemented in multifactor solutions in the FIDO context and with other FIDO members to deliver secure and accurate options intended to replace passwords, and to embed operations that protect user privacy by avoiding transmission of personal credentials to remote servers. KIVOX Mobile 5.0 can be used in FIDO Ready™ authenticators.
Fully Language IndependentKIVOX Mobile 5.0 is completely language independent. Global deployments are therefore much easier, as the solution can be implemented in any country with no customization required on the authentication SDK.
Robust Performance with Short Utterances and in Noisy EnvironmentsThe new KIVOX Mobile architecture has been redesigned completely to achieve unprecedented accuracy even in the most challenging noisy environments. The embedded architecture allows the use of third-party noise cancellation technologies in multiple devices. Additionally, KIVOX Mobile delivers highly acceptable accuracy rates for very short utterances of one or two single words.
Use CasesThe power of voice as an authentication mechanism offers numerous use case possibilities:
Device unlock, app logins, content protection: Similar to the first fingerprint sensors embedded in commercial devices, voice is a natural means to provide user authentication. Common uses include unlocking devices, providing secure application logins, and protecting valuable content from unauthorized individuals.
Online authentication, secure banking, and mobile payments: Financial institutions require the highest security level for any IT implementation. KIVOX Mobile 5.0 fixed phrase option is used to provide the highest accuracy rate possible to protect users when transacting using voice authentication. Banking, e-wallets, and mobile payment platforms are relying more and more on biometrics. Voice is often part of a multifactor solution; it can be incorporated easily because the technology does not require installing additional hardware as do some biometric modalities.
Virtual assistants: Current virtual assistant technology is not able to identify the person speaking to the system. Security is therefore compromised since anyone can make a call and use the phone’s virtual assistant. And there is no possibility for personalized responses to requests, as the same responses are delivered by the virtual assistant regardless of who is speaking.
With KIVOX Mobile, virtual assistants become smarter, performing certain tasks only when the authorized owner makes the request.
KIVOX Mobile 5.0 is completely language independent.
“ “
© AGNITiO 2014 www.agnitio-corp.com
WHITE PAPER
With KIVOX Mobile, virtual assistants become smarter, performing certain tasks only when the authorized owner makes the request. Virtual assistants can then tailor responses based on who is speaking to the system. Mobile, healthcare, automotive, and domestic virtual assistants are a few instances where the ability to recognize specific speakers is critical.
IoT and context awareness: The new KIVOX technology enables speaker identification as part of context awareness. IoT devices extracting information from the environment can now add speaker identification to that contextual information by “listening” to who is present around the device. This new enriched context can be used to customize the user experience accordingly.
Continuous and risk-based authentication in identity management: Voice biometrics in identity management systems offer a very natural and secure way to authenticate users speaking naturally in the background. These systems can allow or restrict privileges to content and services without having to ask users periodically to authenticate.
With voice biometrics, identity management solutions can proactively automate controls without having a negative impact on normal business and IT activities. Organizations and applications are therefore assured that users have access to only what is appropriate according to their identities, similar to “bring your own device” policies provided by mobile device management solutions.
When building multifactor, risk-based authentication systems, KIVOX Mobile 5.0 offers identification management solutions multiple options for higher security or higher convenience, depending on the situation and the criticality of the transaction. One single biometric factor can be tuned for different risk situations.
More Natural, More Secure The new KIVOX Mobile 5.0 product brings to market an all-in-one solution for embedded Voice iD. We believe there are endless opportunities to leverage this new, size-optimized and yet powerful technology, which makes Voice iD more secure, more universal, and more natural to use.
The new KIVOX Mobile 5.0 product brings to market an all-in-one solution for embedded Voice iD.
“
“
KIVOX Mobile is a Software Devel-opment Kit (SDK) which enables on-device secure speaker verifica-tion. It can be easily integrated in authentication applications for smartphones and other embedded platforms.
Enrollment and matching are done locally. There is no need for network connections or voice transmissions. As a result, authenti-cation can be done anywhere.
KIVOX Mobile offers a successful detection rate of more than 99.9%, with a false acceptance rate of less than 0.1% and detects up to 97% of replay attacks. The protection is achieved as part of the verification attempt, without the need for any additional steps such as liveness detection.
To learn more about KIVOX, www.agnitio-corp.com.
Learn More