Some of the world's largest and most sophisticated financial services firms rely on Nuance's Voice BiometricsVoice Biometrics uses the unique properties of a speakers voice to confirm their identity (authentication) or identify them from a group of known speakers (identification). solutions (Gatekeeper and SecuritySecurity is one of three key measures of Call Centre Security process performance. It is usually expressed as the likelihood that the process allows someone who isn't who they claim to be to access the service (False Accept). Suite) to authenticate millions of calls daily and prevent sophisticated fraud. Yet under Microsoft's ownership, these platforms face an increasingly uncertain future. With mounting evidence of decay, organisations relying on these technologies need a clear assessment of what’s happening and its implications. This article will separate fact from fiction and draw conclusions to help organisations plan for the future.
Voice Biometrics and Nuance’s Legacy
Voice Biometrics for customer authenticationAuthentication is the call centre security process step in which a user's identity is confirmed. We check they are who they claim to be. It requires the use of one or more authentication factors. and fraud prevention is a niche technology that, whilst it can be difficult to implement and drive user adoption, offers significant benefits for organisations most at risk from large-scale fraud: increased confidence that the caller is who they claim to be, reduced agent handle time, increased automation, and improved customer satisfaction. Organisations like HSBC, Fidelity, JPMorgan Chase, and the Australian Tax Office have found that it significantly reduces their dependence on knowledge-based authentication like PINs and passwords that are easy to socially engineer, and possession-based factors like one-time passcodes that have significant usabilityUsability is the primary performance dimension of the security process. Get it right and both security and efficiency flow, but usability is all wrapped up in human psychology. It’s a complicated subject deeply linked to behaviour, not just that of customers, but also of call-centre agents. and similar social engineering challenges.
The most successful solution provider in this space has been Nuance, who aggressively acquired and integrated technologies from best-of-breed developers and deployed their extensive enterprise sales force and professional services organisations to deliver them to the largest multinationals. With experience gained from these implementations, the product evolved into Nuance Security Suite (NSS), although its architecture was largely inherited from those acquisitions.
Ultimately, Nuance developed its Gatekeeper product as the cloud-native successor to Security Suite, building on the core biometrics algorithms but with a new, more scalable and modern architecture. Nuance's own hosted version runs on Microsoft Azure, and whilst it could in theory run on other public or private clouds, in practice only one organisation appears to have deployed it this way.
In April 2021, Microsoft announced their almost $20 billion acquisition of Nuance. Microsoft's stated rationale for the acquisition was to accelerate their industry cloud strategy for healthcare, largely based on Nuance's suite of relationships and capabilities in that market. The deal completed in March 2022.
Nuance under Microsoft
For a while, nothing changed; we heard nothing but positive noises as executives talked up the synergy and opportunities that Microsoft offered. But as time has passed, it's clear that Microsoft doesn't have much commitment to any of Nuance's former enterprise product lines. In July 2023, all marketing resources were reassigned, and in July 2024, sales teams were let go or reassigned. In late 2024, Microsoft announced the end of life for all of Nuance's enterprise Natural Language Understanding (NLU), Interactive Voice
Response (IVR), and Speech Recognition solutions, although the same clarity has not been given for their security (including Voice Biometrics) solutions. Finally, in March of this year, the professional services organisation was spun out to HCL. At the same time, the security product and support organisation has halved in size, including the departure of the Security Division's General Manager, Brett Beranek.
In the background of these changes, Microsoft continued to push Gatekeeper for new and existing customers. For existing customers, whilst the technical rationale for this transition was clear, the commercial imperative wasn't – having purchased perpetual licences for NSS, many were therefore slow to adopt. The real impetus has only really come in the past two years as the press and others talk up the "deepfake" threat.
Subscribe for New Content
Current Uncertainty
As I write, my understanding is that NSS, the on-premises solution, is formally "end of life" in June 2028 (having previously been in extended support until September 2026). The last material update to NSS, however, was an upgrade to the core Nuance Voice SecuritySecurity is one of three key measures of Call Centre Security process performance. It is usually expressed as the likelihood that the process allows someone who isn't who they claim to be to access the service (False Accept). Library (NVSL) in 2019, and since then they have been aggressively pushing new and existing customers to Gatekeeper.
For Gatekeeper, the picture is even less clear. Gatekeeper has not been officially "on sale" since July 2024, but since then, it's been purchased by several new customers, and many existing customers are still only part way through their migration from NSS. No official "end of life" date has been given, although I understand executives have made assurances to some large customers that no decision has been made and that the earliest this would be is May 2028.
Elsewhere, Microsoft still has ambitious plans for its contact centre solution, Microsoft Dynamics 365 Contact Center, although it has a big gap to close with its competitors, it's definitely not out of the call and contact centre market. It is clear, however, that it doesn't see Voice BiometricsVoice Biometrics uses the unique properties of a speakers voice to confirm their identity (authentication) or identify them from a group of known speakers (identification). as a core part of this solution, with all previous mentions having been removed from the latest product literature. Perhaps unrelatedly, as it was a pretty poor solution anyway, they will retire their homegrown (not from Nuance) Azure AI Speaker Recognition service in September 2025.
Strategic Calculations
I understand that Microsoft attempted to find a buyer for some or all of the Voice Biometrics product, but despite interest, a deal couldn't be worked out. In the absence of a formal announcement, we can only hypothesise on Microsoft's strategy and rationale. The key factors that, I believe, are likely to influence their decision-making are:
- Revenue — This is a tiny business on Microsoft's scale, a rounding error on the division spreadsheet. It also has limited potential to become a significant revenue contributor, even with investment in opening new markets and refactoring for other use cases.
- Customer Retention — Gatekeeper is bought by the largest and most sophisticated organisations, all of whom inevitably have relationships with Microsoft worth several orders of magnitude more than the cost of the solution. Whilst no one is going to cancel their enterprise agreements because Gatekeeper has been neglected or shut down, there is no reason for Microsoft to make negotiations any more difficult than they need to be. The earlier termination of Nuance's IVR and Speech Recognition products led to significant backlash from customers that I am sure Microsoft executives are not keen to repeat.
- Reputation — The reputational cost of losing customers' biometric data or being associated with a significant fraud or data breach elsewhere would be material to Microsoft's entire business and invite further, unwanted regulatory scrutiny on both sides of the Atlantic.
- Cost — The direct costs of sustaining the solution will continue to reduce with Moore's law, and the overheads have already been reduced to a fraction of Nuance's through multiple rounds of cost-cutting. There is, however, limited potential for further significant cuts without the risk of compromising the solution, so eking out significantly greater profitability is unlikely.
- Intellectual Property — Nuance invested heavily in Research and Development, with dozens of patents in Voice Biometrics and related technologies. The underlying intellectual property could still be valuable to Microsoft, not least to hinder peer competitor progress, but more likely for things like synthetic speech detectionSynthetic Speech Detection is a mechanism used to protect Voice Biometrics systems from presentation attacks using synthetic speech. It relies on detecting characteristics inherent in the text-to-speech (TTS) generation process. in Microsoft Teams.
Preparing for Transition
Microsoft's trajectory with Voice Biometrics seems clear — this is not a business they're committed to long-term. The question isn't whether they're planning an exit, but rather how they're executing it: is this deliberate strategic ambiguity to maintain existing customers while seeking the best price for the asset, or calculated decay where customers gradually depart until shutdown becomes a non-event?
All evidence points to the latter scenario. Despite likely wanting to retain key intellectual property, Microsoft has failed to find a suitable buyer for the business components they're willing to divest. The product line will never represent material revenue for a company of Microsoft's scale, making further investment highly improbable. Meanwhile, the reputational and regulatory risks of holding sensitive biometric data create internal pressure to exit, whilst simultaneously discouraging abrupt termination that might complicate valuable enterprise relationships.
The resulting limbo creates significant challenges for organisations relying on these solutions. While Microsoft will likely maintain the service on a best-efforts basis as long as customers continue paying, the talent exodus and knowledge drain will accelerate the product's deterioration. Support will become increasingly reactive rather than proactive, leaving customers vulnerable to emerging threats and changing business requirements.
This situation does require intentional strategic planning rather than a wait-and-see approach. The growing risks of depending on a stagnating solution for critical security capability require thoughtful mitigation — not panic, proactive consideration of alternatives that can provide long-term stability and continued innovation is inevitably part of this. Transitioning voice biometric systems isn't a trivial undertaking, but with proper expertise and methodology, organisations can migrate their security posture with minimal disruption.
In my next article, I'll explore these risks in greater detail, outlining practical approaches for organisations to evaluate their options and develop a robust migration strategy that maintains and enhances both security and customer experience.