Sign in required

You need to be signed in as a member of the Modern Security Community to view this content. Please register or sign in with your work email address:

Voice Biometrics can significantly increase your customer-facing security processes’ usability, efficiency and security, but no security technology is perfect. It’s essential to understand and mitigate vulnerabilities when implementing as part of your call centre’s authentication and fraud prevention processes. In this session, Matt Smallman introduces his framework for assessing the risk and determining appropriate technical and process mitigations, including:

  • ​Bypassing Voice Biometrics – How can fraudsters avoid biometric authentication, and what should you do?
  • ​Imposter enrolment and registration – What are the implications of imposter registration, and how to reduce it?
  • ​False Accept Risks – How likely are evil twins, related parties and random strangers to authenticate successfully, and how do you prevent them?
  • Presentation Attacks – ​How can recordings or synthetic versions of your user’s voices be used against you, and what to do about it?
  • ​Insider Threats – What is the risk from your employees?

This session was followed by an open question and answer session where members could ask questions and discuss their specific challenges.

Highlights

  • 00:01:47 - Why obscurity doesn't provide security
  • 00:03:09 - What can a 2,500 year old general teach us?
  • 00:05:04 - The Threat Triad and components of the threat to Voice Biometrics
  • 00:08:08 - Introducing the Voice Biometrics vulnerability categories
  • 00:09:51 - Understanding how biometric attacks exploit the False Accept risk
  • 00:16:54 - Mitigating biometric vulnerabilities
  • 00:19:46 - Understanding how bypass attacks exploit the False Reject risk
  • 00:22:16 - Mitigating bypass vulnerabilities of Voice Biometrics systems
  • 00:23:56 - Understanding and mitigating the imposter registration and enrolment vulnerability
  • 00:27:13 - Understanding presentation attacks on Voice Biometrics systems
  • 00:32:24 - Mitigating presentation vulnerabilities of Voice Biometrics systems
  • 00:35:44 - Understanding and mitigating insider attacks on Voice Biometric systems
  • 00:37:10 - Summarising Voice Biometrics vulnerabilities
  • 00:38:10 - Question: Synthetic speech and deepfake voices are improving rapidly but are they a realistic attack vector for organisations implementing passive, conversational Voice Biometrics?

Speakers

Speaker Image
Matt Smallman

Matt is the author of “Unlock Your Call Centre: A proven way to upgrade security, efficiency and caller experience”, a book based on his more than a decade’s experience transforming the security processes of the world’s most customer-centric organisations.

​​Matt’s mission is to remove “Security Farce” from the call centre and all our lives. All organisations need to secure their call centre interactions, but very few do this effectively today. The processes and methods they use should deliver real security appropriate to the risk, with as little impact on the caller and agent experience as possible. ​​Matt is an independent consultant engaged by end-users of the latest authentication and fraud prevention technologies. As a direct result of his guidance, his clients are some of the most innovative users of modern security technology and have the highest levels of customer adoption. He is currently leading the business design and implementation of modern security for multiple clients in the US and UK.

Files

Only available to signed-in members

Presentation file for Understanding and Mitigating Voice Biometrics Vulnerabilities Video

Recent Community Posts