In a pre-COVID-19 world, companies struggled to find a balance between effective user security and a positive user experience. The problem was these two objectives resided on opposite ends of a balancing scale, improving one directly correlated to degrading the other. To complicate the problem, users are now demanding a safe germ-free authentication process that protects their privacy. The two-headed beast just became a three-headed monster.
Can tight security, safe authentication with respect for privacy, and a pleasant user experience exist concurrently? You bet it can! It may mean letting go or evolving existing processes and technologies, but there is a way forward. To explain I’ll break out each part individually.
Security
Let’s start with security. Since we’re all friends here, and I’m being candid, any user security process still tied to passwords, PINS, or knowledge-based questions is weak. Password processes are cumbersome, they require tremendous resources to manage, and they don’t work. Knowledge-based questions are only marginally better. So, what’s the answer? The true answer is biometrics, but even that discussion has evolved since Covid-19. Before Covid-19, biometrics led the discussion as a way to put security and the user experience on the same side. Although that’s still the case, there are new questions that need to be considered. Does the biometric invade my privacy, now or into the future? Does using the biometric increase the risk of spreading germs? These are valid questions that deserve an answer, and as a result, pare down the list of viable biometric options.
For example, the effectiveness of facial biometrics is weakened by Covid-19. Most facial biometrics don’t work when a person is wearing a mask, and for the ones that do, the data points used to identify the person is scaled down to the point that the reliability is impacted. Fingerprint biometrics are impacted by Covid-19 as well. Fingerprint biometrics are not contactless and facilitate the spreading of germs, and they cannot be used when the user is wearing gloves. So that leaves us with voice biometrics, and spoiler alert, it’s the only one that can check all the boxes. The reason voice works is the authentication process uses a voice file that contains the unique characteristics to how a person speaks. The voice file is unique to each individual and cannot be reverse engineered, and when using a liveness feature, it cannot be spoofed with a recording. It’s also a contactless biometric so it doesn’t promote the spreading of germs. Voice biometrics is the most adaptable, safe, and secure biometric choice.
Customer Experience
Next is the customer experience. It’s no secret people are fed up with the current user authentication process. The password process is almost ridiculous, and many multifactor authentications just add a layer of inconvenience to an already burdensome process. On top of it all, it provides mediocre security at best.
Users want a secure way to authenticate without having to remember anything or carry anything with them. People are used to convenience and immediacy and they expect a frictionless process to follow them through their entire journey regardless of where or how they are interacting. The good news is the answer for this is also voice biometrics. By using a voice biometric, the user doesn’t have to remember anything, and since voice isn’t tied to a device, it can be used anywhere the user is. Imagine if you could authenticate yourself simply by using your voice. No more passwords, passcode, PINs, Challenge questions, ID badges… you get the picture. So now on to Privacy.
Privacy
Privacy concerns have always been a component of biometric discussions, but with the state of current affairs, the topic is now leading the conversation. Facial biometrics is extremely controversial right now. There are substantiated concerns about facial biometrics invading a person’s privacy and leading to profiling and misidentification. The same fear exists for the use of fingerprint biometrics; fingerprints are easily stored, cataloged, and reproduced. Again, voice biometrics is different. With voice biometrics, the part of speech that is collected to authenticate a person can be saved in a WAV file, but the information in the WAV file is useless on its own and it cannot be reverse-engineered. Therefore, eliminating privacy concerns making voice biometrics the clear choice again.
Conclusion
The business landscape continues to evolve, and no one can completely predict all the twists and turns that will come as a result. What we do know is digital transformation is here to stay and businesses must satisfy the security, customer experience, and privacy requirements that come with it. It’s estimated in the next two years over 20 billion devices will be connected to the internet, and with the continued growth of AI and IoT, that number will grow at a rate that out paces the ability to protect users. Voice biometrics will emerge as the clear choice as it’s the only biometric that can check all the boxes.