Voice Password

A. Introduction

vText is a voice password or speaker recognition component designed for .Net and Java developers or application. Voice password is an intelligent system which can differentiate a person from another by recognizing vocal identities of a person. This intelligent logic can be processed and derived on the frequency domain. The time domain data is also provided here for those who need to analyse when an event occurs and it's duration. Thus vText is developed and designed to achieve this purpose and enable you to apply voice password in your computer systems, online banking and internet transactions. 

When you should use vText ?

1. When you need a good voice password system.

2. When you need to improve security:

 

i. Employee Provident Fund (EPF) / Savings Account Protection:: The identity card (IC) and finger print are used to verify and protect the account owner from fraudulent withdrawal. This protection is not enough if someone has lost IC before or the IC memory chip which contains the finger print information has been illegally retrieved. This may happen when you use your IC to apply job or visit a place which can happen to be a criminal organization. The stolen fingerprint and fake IC may be used by criminals to deceive EPF / Bank officers. It is safer for the public if we enhance the existing security with voice password because stolen finger print may be reproduced and implanted whereas voice has more complex biological constitution. If you suspect your IC has been illegally scanned by any device, you may need to go to relevant Government department to apply new IC and close all existing Savings Account and register new account with new IC

 

ii. ATM machine protection:: The current ATM security design is insufficient. This has caused RM3.1 million being drained out of ATM machines illegally by hackers in Sept 2014. After the hackers infect the ATM machines with virus through CD drive, the hackers key in code which they receive via telephone. This has misled the ATM to throw out all the notes. In this context, we can use voice password as an additional security layer to verify the request is from an authorized person. We can improve the security architecture with an additional layer of voice verification.

 

iii.  Document Signature::: data can be very important or sensitive, hand signature may not be sufficient to protect the owner. Such documents could be legal documents for ownership of land, property or even a will. With voice signature, it is easier to differentiate an authentic document from a false. We can use voice signature for documents by printing the waveform at the side of hand signature after the voice is verified.

 

There is a viewWave method which allows printing, sizing and locationing of voice print. For application implementation, you can use the class methods i.e. vText.dataAcq/autoDetect and vText.recognizePartial10k.

 

iv. Mobile/Online Banking Protection:: online protection is applicable to online payment, fund transfer, e-commerce and any form of card or cashless transaction. It had been reported in newspaper moneys were lost when keyboard password was unknowing exposed or an internet banking user clicking a false hyperlink after successful login. Biometric verification at this time should be implemented to raise the security level on par with increasing threats from high-tech interception, theft, authority misuse or virus. With voice verification designed to happen at the time just before a transaction is effected, the chances of unauthorised withdrawal can be very much minimized because an event triggered for voice verification will alert the consumer that the hyperlink is performing a false purpose.

 

You can configure to use biometric verification only for an amount which is significant, so complicated system usage will only involve when security need increases.  For online or internet implementation, you can use the class methods i.e. vText.dataAcq/autoDetectWrite and vText.complexmodulus, the processed result of complexmodulus can be stored in database. Therefore no physical wav file is needed for storage at server. This solution will make voice password usage possible in internet or online transactions. For credit card, the processed result should be stored in card memory so that the voice input during transaction can be verified.

 

For internet usage, an application is needed for vText.dataAcq/autoDetectWrite to create wav file at client. A donger can be used to install this application on the internet user's computer, just like the prior installation of an application is needed for broadband usage. This application can be your Java or .Net application which interfaces to vText methods. The wav file is then decoded at the client using vText.complexmodulus, the frequency breakdown is then sent to server for comparison, this process can be run in a web service. This is one way voice password/authentication can be used over internet.

 

For mobile usage, you may need to use the phone's API to create the wav file or equivalent file, then these files can then be decoded by vText.complexmodulus for processing and comparison at the server, the decoding process can be run in a web service. While transferring the file/data to server, you may need to use some form of encryption over the network to protect the file/data

 

v. Identity Management: voice biometric has provided an alternative to fingerprint in the area of identity management, this is particularly important in the situation where some people may not want to use fingers for recognition purposes. Organizations such as Immigration, IC departments, legal, banking and security may consider using voice biometric as an alternative to fingerprint for handicap people for the purpose of equal treatment or even for enhanced security.

 

vi: Door Access Control::: we have microphone which you can mount on the wall and this microphone has USB connection to computer, cable length can be 4 meters. Please order 1 month in advance as we order from US, we will write program to interface the magnetic door to open/close based on the feedback from voice password component.

 

3. When the use of keyboard is not convenient or the use of smart card alone is not reliable.

4. When you need to modernize your security infra-structure.

 

5. When inbuilt microphone and speaker are available on most modern computer.

Usage: 

vText is suitable for use in any situation or system which requires additional protection for data. Normal keyboard password or smart card can be copied or stolen to make illegal access, with vText, these possiblilities are reduced because the voice biometric of each individual is different. You can interface this component to your .Net and Java application, and it can also be installed on a hardware device for control system. It shall logically gives high score for the same words and low score for different words. Same words read from different persons shall give lower score than read from the same person. 

This component can be used to assist any access control system which is normally run by smart card or alpha-numeric password. For example, vText will enhance your security when your password is exposed because it is more difficult to imitate biological nature like voice than keyboard password. vText is also able to recognize you when you forgot your keyboard password through your voice input. This is helpful when you need to access to any system or area during emergency.  

vText can also be used to help less fortunate people to operate computer applications.

The download for vText software component is readily available at:

1.  http://www.basic-signalprocessing.com/downloadVText.htm (Java) or;
2.  http://www.basic-signalprocessing.com/downloadVTextNet.htm (.Net) .

For installation on hardware device, notice should be given a few months earlier because the deployment process for each hardware is different.

Limitation: 

1) It cannot differentiate the words from the same person when the words order are different. E.g. it cannot differentiate "I love Indonesia" and "Indonesia love I" if read by the same person. It's pattern comparison on frequency spectra.

2) vPass is not 100% accurate because the speech speed and pitch (level) of a person have variation on different occasions, so as our distance from the microphone when we speak. Our design seeks to achieve consistent result when the tests are conducted at stable conditions. In this aspect, our design has achieved a basic degree of consistency and reliability. This is achieved by comparing the frequency spectra and ratio of voice samples on the belief that the frequency response and spectrum level (magnitude) of each person are different. This belief happens after tests have been conducted for various methods and discovered that this method is the most reliable for a simple design.  Mimic by hearing and seeing the wave form has been tested to lower the security, so do not expose this information at production.

 

3) The hardware model of the input device such as the microphone should be the same and used consistently for recording and comparison. Different model will produce different frequency spectra. The solution is to use external sound card or record the same voice command again for different hardware.

 

4) Need to control distance. The distance between microphone and mouth when speak should be consistent and <= 5cm, with normal tone, to ensure sufficient sound pressure input but not too much

 

5) The source voice needs to be recorded in a reasonably noise free environment to avoid the lost of signal of interest, this lost can happen when the background noise is too strong. When the source voice contains significant noise, any incoming signal which contains the similar noise can cause system unable to differentiate.

B. The theory behind vText

vText was developed based on signal processing theory such as Nyquist sampling theorem and frequency domain analysis, and basic mathematical design using Fourier transformation, vector and ratio analysis.

C. vText process flow

 


Note: vText is available for .NET and Java version.

D. License fee

1. Our objective here is to promote the use of voice password and assist Company to implement voice password. We place our concern and importance on public safety and public benefits first. A reasonable support fee is needed to assist implementation.


Please email enquiry@basic-signalprocessing.com to assist voice password implementation.

© 2017 Basic Signal Processing Services. All rights reserved.