What is it ?
Voice Recognition (sometimes called voice authentication) is a type of user authentication that uses voiceprintbiometrics. voice Recognition relies on the fact that vocal characteristics, like fingerprints and the patterns of people's irises, are unique for each individual.
The criteria that a voice ID system bases decisions on are created by the shape of the speaker's mouth and throat, rather than more variable conditions. Because of the relative permanence of the characteristics it measures, the technology is not likely to be fooled by an attempt to disguise a voice, and is not generally affected by changes that can make a voice sound quite different to the human ear, such as a bad cold or extreme emotion.
During enrolement for a voice authentication system, a user's voice is recorded, creating what is called a voiceprint for comparison with samples taken for user identification. To foil attempts to fool the system with a prerecorded voice sample, people may be asked to read or repeat a list of words which they can then be requested to repeat in random combinations.
How cidaas makes use of Voice Recognition as a part of Multifactor Authentication?
Voice Recognition is one of the Authentication type cidaas uses to authenticate users through Authenticator application.
As a prerequisite, the admin must enable the Multifactor authentication settings in the admin dashboard -make sure voice Recognition is enabled here.
Once the above setting is done, users can now configure their profile to enable MFA, and voice recognition. For the very first time, the user needs to set up his/her cidaas Authenticator account. To do this:
1. Scan the QRCode provided on the web portal using the Authenticator App (i.e. profile settings section on the respective web portal- > Physical Verification Setup-> choose Pattern -> QR code.)
2. Configure the voice method as shown in the flow below: Where the user can verify their voice on mobile. The voice will be sent to server for further processing along with the device-ID and the FCM token of the Smartphone.
3. This device-ID and FCM token is the basis for sending notifications during login.
4. When the user logs-in to the web portal/ any other service, he will get a notification to login. When he clicks on it, the user needs to verify his voice. If this voice matches with the originally configured data -stored in cidaas server, will the user be successfully authenticated.
Once the above configuration is done, each time when the user logs in to his account in web, he gets a push notification. On clicking this, user has to verify his voice. The voice recorded is sent and verified with the configured info on the server. If these match, the user is successfully logged in (see flow below).
Both the configuration and usage flows are explained below with concrete screenshots:
Voice Recognition: Configuration
Download and Install the cidaas authenticator app from the below link, if not done so already.
On your dashboard page, go to Physical Verification Setup and select Configure button under the Voice Recognition (cidaas authenticator app) option. (i.e. client webportal->my account->physical verification setup)
The following screen appears on the web.
To scan the QR code presented, open your downloaded cidaas authenticator app and click on Add tab.
Scan the QR Code displayed on your desktop.
Note: Instead of scanning QR Code on desktop, alternately, you can open cidaas-authenticator mobile app, and in physical verification section, choose any one verification.
If using the mobile browser, we don't need to scan qrcode. It will automaticaly ask for the appropriate authentication information, based on the verification type you choose.
After scanning, the login screen is displayed on your phone. Login with your credentials.
At the same time, the loading screen will appear on your desktop, as it waits for authentication
Once logged in, you need to configure voice verification. Speak and record your voice on your mobile as per the instructions specified on the App. If successful, the setup is completed.
Voice recognition is now successfully configured.
If user try to speaking a longer sentence should takes about 5 secoonds or more, otherwise it will throw exception.
Then, your app and your desktop screen will look as shown in the figure:
Voice Recognition: Usage
Login with passwordless authentication then enter your email and click Proceed. Select Voice Recongnition (cidaas authenticator app) to login
The multiple device screen gets displayed
The screen waits for authentication.
At the same time, push notification will be received in your authenticator app.
Click on that notification to view authentication request. The request shows the browser type, location and date/time, when the request was made (as in the below screen),
if you click allow button, it will continue to steps 4; Otherwise you won't be able to authenticate at this point.
On click of deny button the 'Notification Deny' screen will be shown, where user can select appropriate reason for denying the request and submit it. After that you won't be able to authenticate.
Now, you can see the Voice verification screen. Verify your Voice on your mobile. If it matches with the originally configured voice sample, you are successfully authenticated.
You have now successfully logged in.