Blog

Jail time for biometrics

The people who work in the Broadville Retention Centre, a temporary home for semi-retired hoodlums, love working there. The centre in south-west London, England, has views of flightpaths from Heathrow Airport; sights evocative of the freedom temporarily denied its residents. Workers at the centre on the other hand enjoy freedom of movement, not only in coming and going according to their shift patterns, but also within the building complex.

To facilitate that freedom of movement, Broadville has adopted technology you’re more likely to find in an episode of Star Trek than in a retention centre. As the centre’s chief engineer explains, “We have an open-door policy with the lifts on the non-staff levels. That means the doors won’t close and the lift won’t go anywhere, until and unless an authorised staff member issues a voice command. The instruction we use is ‘Beam me up Scotty’.”

Confession time.

The story isn’t real. It’s hypothetical, but it serves to illustrate a use case for a biometric that most people associate with banks and tree houses. It’s a use case that makes a lot of sense.

Making sense

Traditional methods of security mean employees – guards and other staff – have to carry keys and ID passes, which can be stolen, copied or forged by enterprising denizens. Personal ID numbers and ID cards are fine up to a point, but they can be stolen or inveigled from the user, or simply forgotten. Other forms of biometric, like fingerprinting and iris recognition need hardware installed at every point of entry. That hardware is susceptible to malicious damage or even casual vandalism, and the initial capital expense and ongoing maintenance costs are not inconsequential.

Using voice biometrics makes sense because it makes use of existing infrastructure – the intercom system is already in place – and users do not need to know or possess anything. It’s about who you are, rather than what you know or what you are carrying. With voice biometrics, the user is their own password.

Feasible scenarios

Voice biometrics, encompassing speaker verification and identification, is usually associated with combating fraud. In the case of our hypothetical establishment at Broadville, it’s linked to containing fraudsters and other criminal elements. Notwithstanding the imaginary nature of this use case, it’s presents a feasible scenario. Furthermore, the principle could be extended to the prisoner community as it’s immune to mere impersonation.

In circumstances where trusted detainees are allowed certain privileges, speaker verification could be used to grant them access by using their voice. Similarly, it could be used to confirm attendance, or the presence of a specific individual in a certain location at a given time. In fact, any personal access control or attendance confirmation requirement could be met by using voice biometrics. And the relaxing of the need for supervision is a benefit that would contribute to the efficiency and cost-effectiveness of any such establishment.    

Raising the bar

As with any other deployment of voice biometrics as a means of verifying identity, there’s more to it than improving security. The motivational benefits, for staff and guests alike, are significant, and in an environment where public services have to fight for budgets and funding, its cost-effectiveness and return on investment must be very welcome effects.

Voice biometric security methods can do a better job of preventing unauthorised access than user credentials such as inmate IDs or PINs. Critics might say that once you've created a voiceprint (the vocal equivalent of a fingerprint), it becomes a digital file that thieves can steal like any other personal data. However, reverse engineering a stolen voiceprint into an audio file that can be replayed isn’t possible, even if it could be extracted from a system, and voiceprints certainly aren’t portable between systems. Voice biometric authentication really does raise the bar for hackers, fraudsters and identity thieves.

Broadville is a fictitious institution, but it needn’t be.

 

Sources:

https://www.wired.com/2017/04/iris-scans-come-nursing-homes-next-stop-phone/

http://mediatemple.net/resources/external-resources/web-hosting-industry-publications/