If you’ve read the earlier articles in this series on voiceprints, you now have a good understanding about what voiceprints are, how they are created and how secure they are – even if they were to wind their way into the hands of a fraudster. This is all excellent information to know, but to help further put your mind at ease, it’s important to understand the underlying technology ACH Alert uses to create and store voiceprints for its customers.
For its voice biometric processing needs, ACH Alert uses a U.S.-based company who has been in the voice biometric software business for more than 10 years – Voice Biometrics Group (VBG). There are several features about how VBG does business that are critical to protecting ACH Alert customers:
- Dedicated to Voice Biometrics. VBG is fully dedicated to the development of voice biometric algorithms and delivery systems. They do nothing else, so there are no distractions.
- Completely Anonymous. VBG has built a system that is 100 percent anonymous relative to all end users. ACH Alert does not send any personally identifiable information (PII) to VBG. Instead, ACH Alert generates a unique alphanumeric key to use as a “User ID” within their system. Speech samples from ACH Alert’s IVR system, along with this unique User ID, are sent to VBG. VBG then creates voiceprints from these samples and associate them to the appropriate User ID. That’s it – there’s no way for them to identify and target specific users.
- Secure Data Handling. VBG encrypts all data with AES-256 encryption when it is stored. And, they require ACH Alert to use HTTPS to transfer information into their system, ensuring all data is always protected, while in transit or at rest. These voiceprints are created in, live in and eventually destroyed in VBG’s platform – they never leave (there are no functions to allow them to be transferred, exported or otherwise moved outside of the system).
- Extensive Monitoring and Safeguards. VBG’s data center is monitored at the network level, but also has numerous physical safeguards including 24x7 video surveillance, keycard and biometric entry locks to access the server room, locks on server racks, and multiple levels of ID and password protection for all devices. Continuous third-party intrusion detection monitoring is also in place, as well as annual penetration testing of all production servers/devices.
- Compliance. VBG developed its platform with required industry compliance in mind and regularly passes information security audits, including PCI, HIPAA and GDPR.
- Solid Track Record. VBG has had ZERO breaches or security incidents in over 10 years of continuous operations!
ACH Alert takes the protection of your personal information and voiceprints seriously – and so does VBG. Rest assured that if you use the ACH Alert system, with voice biometric authentication from VBG, that significant protections, procedures and policies are in place to protect you!
For more information, download our white paper, "The Role of Voice Biometrics in Your Layered Security Program."