How Secure Are Voiceprints?

Posted by Peter Soufleris on Jun 5, 2019 9:30:00 AM

voiceprint security

With the increasing frequency of data breaches and identity theft hitting the headlines, people have become concerned about their personal data being stolen and misused.  And rightly so, as it can often take months and cost thousands of dollars to remediate cases of identity theft. 

This concern is even greater when considering biometric data.  If your user ID and password are stolen, along with credit card data and other personal information, these are painful to have fully replaced or updated.  But it can be done, and you can recover.  However, what happens with biometric data?  If someone steals your fingerprint, or facial scan, or voiceprint – what happens then?


Consider a fingerprint.  You can’t create a new image of your right or left index finger – you have one fingerprint per finger, that’s it.  Because fingerprint biometrics use a local sensor (fingerprint reader) to capture an image, people have good reason to be concerned.  If someone steals your fingerprint, presumably they could re-use it with other systems having other fingerprint sensors.  And while today’s sensors are much better at detecting frauds, they are still far from perfect.

So, what about voiceprints?  If a voiceprint is stolen, can it be reused?  The answer is NO.  In our earlier article, we covered the process of voiceprint creation.  Voiceprints are essentially digital models that are created by processing speech samples.  If someone steals your voiceprint, they will not be able to reuse it in another voice biometric system. 

All voice biometric systems essentially work the same way:  you submit a speech sample which is then evaluated and compared to a stored voiceprint.  You do not submit a voiceprint and compare it to a voiceprint.  Thus, voice biometric data is inherently less susceptible to theft and re-use compared to other forms of biometrics.

It should also be noted that voiceprints cannot be reverse engineered into intelligible speech.  They are not recordings that you can listen to or anything that can be used to directly identify someone in any way (other than their intended use).  And, it’s worth nothing that voiceprints are frequently created for specialized tasks based on variables such as language and content – one size does not necessarily fit all.

As an example, consider a global company using voice biometrics for various applications.  A China-based business may have an application which requires employees to speak digits in Mandarin, however, in Brazil, they may have a different application which relies on conversational Portuguese.  A bilingual employee traveling to both offices may have to maintain two separate voiceprints.  And while this is a somewhat unusual example, it demonstrates that unlike facial recognition and fingerprints – voiceprints can and do vary, even for the same person.

Because voiceprints rely on language, content and the voice biometric software system that is used to create them – they are very safe relative to being stolen and re-used.  In a future article, we’ll explore the use of synthetic speech and how this could potentially impact users of voice biometric systems. 

However, we’ll next visit exactly how ACH Alert creates and protects its voiceprints.


For more information, check out our recent white paper on voice biometric technology.

Download White Paper  The Role of Voice  Biometrics in Your Layered  Security Program

Topics: Biometric Authentication