Third-Factor Authentication Cannot be Lost, Stolen, or Forgotten


Do you have a list of passwords written down and hiding in a desk drawer? Have you ever lost your cell phone or the hard security token that is usually dropped in the bottom of your briefcase?  Have you struggled to answer the “challenge questions” presented at login? First-factor and second-factor secure authentication methods have weaknesses in that “something a user knows” can be forgotten and “something a user has” can be lost or stolen. These typical multi-factor authentication services and methods  are inevitably weakened by the human element involved. In contrast, third-factor authentication methods involve attributes that cannot be lost, stolen, or forgotten.

Third-factor authentication proves identity based upon “something a user is.” When used alone or in combination with other single or multi-factor authentication methods, third-factor authentication is a powerful tool for increasing security and avoiding fraud.

Third-factor authentication methods stand out from first and second-factor methods in that they ensure the right user is authenticating. It is trivial to share information that is used in first-factor authentication. For example, a co-worker shares user/password credentials for server access. The same goes for second-factor authentication, a user has a cell phone which is used for second-factor authentication and they just share the cell phone with others. Third-factor authentication is superior in that ‘something you are’ cannot be shared with others and authenticates one personally, and is very difficult to fraudulently obtain or generate.

However, most third-factor authentication methods require expensive biometric equipment. For example, iris and fingerprint biometrics both require separate physical equipment to be used for authentication.  Voice biometrics third-factor authentication is a low-cost method that has advantages over other forms of authentication in its ease of use and familiarity.

Phishing schemes and data breaches have called into question the common practice of having customer support personnel authenticate the caller by asking security questions concerning PII (Personally Identifiable Information). Voice biometrics is an ideal replacement for this, as it removes the need for sharing PII and removes dependence on level-one support personnel performing authentication manually. Voice biometrics can also easily be integrated into IVRs (integrated voice response systems) that use a similar PII-dependent security process, or other progressive authentication models.

The functionality of voice biometrics is provided by creating a “voiceprint” in an enrollment and then comparing the stored voiceprint with the new one created during authentication.  Voice biometrics authentication has the advantage that a voiceprint can be captured with physical equipment that exists in virtually every business: telephones, cell phones, microphones, even VOIP (Voice Over IP). Capturing voiceprints is a quick and simple process; the initial enrollment of a user takes about thirty seconds, and each authentication takes about ten seconds.

Although it is easy to create a voiceprint, the technology behind it is complex enough to ensure that voiceprints can’t easily be spoofed. A complete voiceprint is composed of both physiological traits of the vocal tract and behavioral traits such as pitch, tone, and cadence.

Third-factor authentication provides a significant level of security above what first and second-factor authentication do, and voice biometrics authentication displays distinct advantages over other forms of third-factor authentication.  For more information about how you can implement secure voice biometric authentication services to protect against identity fraud and data breach, contact one of our specialists.