Posts Tagged ‘Security’
May 7, 2014
If you read through the biometrics literature you will see a general security based ranking of biometric techniques starting with retinal scans as the most secure, followed by iris, hand geometry and fingerprint, voice, face recognition, and then a variety of behavioral characteristics.
The problem is that these studies have more to do with “in theory” than “in practice” on a mobile phone, but they never-the-less mislead many companies into thinking that a single biometric can provide the results required. This is really not the case in practice. Most companies will require that False Accepts (error caused by wrong person or thing getting in) and False Rejects (error caused by the right person not getting in) be so low that the rate where these two are equal (equal error rate or EER) would be well under 1% across all conditions. Here’s why the studies don’t reflect the real world of a mobile phone user:
A great case in point is the fingerprint readers now deployed by Apple and Samsung. These are extremely expensive devices, and the literature would make one think that they are highly accurate, but Apple doesn’t have the confidence to allow them to be used in the iTunes store for ID, and San Jose Mercury News columnist Troy Wolverton says:
“I’ve not been terribly happy with the fingerprint reader on my iPhone, but it puts the one on the S5 to shame. Samsung’s fingerprint sensor failed repeatedly. At best, I would get it to recognize my print on the second try. But quite often, it would fail so many times in a row that I’d be prompted to enter my password instead. I ended up turning it off because it was so unreliable (full article).”
There is a solution to this problem…It’s to utilize sensors already on the phone to minimize cost, and deploy a biometric chain combining face verification, voice verification, or other techniques that can be easily implemented in a user friendly manner that allows the combined usage to create a very low equal error rate, that become “immune” to conditions and compliance issues by having a series of biometric and other secure backup systems.
Sensory has an approach we call SMART, Sensory Methodology for Adaptive Recognition Thresholding that takes a look at environmental and usage conditions and intelligently deploys thresholds across a multitude of biometric technologies to yield a highly accurate solution that is easy to use and fast in responding yet robust to environmental and usage models AND uses existing hardware to keep costs low.
August 14, 2013
The technology does exist for end users to create their own unique wake up words and/or speaker verification pass-phrases. If the phrase is known and prepared for in advance, we can typically achieve a higher accuracy. Some care needs to be put into training new or unexpected words to ensure the phrases have sufficient differentiated content that doesn’t frequently occur in real world conversations. Also, there needs to be excellent application design to ensure the templates recorded are of good quality. A bad training recording can really mess things up, and adaptive averaging approaches and good application designs can prevent this. We usually recommend training in quiet and using anywhere.
August 12, 2013
Here’s another question I hear: If the device is listening for a specific wake up phrase, how do I stop others from using it?
Some users and analysts have noted the amazing sensitivity of Glass. In my own experiments I’ve noticed that it’s even responsive to whispers in a quiet room or speakers from across the room, so it is possible that someone not wearing it can activate it in quiet conditions.
Speaker verification could be added to wake up words, without hurting the power consumption. The settings can be very light to reduce false firing and keep out some percentage of unintended users, or it can be tighter for more security. The “tighter” and higher security means the higher likelihood that the right user won’t always get in, that’s why we use a “light” setting so wrong users are USUALLY kept out and right users virtually always get in. The speaker verification requires training, but this could happen in an “adaptive” fashion with use, so that the training is invisible to the user. The longer the training word or phrase the better the accuracy!