BiometricsCenterlink replaces PINs with voice recognition

Australia’s welfare agency Centerlink has flicked the switch on a biometric voice authentication system that will be used to identify and manage select clients, replacing the agency’s dated PIN and password-based system. The system is expected to free up Centrelink’s call-center staff by automating processes frequently accessed by customers.

According to Centrelink, the voice verification system will not only improve the security of accessing personal details through Centrelink, but will improve the efficiency of the agency’s call-center operations, which handle about 28 million calls a year.

The Australian’s Mithcell Bingeman reports that the new system has been rolled out already to a number of families and student customers. “Centrelink conducts vital business with millions of Australians every day and this service has the potential to give more than 60,000 customers greater flexibility about how and when they interact with us,” Human Services minister Joe Ludwig said.

Centrelink is contacting eligible customers to sign up to the system. Clients who routinely access self-service functions, such as lodging payment forms and updating the welfare agency with simple information about income, are most suitable for the system, according to Centrelink. “We need strong assurances that our clients are the right people with the right credentials,” Centrelink project manager Ross Summerfield said. “Moving to biometric voice verification gives us a more secure platform to do this.”

Summerfield said voice authentication was a more secure method of customer access because the technology used unique voiceprints and pattern-recognition software to verify a speaker. It relied on the fact that voiceprints, like fingerprints, were unique for each individual. As such, it would greatly limit the ability for disgruntled spouses or identity thieves to access clients’ account details. “Speaker verification is unique because it’s based on both physiology characteristics and behavioral aspects and not many biometrics are based on both,” Summerfield said.

Enrollment is a once-off, five-minute process that requires a customer to say his or her name and customer access number three times, count one to nine and submit a minimum of three secret questions. “But if you’re worried about your security you can enroll as many secret questions as you like,” Summerfield said.

When that was done, it would take about a minute to access an account from then on. As a final layer of authentication, the system requires customers to recite a random string of digits to ensure the subject is human and not a machine. “We’re putting in that random element to make sure we always get secure transactions,” Summerfield said.

Centrelink’s voice authentication system received the thumbs-up from security penetration testing experts Pure Hacking, which said the system was far superior to the agency’s PIN and password system. “Anything we can do to move users and organizations away from the typical user name and password systems is a step in the right direction,” Pure Hacking lead consultant Chris Gatford said.

The $2 million voice authentication technology is being supplied by Telstra as part of its managed telecommunications services contract with Centrelink.

Although Telstra has handled the implementation and support of the project, the voice pattern recognition software is supplied by both Nuance and Telstra’s former IT services arm Kaz.