Multi-Factor Auth in Alexa Skills - Faisal Valli
•Download as PPTX, PDF•
2 likes•1,438 views
Faisal gave an excellent talk at the 5th London Alexa Devs meetup on implementing Multi-Factor Authentication in Alexa Skills using the Nexmo API. https://www.meetup.com/London-Alexa-Devs/
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (20)
Similar to Multi-Factor Auth in Alexa Skills - Faisal Valli
Similar to Multi-Factor Auth in Alexa Skills - Faisal Valli (20)
Recently uploaded
Recently uploaded (20)
Multi-Factor Auth in Alexa Skills - Faisal Valli
- 1. Copyright © 2017 Accenture All rights reserved. Non binding proposal. MULTI-FACTOR AUTHENTIFICATION WITH AMAZON ALEXA Keep your customers secure in a voice-enabled future
- 2. Get creative in verifying a user Higher level of security needed for voice? Is the Alexa Voice Pin enough? How about looking at the next level of authentication. The ability to authorise a user based on previous locations or through Audio or other means Some skills may require a higher level of security to ensure the user is who is they say are. E.g. Banking Skills, Product purchasing Skills, Health and Medical Skills + other Sensitive data Skills The Alexa voice pin is handy, especially for false positives when ordering (Alexa TV Adverts!) However it is still a static code, and once its heard by others, is it still secure? PREPARING FOR THE FUTURE OF VOICE APPLICATIONS
- 3. HOW/WHY WE USED MULTI-FACTOR AUTHENTICATION The skill we were creating allows users to purchase products. Future implementations would also allow you to hear a customers purchase history. We felt this was enough to enable additional security for the user and looked at some providers who could help. A push notification system service that lets you send messages. Powerful and cost-effective AWS SNS (SIMPLE NOTIFICATION SERVICE) Voice, Video, Messaging and Authentication APIs for a variety of applications TWILIO Set of cloud based communication APIs, including SMS, Voice, Chat and Verification NEXMO
- 4. USING NEXMO FOR MULTI-FACTOR AUTHENTICATION First we need to sign up to get our API Key, Secret Key and Brand Name in order to be able to use the Verify API calls To implement Nexmo using Node JS there is a very handy Nexmo node package which simplifies making calls to the Verify API We need to implement the API calls and setup the credentials for calls correctly Build the solution to call the verify API at the correct time. Once to send the code to the user, second to check the user has provided the code correctly Test the skill on a real Alexa device or the online simulator SIGN UP TO NEXMO INSTALL NODE PACKAGE IMPLEMENT CREDENTIALS & API CALLS IMPLEMENT CALLS INTO YOUR INTENTS TEST YOUR SOLUTION 1 2 3 4 5
- 5. OTHER CREATIVE AUTHENTICATION METHODS CURRENTLY EXPERIMENTING LOCATION BASED AUTHENTICATION AUDIO AUTHENTICATION FACIAL & VOICE RECOGNITION AUTHENTICATION Location based authentication is something we’ve looked into for some clients. The user is asked where they were on a specific date and time range. Follow up questions may be asked to ensure validity. One example is to let the user hear an audio snippet of a song/audio book they have been listening to over the past few days. The user is then required to say the artist/author/title plus any other uniquely identifiable information Some companies may wish to use an Alexa device within their store/branch. Somewhat futuristic for Alexa, the idea is to have a camera identify the user and let Alexa know if the person is indeed who they claim to be. https://goo.gl/dXlbSC https://goo.gl/OgSZWY
- 6. 6 CONTACT FAISAL VALLI WORK E-MAIL: FAISAL.A.VALLI@ACCENTURE.COM PERSONAL E-MAIL: FAISALVALLI9@GMAIL.COM LINKEDIN: HTTPS://WWW.LINKEDIN.COM/IN/FAISAL-VALLI-63B21537 TWITTER: @FAISALVALLI9