Innovative biometric voice verification system for mobile devices
1. Voicekey CDE SME Showcase at DSEI 2015
CDE33485: Three factor On-device identity management for
securing remote access to MOD IT systems using COTS
devices
2. CDE33485: Securing the user on COTS devices
Capability Objectives:
To allow MOD staff the opportunity to utilise their own ICT devices in
conjunction with MOD-owned communication and information processing
assets
Why: To allow the MoD to reap the benefits of using BYOD whilst
protecting its systems from attack, and its information from compromise
Benefits/Exploitation
The MOD will be able reduce ICT procurement costs, without compromise
to IT security, whilst increasing staff effectiveness
3. Voicekey’s three-factor, on-device user
authentication technology was
developed to ‘harden’ standard
commercial-off-the-shelf (COTS) mobile
communications technology in order to
allow authorised users access to secure
MOD IT infrastructure without
compromising system integrity
CDE33485: On-device User Authentication
Secure the user
Secure the device
Secure the user
World leading on-device voice biometric technology gives added
confidence that the genuine user is present
4. CDE33485: : Android smartphone GUI
First page
User image selection
PIN entry
Remote service access
Voice verification
5. Proof-of-Concept Android smartphone
system demonstrated at MOD
stakeholder awareness raising day May
2014
Successful contract delivery resulted in
privileged invitation to join CSIIS
consortium of MOD contractors
CDE33485: On-device User Authentication
World-leading demonstration of on-device voice verification
6. CDE33485: Future work
Future work:
• A productised version of the Proof-of-Concept solution should be
developed for all required mobile platforms
• Developed solution should conform with all required MOD IT access
security protocols
• Large Scale system testing is required to provide performance
statistics
• Use case implementations
7. CDE33485: Exploitation for Defence
The Voicekey secure COTS solution delivers an efficient and effective means
of authorising an individual’s identity prior to accessing remote secure IT
system services or on-device functionality
It could be utilised in a number of operational contexts in the deployed
environment:
• Deployed HQ command & control messaging
• Remote access to on-line services via COTS equipment
• User authentication for on-device application access