ValidSoft See-Say® Trusted Identity Assurance™ Prevents Credential Theft Abuse

Any organization that is required to digitally authenticate employees or customers, whether for enterprise access (PAM/IAM/ZTNA), online services, payments, or banking, will carry varying risks of unauthorized access by bad actors, identity theft, data theft, or fraud, depending on the authentication strategy implemented.

While the risks associated with a password-only strategy are well understood, other stronger security solutions based on One-time Passcodes (OTPs) do not necessarily provide the desired level of protection an organization might assume they’re getting. They can also be susceptible to breaches at the hands of bad actors. Hijacking of OTPs through SIM Swap attacks, SS7 hacking, fake websites, and social engineering techniques are all designed to acquire these crucial codes.

To solve these problems, and more, ValidSoft has launched See-Say® Trusted Identity Assurance™ – a new and revolutionary digit-based voice authentication solution that provides trusted identity assurance – and therefore security – in enterprise remote access (PAM/IAM/ZTNA). This voice biometric authentication software solution counters credential theft, social engineering hacks, replay attacks, and synthetic voice deepfake attacks.

See-Say® Trusted Identity cleverly combines voice authentication technology and cryptographically generated numeric digits to create Trusted Identity Assurance™ – an irrevocable record of the true identity of the individual performing the legitimate access request.

The Smarter Approach to Identity Verification

  • Streamed digits derived from transaction/access request
    Unlike traditional OTPs, the digits streamed are a cryptographically generated set of digits derived from the underlying transaction, or access request, variables.

  • Cryptographic digits streamed directly
    Unlike OTPs delivered via SMS or phone call, See-Say® streams cryptographic digits directly to the user in real-time through any mobile or web app integrated with See-Say®.

  • Streamed digits are spoken
    Lastly, the digits aren’t typed into the app or originating browser but are spoken and biometrically authenticated.
The See-Say® Approach unites 3 essential elements (Voice Biometrics, Speech Recognition, Spoken Encrypted Digits) in one scene to guarantee identity.

The combination of these elements has many benefits:

  • Great User Experience: Traditionally, increasing security results in more friction and frustration. See-Say® is faster and easier than retrieving an OTP security credential, memorizing it, and typing it in, whilst dramatically increasing the overall security and providing Trusted Identity Assurance™.

  • Trusted Identity Assurance: The purpose of identity assurance varies by use cases; in enterprise access control is used to prevent false accepts, while in financial transactions, the purpose is to prevent fraud and false rejections.

  • Non-repudiable record:  The cryptographically generated digits, when spoken, validated, and biometrically authenticated, irrevocably links a user to the specific transaction or access request, thereby creating a non-repudiable event. The non-repudiation record can be used in financial transactions to combat 1st-person prevents fraud or “friendly fraud.”

  • Interception attacks difficult: Since the cryptographic digits (which are time decayed, and only generated and streamed to the app when the user presses a request button) must be spoken by the genuine user, interception attacks are rendered pointless.

  • Social engineering hacks are moot: Similarly, because the digits are spoken, versus keyed in, and the voice biometrically authenticated, it renders digit hacking useless. Replay and synthetic attacks are also rendered redundant due to the one-time nature of the payload, the decay time, and the algorithmic capability to detect such attacks.

  • Combats Multi-factor Authentication (MFA) fatigue: A potential weakness in some authenticator apps, is also prevented through both number matching and round-tripping options.

Critically, even with all of these defenses built in, See-Say® is incredibly easy to use. Whether speaking the digits back into the app or into an originating browser session, the See-Say® UX is fast, simple, easy to use, and secure.

Simple APIs mean See-Say® can be integrated into any mobile app or browser application including mobile authenticators such as Okta, Ping Identity, Duo, and other leading data protection solutions.

As global data breaches continue to increase with consequential damage to organizations and individuals, and financial crime on payment systems and digital banking platforms show no signs of slowing, See-Say® provides organizations with a simple, cost-effective solution that provides Trusted Identity Assurance™ and prevents the risk of credential theft abuse that virtually every organization is vulnerable to.

Share this post?