Why Should You Authenticate Voice Assistant Users?

Conversational design and voice application development for Amazon Alexa, Google Assistant and Samsung Bixby requires consideration of each platform's authentication and security models. In this article, learn how it affects to both brands and consumers.

Authenticate users for a secure voice experience.

All in the Family

For this experiment, I ensured both my Alexa and Google devices were trained to recognize my voice so if I asked either assistant “Who am I?”, each would correctly identify me. I then ensured that neither assistant was trained to recognize my wife’s voice. She asked the devices “Who am I?”

Hey Google, Who Am I?

When she asked our Google Home device “Who am I?”, we got the following response: “Sorry, I wasn’t able to verify your voice. You can either try again or verify your voice match settings in the Google Home App.”

Alexa, Who Am I?

When she asked our Echo Show device “Who am I?”, we got a very different response. “I’m not sure who’s speaking, but you’re on Sanjeev Surati’s account.” A recent update from Alexa then prompts the person if they would like to setup a voice profile and if they agree, then walks them through setup.

Bixby, Who Am I?

When using Samsung Bixby, prior to training it with the voice of the registered device owner (in this case, a mobile phone), the voice assistant cannot tell the difference between users. Because the Samsung mobile phone owner signed into her Samsung account to activate Bixby on her phone, Bixby gives the name of the person who signed into Bixby on the device to anyone who asks "Who am I?". How many people will train voice assistants to recognize their specific voice?

Impact on Brands and Consumers

While some brands are just beginning to use voice technology to engage customers, others have integrated voice-first experiences with their customer relationship management (CRM) systems. Personalization requires authentication - verifying that the user is who they say they are - or in this case, who the voice assistant thinks they are. Consumers may not want others using their ride-share account, changing their favorite playlists or smart home routines. Brands don't want unauthorized users making purchases. Security is paramount to a successful voice app, just as it is with any other technology.

Voice App Design and Development Implications

The experiences detailed in this article continue on the backend technology of the voice apps. When you code an Alexa skill, you will be passed a UserId field containing an opaque id based on your account and the skill, however on Google, you are not passed a UserId and it is incumbent on the developers to manage and maintain an id themselves. On Bixby, there is a BIxby User Id, but the user must give permission to your capsule to access it.

As a developer, you can go further by linking an account in your system to your voice application, however, depending on the platform you are working on, and the operations you are enabling on behalf of the user, you should consider whether the operation is appropriate or should be gated via some sort of multi-factor authentication.

Select Voice Technology Experts

Certified Alexa Skill Developers, Google Assistant Developers and Bixby Premier Partners know how to handle authentication and security models that provide an engaging voice-first user experience with your customers.

SoniBridge team is certified in voice technology
Design and develop voice apps using best practices

#amazonalexa #googleassistant #samsungbixby #voiceassistants #virtualassistants

#SoniBridge #WhetstoneTechnologies

159 views0 comments