Custom security attribute

Security is an important concern with automatic enrollment. The system must have confidence that a person is who they claim to be before automatically creating a voiceprint model for that person.

The recommended approach for ensuring the system has confidence in the identity of a person is to use a custom security attribute as follows:

  • You should require each caller to pass some form of non-biometric authentication before participating in an interaction.

    For example, you might require a person to provide information such as the color of their first car, their mother’s maiden name, or some other piece of information that only that individual would know.

  • When a person passes this non-biometric authentication, a desktop application (or an external system such as an IVR system), inserts a custom security attribute into the interaction metadata for the channel on which the customer speaks.

The system then uses only interactions whose metadata includes this attribute for automatic enrollment.

In a production environment, the custom security attribute is recommended to automatically enroll customers because of the risks associated with stolen data.

For example, if an identity thief steals a customer’s account number, and the account number is the only form of identification a person must provide to automatically enroll, the thief can create a voiceprint model posing as that user simply by providing the stolen account number.

If you utilize an additional security attribute in the interaction metadata that indicates a person has passed a non-biometric authentication process, it is more difficult for the identity thief to provide all of the information needed to create the voiceprint model.

To implement a custom security attribute in your environment, you use a Custom Data Field.

Use a Custom Data Field

With this approach to automatic enrollment, you do the following:

  1. Create an attribute to serve as the custom security attribute.

    See the Recorder Configuration and Administration Guide for information about creating attributes.

  2. Implement a solution that inserts this attribute into the interaction metadata when the user passes the non-biometric authentication.

    See Inserting attributes into the interaction metadata for details.

  3. Map the custom security attribute to a Custom Data field.

    See the Recorder Configuration and Administration Guide for information about mapping attributes to Custom Data fields.

  4. Create a campaign that specifies the Custom Data field as a campaign filter attribute so that the campaign includes only interactions in which the custom security attribute is present in the interaction metadata. Although not normally done, additional conditions can also be used for further filtering.

    See the Archive Administration Guide for information about creating campaigns.

  5. Configure a Recorder Analytics Rule that performs automatic enrollment. In this rule, you specify the campaign created in the previous step as the campaign to use for automatic enrollment.

    See Workflow: Configure a Recorder Analytics Rule for more details.

Essentially, with this approach you create a campaign that contains only interactions on which a user has passed a non-biometric authentication. Then you configure the system to perform automatic enrollment using the interactions in that campaign.

Related topics 

Automatic enrollment