Work Package 6

This work package will deliver the OCTAVE speaker verification platform. It will deliver integrated technologies to protect the platform from spoofing while ensuring satisfactory in-the-field performance. WP6 will define the platform architecture in terms of interfaces and components, manage the integration of software modules delivered through WPs 3 and 4 and will also enforce compliance with security and privacy standards.

OBJECTIVES

The objectives of WP6 are:

  • To integrate, test and deliver an improved speaker verification platform in terms of recognition performance, robustness against spoofing and environmental robustness
  • To deliver technology optimised in terms of software performance for operation in real time
  • To define overall TBAS architecture and deliver interfaces, for applications within the project and other key use cases.
  • To define interface for integration of other authentication methods (multifactor) and alternative voice biometrics engines.
  • To manage changes to existing solutions and to develop new features for privacy compliance and following best practice with reference to standards and security

DESCRIPTION OF WORK

This is an integration workpackage, aiming to deliver an improved user multifactor-authentication platform based around voice biometrics following the TBAS. The work will be focus on:

  • Improving existing product (example: ValidSoft’s User Authentication platform, ZEFA from APLcomp)
  • Developing new component (example: secure layer developed by Atos)
  • Development new of modules for improved speech technology

ACCOMPLISHMENTS IN MERIT OF WP 6

The overall OCTAVE architecture scenario has been defined

OCTAVE proposes a cloud scenario of “authentication as a service”, eventually offered by trusted third parties to service providers that are not prepared to face the complexity of in-house, reliable, advanced authentication services, resilient to fraudsters. Though the Project focuses on user verification technology through speaker verification, the platform is designed in a way to easily incorporate several biometric engines. The TBAS is meant to abide to “security by design” principles and to European regulations on personal data protection, in a multi-actor distributed environment, consisting of end-service providers, identity management providers and biometric verification service providers. Boundaries among different actor domains are defined by suitable APIs.

 

 

wp6-acc1-5

Standard interfaces have been developed among different system boundaries

User application development is in charge of the Service Providers (in the OCTAVE case, SEA and Findomestic). Identity Management development is in charge of ATOS. The development of the Speaker verification system, i.e. the core of User Authentication functions, based on a pre-existing commercial system, is in charge of ValidSoft. Research Partners in the project provide External Modules, to serve as enhancement components to the Speaker verification system. APIs among the different domains materialise as REST APIs or as C++ API. The splitting of user sensitive data among the service provider, the identity management provider and the authentication provider, along with pseudonymisation of those data at different stages,  implements the principle of Privacy by Design.

 

wp6-acc1-6

The baseline architecture has been enhanced with inclusion of novel anti-spoof

As a first accomplishment, the baseline architecture, available at project start as a commercial system owned by ValidSoft, has been enhanced with inclusion of novel anti-spoof countermeasures provided by research and technology partners.

The post-pilot final platform has been delivered

Leveraging on the results of the User Trials (subjective testing) and on the results of massive automated testing of the platform itself (objective testing), the final version of the  platform has been delivered in a shape ready for potential exploitation:

    • accessible through a simple set of REST APIs, that can be used by any Service Provider to develop its own custom applications resorting to authentication services offered by the OCTAVE TBAS
    • flexible with respect to several speaker verification methods
    • highly secure, thanks to implementation of leading-edge security protocols
    • scalable, as it can handle hundreds of service requests in a short time period without degradation of performance
    • conformant to current European legislation and regulations on privacy protection

Making it ready for commercial exploitation will require further engineering steps, at reasonably limited costs, to implement a number of recommendations issued by deliverables D28, D41, D44 and D48, that in overall deal with feedback from Application providers, users’ behaviour and tune-up of system parameters, according to environmental constraints and applicable trade-offs between security and convenience.

The platform for pilot has been delivered

To conclude the second phase of integration, the second version of the  platform has been delivered which includes:

    • an upgraded IDM component, including implementation of leading-edge security protocols
    • improved anti-spoofing technology with upgraded synthetic voice detection and replay detection modules
    • improved short duration speaker verification
    • an extended interface for testing activities

Demo client applications to use the TBAS have been developed

To show the basic use of TBAS services enroll, update, verify and delete we have developed

    • An Android App: a client for smartphones
    • A Web Application: a client to run on any major browser, on any platform

According to OCTAVE security model, a precondition to use those services is authenticating as a registered Application Provider or Service Provider, known as a trusted entity to the TBAS.

DELIVERABLES RELEASED SO FAR  BY WP 6

This Deliverable has been issued by the OCTAVE WP6, which is responsible to provide the architecture and software, making up ...
Information systems and critical infrastructures often need to securely identify their users. It has long been recognised that alternatives are ...

D37 – Platform for pilot

This report provides the relevant information and documentation, typically attached to any software delivery. The specific delivery consists in the release ...
This report is a supporting document for the final deployment of spoofing countermeasures.  It reports on integration activities including supporting experiments ...
This report is a supporting document for the software delivery of the voice biometrics platform for final deployment. It reports on ...
This deliverable is a software artefact that reflects the first phase of the integration of existing solutions related to voice ...
This document aims at supporting the software delivery of the spoofing countermeasures based on existing solutions from the technology providers ...
This document aims at supporting the software delivery of the voice biometrics platform based on existing products from the technology ...
As more and more information and communication systems are being developed with capabilities that enable the processing and collection of ...

WP LEADER

Benoit Fauve

WP6 Leader and PCB Member

Benoit Fauve  leads the development of Validsoft Voice Biometrics engine. He has worked for ValidSoft for over 4 years helping to establish the company as a leading provider of voice biometrics solutions. He has built a balanced mix of professional and academic experience over the past 12 years. A continuous thread through his career has been the optimisation, adaptation and transfer of highly advanced and innovative techniques in the domain of signal processing and machine learning to real-world applications. Though an expert in signal processing in general, Benoit’s main interest is in speech processing and biometrics. He holds a PhD for his work on speaker verification and previously worked for Neuvoice on speech recognition and acoustic monitoring.