Active and Passive Voice Authentication: Overview

Talkdesk Identity’s™ Voice Authentication feature allows a person’s identification from their voice characteristics, such as dialect, speed, volume, and tone. The uniqueness of a person’s voice is harder to imitate than fingerprints, and cannot be easily hacked like passwords, making voice authentication an exceptionally secure method of authentication. 

Identity offers two methods of voice authentication: active and passive voice. You can choose to either use both or one.


Understanding active voice authentication

The word “active” in active voice authentication refers to the fact that a caller must actively participate, and consciously say a particular phrase that will be later used for authentication purposes.

The active voice authentication method requires the caller to repeat a passphrase, multiple times, to enable the system to establish its unique voiceprint. This is called the enrollment process.

Every time the caller calls, in order to be authenticated, they are required to say the same passphrase, and the system verifies if their speech matches the previously collected voiceprint.

The passphrase is chosen when configuring the voice interaction in Studio, and you can choose from a list of predefined passphrases or define your custom one. To know more, please click here.


Active or Passphrase

In Talkdesk Identity, the term “Passphrase” is used instead of active voice authentication, since it reflects the experience that the agent and caller have while using this method. 

The agent needs to ask the caller to stay on the line, in order to listen to the instructions and repeat the requested passphrase. The same happens, when the caller is having issues in authenticating with active: the agent will refer to the passphrase (the phrase the caller couldn’t repeat), making it easier for both to identify the authentication method.


Understanding passive voice authentication

In passive voice authentication, the caller doesn’t need to say a specific passphrase, and can just engage in a regular conversation with the agent. 

While on the call, after the caller’s consent to proceed with voice authentication, the enrollment process begins. The system is listening to the call’s audio, and captures the caller’s voiceprint, independently of what is being said or the spoken language. This process, called enrollment, requires at least 20 seconds of speech, from the caller, to be completed.

Afterward, in the next calls, the system compares the caller's speech to the collected voiceprint and verifies it within seconds, regardless of what they are saying.


Passive or On Call

Since this authentication method happens during the call, it is displayed in the Talkdesk Identity app and in the Identity tab of the Conversations app as the “On call” authentication type. 


Differences between Active and Passive voice authentication

There are a few differences between passive and active voice biometrics.



Active voice authentication

Passive voice authentication


Requires the caller to repeat a passphrase multiple times.

Happens during a regular live call.

Requires at least 20 seconds of the caller’s speech.


A caller must say a passphrase every time they want to be authenticated.

Happens during a regular, a live call.

Requires a few seconds.


The caller is only verified before the call starts.

Continuous authentication - the agent can re-authenticate the caller at will during the call and will get the results within seconds.

Caller experience

The caller is fully aware of the authentication process.

It happens in the IVR.

The authentication process is fully transparent to the caller.

It happens normally during a live call with the agent.

Agent experience

The enrollment is usually done after a live call is finished, where the caller is enrolled by interacting with the IVR. 

The authentication is done in the IVR prior to starting the call.

Both enrollment and authentication are done during the call and the agent is made aware.

If the amount of speech by the caller is not enough, no enrollment or authentication happens in the call.


All Articles ""
Please sign in to submit a request.