Make this page my home page
  1. Drag the home icon in this panel and drop it onto the "house icon" in the tool bar for the browser

  2. Select "Yes" from the popup window and you're done!

July 03, 2014
Print Comment RSS

Tim Dees Police Tech & Gear
with Tim Dees

How to use speech for your dual-authentication login

Two-factor authentication soon required for access to criminal information databases

Few cops get through their workday without accessing a computer, either in their car, at the office, or even on a tablet or smartphone. The databases available through these instruments is invaluable, but it also has to be protected with passwords and other safeguards. At some future date, your password may be supplemented by scanning your face, or your voice.

Information technology (IT) professionals in law enforcement agencies have an especially difficult job. They guard access to highly sensitive information that many people in the private sector would like to get, and who will go to considerable trouble to access if there is some way to do it. The legitimate users of this information are the working cops. Cops understand the need for security, but they tend to be highly lax about it when it interferes with their personal convenience. Locked doors get propped open; guns are dropped into unlocked desk drawers while their owner is working inside the station.

Password-related Security Gaps

Cops are similarly careless about passwords. When the Arizona Department of Public Safety internal network was penetrated by invaders and its contents published to the world, it was revealed that many of the network passwords were easily-guessed variants of the users’ badge numbers, duty stations, or character strings like “12345” or “qwerty.”

If the IT manager forces the users to use complex, random passwords, they will write them down on desk blotters or Post-It notes next to their computers — cops can sometimes be their own worst enemies when it comes to computer security.

For this reason and others, the U.S. Department of Justice will soon require two-factor authentication on computers that have access to criminal history information.

One-factor authentication is what we have now — a password, a card key, a flash drive, some token that admits you to the restricted information.

Two-factor authentication is “something you know, plus something you have.” The “know” portion is a password, typically, but the “have” portion can be that flash drive or card key, or your face or voice.

Off-the-shelf Biometric Technologies

One vendor currently in talks with some major public safety computer hardware providers is KeyLemon, which has as its core business facial and voice recognition technologies.

Biometric authentication tokens have a big advantage over RFID chips, NFC transponders, card keys, or flash drives: you can’t lose them. You can misplace or have stolen any piece of hardware your agency gives you to access your computer, but you’ll always have your face or your voice with you.

Up until relatively recently, face and voice recognition systems were anything but foolproof. Some face recognition systems could be fooled by showing the camera a photo of the person with the enrolled face. Spy movies have long used the trope of recording the voice of their victim in a narrative that included all the words they needed to access the secret vault, but mixed in with other words. The spy then edits and rearranges the recording to get the passphrase he wants, and plays it for the unsuspecting computer.

KeyLemon’s technology works with the cameras and microphones built in to most current laptop computers, normally used for Skype and video-conferencing. Users “enroll” in the system by having the camera record a series of still photos (the process is similar to recording video) and reading from a short script into the microphone. During subsequent authentications, the system monitors for blinking and slight movement that a photo can’t reproduce.

Patrol cars often operate in high-noise environments, and in all lighting conditions. This poses a challenge for this type of technology, as the software has to recognize a face or a voice that may be presented in a very different context than when it was enrolled.

Anthony Gioeli of KeyLemon is confident they can overcome that disadvantage, saying “KeyLemon’s face recognition algorithms were developed to compensate for the difficult background conditions encountered in patrol vehicles, potentially enhancing officer safety by helping to keep their hands free and attention undivided even in the most dynamic environments.”

When the user goes to access the computer protected with KeyLemon’s software, he is prompted to look into the camera or speak a phrase three to five seconds long into the microphone, plus enter a user name and password.

The system can run as a stand-alone application, resident on the user’s computer, or in a client-server configuration, which requires a data connection from the user’s computer to the server. Which of these any agency will use will depend on how their network is set up and whether a data connection is available.

The system is available for purchase or lease. If purchased, pricing will be in the neighborhood of $50 to $60 per device. Leasing will require the client-server configuration, and will run around $1 per user per month. KeyLemon says that some computer vendors may offer their software as a pre-installed option, ready to go when the computer arrives at the agency that purchased it.

About the author

Tim Dees is a writer, editor, trainer, and former law enforcement officer. After 15 years as a police officer with the Reno Police Department and elsewhere in Northern Nevada, Tim taught criminal justice as a full-time professor and instructor at colleges in Wisconsin, West Virginia, Georgia, and Oregon.

He was also a regional training coordinator for the Oregon Dept. of Public Safety Standards & Training, providing in-service training to 65 criminal justice agencies in central and eastern Oregon.

Tim has written more than 300 articles for nearly every national law enforcement publication in the United States, and is the author of The Truth About Cops, published by Hyperink Press. In 2005, Tim became the first editor-in-chief for Officer.com, moving to the same position for LawOfficer.com at the beginning of 2008. He now writes on applications of technology in law enforcement from his home in SE Washington state.

Tim holds a bachelor’s degree in biological science from San José State University, a master’s degree in criminal justice from The University of Alabama, and the Certified Protection Professional credential from ASIS International. He serves on the executive board of the Public Safety Writers Association.

Dees can be reached at tim.dees@policeone.com.

Keep up on the latest products by becoming a fan of PoliceOne Products on Facebook


Request product info from top Biometrics & Identification companies.
First Name:*Zip Code:*
Last Name:*Telephone:*
Department:*I recommend or purchase products for my Department:*
Department size:*Purchasing Timeframe:*
Email:*
*Required Field


PoliceOne Offers


Biometrics & Identification Sponsors

Featured Products

L SCAN® 1000PX - Compact, High-Resolution Tenprint & Palm Print Livescan System

L SCAN® 1000PX - Compact, High-Resolution Tenprint & Palm Print Livescan System



Mobile Rapid ID - Wireless Fingerprint Identification

Mobile Rapid ID - Wireless Fingerprint Identification




Featured Videos

Top Product Articles

Featured Deals

Featured Product Categories

Police Biometrics & Identification Questions

PoliceOne Offers