VoiceProtect is run by individuals that have built mission critical products you may have already trusted and used (and not even known it).
Second Mind Labs operates VoiceProtect and was founded by Kul Singh who built mission critical companies such as Tervela: funded by Goldman Sachs and used by the world’s largest banks and companies for secure data transfers. Our head of technology, Andras Kornai, is highly regarded in both academics and business (he has been part of successful companies, including one acquired by Nokia). We also work with individuals who architected the telephony aspects of VoiceProtect, created the first Voice Over IP (VoIP) which enabled products such as Skype and FaceTime.
In addition we have backing from a financial partner that was the same that initially backed and enabled Verisign’s (a $24 billion public company) payout guarantee on SSL certificates. Based on that backing, today Verisign powers millions of businesses on the Internet. This same team views VoiceProtect as the solution to help millions of people around the world be more secure and financially protected.
We are people just like you that want to be secure online and manage our financial downside, which is why we created VoiceProtect.
No, they only offer a second factor whereas VoiceProtect provides 3 factors.
If your phone is compromised, hackers can open the authenticator app (Google or Authy) and see all your online services plus the codes. It is like providing a roadmap to all your online services with a key to each. VoiceProtect provides security even if hackers have full access to your phone.
Plus authenticator apps rely on backup codes, which if a hacker gains access to gives access your accounts. And lost backup codes can create a major hassle. If you buy a new phone and forget to turn off the authenticator app (and don’t have your backup codes), you are locked out and have to contact each service to gain access. For some services you will lose your account if lose your app and backup codes. This is extremely frustrating, but companies either have a choice of locking you out or relying on human judgement for your security.
VoiceProtect doesn’t need to rely on backup codes since it uses voice as a third factor. It works if you have a cold or sore throat, so unless you have completely lost your voice you don’t have to worry about losing your accounts forever or dealing with hassles to contact each service if lose your phone.
You can use VoiceProtect with a password manager and we have nothing against password managers. But you definitely should not solely rely on passwords and password managers because hackers can break passwords in minutes. You must use other security authentication (i.e., multiple factors) even if you use a password manager.
VoiceProtect provides you with the strongest authentication available since it uses 3 factors. It acts as a security overlay on top of your passwords, similar to adding an extra lock to secure your front door.
VoiceProtect acts as a protective intermediary service. The result is that the online service (you want to login to) instead sends us the code using the VoiceProtect phone number. VoiceProtect captures the code and then sends a message to you without the code. If a hacker got access to your text messages, they will see a message which contains nothing other than a link/URL to our service.
When you click the link, you must first enter the correct passcode (something you know), which the hacker doesn’t know. Next you are asked to match your voice (something you are) before you can see the access code sent by the online service. Therefore by issuing you a new phone number and acting as an intermediary service, VoiceProtect ensures you are protected even if a hacker ports your SIM card.
Mobile carriers have customer service agents doing their best to identify the caller as who they claim to be. The problem is so much of our information has been stolen online that hackers can socially engineer mobile carrier customer representatives to issue them a new SIM card that allows them to intercept SMS messages originally destined to the real owner of the mobile phone.
If a hacker fails to convince one agent or local store clerk, they can just try again and again with another agent or clerk until they find someone that accepts their lies. Once a hacker convinces an agent (or person at the store) that they are you and ask to issue them a new SIM card, they gain access to all your SMS messages and protected accounts.
Therefore VoiceProtect provides a phone number that removes human judgment as a risk factor. It removes the mobile carrier and/or a nice store clerk’s vulnerability, from the security equation. We don’t remove the risk of a hacker porting your SIM card, but we do remove the risk of your accounts being accessed due to the SIM card theft.
Initially, VoiceProtect selects the number for you. For security purposes, this is a US-based number so we can properly lock it from being ported out and constantly monitor it for suspicious activity. We also immediately and automatically lock the phone number if we detect it has been ported out – this is the first phone number that does this since it’s designed for security, not communication.
Please note the there are some online services that are local to you and do not support US phone numbers. However, most major online and cloud services allow a US phone number. This includes most services that offer email, data storage or file-sharing, payment, remittance, business services, etc.
We may add an option later to support localized and custom phone numbers at an additional monthly fee. Please contact us at email@example.com to advise if this is something you would want.
A few banks and financial websites block numbers that are not explicitly mobile phone numbers. We identified less than 10 services that do this. If you have an account with a service that prevents this, we understand the frustration but it shouldn’t deter you from using VoiceProtect with your other services.
Meanwhile we promise to educate third-party services that do not allow such numbers about VoiceProtect since our cutting-edge innovation of creating an intermediary service isn’t something they are likely aware of. We will do our best to get VoiceProtect phone numbers whitelisted for those services.
All it takes is for you to read an article that we will show you during enrollment. You will need to read the article for approximately 40 seconds, and show a progress bar to indicate how much is remaining. If during enrollment you need to stop unexpectedly, there is a pause button and you can continue again, but only from the same device.
We understand possible concerns around privacy and we take it very seriously. We as individuals designed the system as with privacy in mind. The following steps ensure the highest level of privacy.
First, your voice authentication and your VoiceProtect number, are stored in a decentralized manner. This data is connected only by an encrypted random identifier that is designed to prevent hackers from gaining access and connecting the dots. This decentralization ensures the highest level of security and privacy. We ask for no other personal identifying data about you (such as your name).
Second, when you enroll or verify your voice, our authentication algorithm creates a proprietary mathematical representation that is highly secure and encrypted.
No. One of the major advantages of VoiceProtect in that no account is created or required. To ensure the highest level of privacy we take the bare minimum information. We do NOT take your name or make you create an account with a username. This ensures we have no personal identifying data associated with you. In addition the information we do take is stored in a decentralized manner to ensure the highest level of security and privacy.
Another key differentiator of VoiceProtect versus other authentication approaches is we support no backdoors such as backup codes or security questions. Both of these represent security vulnerabilities. Backup codes can be stolen from a device that it is saved on or can be accessed by a hacker at time they are shared by a service since they must be shown in plain text (versus encrypted so you can see and copy them). And answers to security questions are constantly stolen by hackers and therefore a weak link in any system. Instead of these backdoors, VoiceProtect requires all 3 factors to be correct.
You simply visit our website and click link where it says to Change or Cancel Service. We will then send you an SMS or email with a link to authenticate. Once you pass all 3 factors, we offer you the option to update or change your credit card, or to cancel service.
We also offer the option to send you an SMS or email each time there is a monthly charge. By default this is turned off to limit the messages we send you.
No other changes are allowed. If you need to change your phone number, we require you to cancel your service and create a new account from scratch. We realize this is inconvenient but it also creates a higher level of security. You can cancel your account at anytime. When you cancel we will immediately delete your VoiceProtect phone number and voiceprint so it is important you change the phone number used for SMS 2-factor authentication on all the applicable online services to a different phone number prior to canceling. If you cancel in the middle of a payment cycle, there is no credit for the period between cancelation and the end of the paid period. Once you canceled the service, you will no longer be charged going forward.
Please contact us at firstname.lastname@example.org