IngenID is a software company specializing in voice biometric technology. Our products are commonly used by our clients and partners to evaluate speech samples to help verify or identify their end customers, as well as to help identify instances where identity fraud may be occurring within their customer base.
Since our inception in 2021, IngenID has designed and built our software offerings with strong data security and protection of individual privacy in mind.
IngenID's Role as a Custodian
IngenID offers its voice biometric software products via our Software-as-a-Service (“SaaS”) delivery model, which utilizes a standard request-response exchange through our secure API. All requests for IngenID’s services are made by software applications which are fully created, controlled, and managed by our clients and partners on behalf of their end customers. IngenID is therefore a business-to-business (B2B) entity; we do not provide services directly to individual end users.
Due to this technical relationship with our clients and partners, IngenID further recognizes our unique role as that of a “custodian” for the data that is sent to us. At no point does IngenID own any of the data which is sent to us by our clients and partners. We instead are custodians of the data clients and partners send to us, managing it as they instruct us to, either by API instruction, or in writing. More information about IngenID’s role as custodian is provided in the remainder of this document.
Personal Data We Collect
IngenID collects the absolute minimum amount of Personal Data possible, only enough to perform the voice biometric processing that are clients are partners require:
- Speech samples, which are typically provided as WAV files or via media streaming
- Optional text-based descriptions of speech sample content
- Optional telephone numbers for certain client applications
No other personal data is collected.
NOTE: Personal Data is only sent to the IngenID Platform via our secure API and is always associated with a "hashed" user id. This hashed user id is generated and managed by our clients and partners, so they are the only ones who know how to associate IngenID Platform information back to actual individuals. IngenID has no knowledge of any actual individual identity, for any end user of client and partner systems we are processing information for, at any time.
Personal Data We Derive
- Voiceprints. A voiceprint (or “template” or “model”) is the output of our voice biometric software processing that represents the unique vocal characteristics of an individual user.
- Classification Data. IngenID’s voice biometric technology also can “classify” speech samples that are sent via one of our published APIs. For example: whether the person speaking is male or female.
How We Use Personal Data
IngenID only uses the data we collect and derive to provide the specific services our clients and partners contract with us for:
- Speech Samples. Speech samples (WAV files) are used by IngenID to build voiceprints for the end users of our client and partner systems. Speech samples are also used within various statistical and deep learning processes to create classification models, scoring models, and support other voice biometric functions within IngenID’s platform. Speech samples can also be used when troubleshooting support requests made by our clients and partners, as well as to help IngenID make improvements to the quality of our signal processing and deep learning modeling capabilities.
- Classification Data. Classification data is used internally by the IngenID Platform to make certain processes more efficient. For example, if attempting to match a male’s speech sample to voiceprints in the database, we can use gender classification information to temporarily remove all females from consideration – and provide a faster initial response. Removed voiceprints can be added back in if match results are unsatisfactory.
- Content Descriptions (Optional). For clients using active prompting, we can optionally accept content descriptions when their samples are sent to the IngenID Platform. These descriptions are used by automatic speech recognition (ASR) systems to validate that the end user repeated exactly what they were requested to repeat.
- Telephone Numbers (Optional). Telephone numbers are needed by third-party partners of IngenID to support optional telephone and interactive voice response (IVR) functions. For instance, if one of our client or partner systems requests that a 3rd party party place an outbound call to a client's end user to obtain speech samples from them for verification purposes, we need to pass through a phone number for our 3rd party partner to honor this request. IngenID does not have its own ability to place calls or provide IVR functions directly (we use 3rd parties). IngenID does not store these phone numbers in its database.
Given the nature of IngenID’s business, we also use speech data and generalized internal system statistics to analyze our performance, meet information security and legal obligations, research alternative ways for us to offer our services, and other related tasks central to maintaining, operating, and improving our core technology.
Sharing of Personal and Derived Data
IngenID never shares any of the Personal Data we collect or derive with any outside companies. The data that client and partner systems send to us never leaves IngenID's platform, unless an authorized client or partner administrative user logs into one of IngenID’s administrative tools to download audio samples for troubleshooting (listening) purposes, etc.
Since IngenID's voiceprints are unable to be used or interpreted by any system other than IngenID software, we have specifically designed our products to NOT be able to export voiceprints for anyone, at any time. Voiceprints are created, maintained, and deleted 100% within IngenID's secure, encrypted environment (only).
Contact Information. Contact information provided to IngenID is only used to get back in touch with individuals who request that we do so (most typically through the “Contact Us” method on the IngenID website); this information is never stored. For our clients and partners, their contact information is only used for legal documents, billing purposes, and normal business communications to support our contractual obligations. Any contact information received by IngenID is never sold or provided to any third parties for any reason.
Consent and Access & Control for Personal Data
As noted previously, all data that IngenID collects are provided by external systems under the control of our clients and partners. In the context of API-based data, IngenID in fact has no idea who ANY client or partner end customers are related to the speech samples being submitted. Thus, it is impossible for IngenID to provide data collection choices, or direct access and control information, to end users of our technology.
Consent. Management of the initial and on-going consent of any end customer of our clients and partners to participate in a voice biometric process, is ultimately the responsibility of our clients and partners. Thus, any end customers who have concerns about consent should contact the appropriate organization directly.
Access and Control. IngenID does provide a variety of access and control tools to authorized administrative users of our clients and partners – so that they are able to fulfill legal obligations they have regarding their use of IngenID technology relative to their end customers’ Personal Data. These tools allow authorized users to create individual entries in IngenID’s database on behalf of their end customers, edit or modify relevant user data, report on this data, or delete this data (in its entirety). In other words, IngenID provides full control over all user data that is contained in our systems – to our clients and partners. Thus, any end users of our client and partner systems who have concerns regarding access to, and control of, their personal data should contact the appropriate organization directly.
How IngenID Secures Data
IngenID takes information security very seriously and has implemented numerous processes and policies to protect the data that is sent to our system or derived internally by normal operations. These are broken into three categories: Physical, Network, and Application.
Physical Security. IngenID’s U.S. data centers are equipped with a variety of physical security measures. Examples include: nondescript buildings, external and internal video surveillance, external multi-level locks, multi-level locks for server rooms, etc. More specific details can be provided upon request to IngenID. At client’s or partner’s own expense, physical audits of data and call center facilities can be scheduled upon request to IngenID.
Clients and partners who elect to deploy IngenID products within their own data center(s) should plan for support of similar physical security protocols.
Network Security. Network security is comprised of both hardware- and software-based solutions. For hardware, IngenID’s hosting servers are deployed behind dedicated firewalls. Firewalls are deployed to prevent unwanted traffic from reaching our servers. These devices enforce the use of the HTTPS protocol for all API communications to IngenID’s data centers. All firewalls are the latest in the Cisco product line and are routinely patched with security updates. Note that securing data in transit is mandatory for any IngenID product (all traffic must be HTTPS).
In addition to requiring HTTPS communications, several other levels of network security occur at the software level. First, within our data centers, network traffic and intrusion detection monitoring is being performed constantly (24x365) by our monitoring team. Second, there are periodic penetration tests that are performed by third party companies. And third, all IngenID APIs require the mandatory use of security tokens for access; no tasks can be performed without supplying active and valid tokens provisioned by IngenID.
Clients and partners who elect to deploy IngenID products within their own data center(s) should plan to provide similar levels of hardware- and software-based network security protocols.
Application Security. IngenID’s software products have multiple built-in features to help further secure our customer and partner data. These occur at the data model, voiceprint, and application level.
Data Model. IngenID's data model has been specifically designed to NOT support the storage and transfer of any PII, other than what is considered “bare minimum” (items as noted previously). For cases where PII could potentially be provided, such as User IDs, we audit all client and partner systems and will not release any production API security tokens until such data is made properly anonymous.
Voiceprints. IngenID’s voiceprints are natively secure. Voiceprints are not voice recordings – they are mathematical models of the unique elements of a person’s speech which are derived from either a “feature extraction” process or a "deep learning" process, depending on the core voice biometric technology being used. Voiceprints can’t be listened to and are nearly impossible reverse-engineer into anything useful. IngenID uses a proprietary voiceprint data storage format that is not published and which can only be interpreted by an active instance of IngenID’s voice biometric engine. So, in the highly unlikely event that someone ever obtained an IngenID voiceprint, there is nothing they could do with it.
Application. All PII in IngenID’s system is fully encrypted at the application level via a dynamic process that leverages the AES-256 algorithm under FIPS 140-2 guidance. Any of the visual tools that IngenID provides which may display PII, such as data views, reports, log entries, alerts, graphs, and other elements, are appropriately obfuscated.
Data Retention Policy
IngenID only stores personal data as is needed by our clients and partners to meet various contractual and legal obligations they are subject to. There are a wide range of needs and situations to address that go beyond the scope of this document; however, some of the more common considerations include:
- User Transaction Data. A “transaction” in the IngenID database refers to an individual session where an end user provides audio samples via a client or partner application to an IngenID product. A typical example is an automated IVR process or mobile application that prompts users to speak various phrases. These interactions typically occur over the course of several seconds up to a couple minutes. When the client application finishes these interactions and is no longer sending speech samples to IngenID, we can create a voiceprint, or provide a verification score back to the client or partner system, etc. The samples and calculations associated with these individual sessions are bundled into a unique transaction for logging, analysis, and reporting.
- The default retention policy is 60 days for all client and partner transaction data. This is generally adequate time to allow for IngenID and its clients and partners to investigate any transaction-specific inquiries, validate monthly itemized billing, etc. Note: this default can be changed upon written client request.
- Enrollment Data. Enrollment in the context of IngenID systems refers to the process of creating a voiceprint from one or more samples of speech sent to us by client and partner systems. These speech samples are typically provided as WAV audio files or via media streaming.
- By default, IngenID keeps all source WAV files or media streams that were used to create an individual voiceprint for as long as our clients and partners wish to keep the user’s voiceprint active within the IngenID System. There are several reasons for this:
- Voiceprints can be “adapted” periodically over time by dynamically rebuilding them as the end customer uses the system. As an example, adaptation is very useful to model changes to speech samples that occur as end customers change their cell phones periodically, or change carriers, or move to a new city, etc.
- As IngenID changes its existing voice biometric technology, or introduces new voice biometric processing algorithms, it is useful to automatically re-enroll end customers as a matter of convenience.
- To address disaster recovery (DR) guidelines, should IngenID’s database of voiceprints get corrupted, we will be able to recover them by running recovery scripts against source WAV files, again as a matter of convenience to end users.
- Upon written request, IngenID can provide clients with the option to NOT store speech samples associated with end customer enrollment. The caveat is that the advantages listed above will NOT be available to the client or partner for any of its applications’ users.
- Speech Samples. In the context of the information provided above, IngenID has settings to destroy all WAV files or media streams immediately – and not store them within transactions, or for enrollment, or any other means. Source audio that is sent to our system can be processed and destroyed within memory and never be written anywhere. Again, due to the nature of IngenID’s business, there are several disadvantages to this approach. However, the decision remains available to our clients and partners upon written request.
- Derived Personal Data. All derived data is created as part of normal transaction processing that occurs at the direction of client and partner system requests. Thus, the data retention policy for these elements is inherited by the settings used for User Transaction Data.
- Administrative Data. Any administrative (contact) data is retained in IngenID’s database for the life of the active contract with the respective client or partner.
In some cases, there are data retention policies or legal requirements to store data after it is no longer actively being used. In these cases, and upon written request by our client or partner, IngenID will implement a custom retention period. However, under no circumstances will IngenID modify a data retention period to exceed terms allowed by Applicable Law.
Disposal of Personal Data
When personal data is no longer needed, IngenID provides numerous mechanisms to dispose of it properly. Personal Data is stored at different levels within our database, so disposal mechanisms vary. Examples include:
- Individual Users. Once an end user ceases using a client or partner application, the client or partner can delete the user from the active system. This API-driven process is performed by the client or partner application, not IngenID. All references to the user will be deleted (User ID, all related transaction data, all voiceprints, and all source speech samples). Destruction of this information is immediate and cannot be reversed.
- Application User Groups. The IngenID system is designed to support multiple tenants (applications) so that we can provide custom processing based on different audio sources, dialects, application usage scenarios, and the like. It is possible to delete an entire application user group when that application is no longer needed. This process is initiated by IngenID upon written authorization from a client or partner, and includes all references to all users in the application group. It is immediate and cannot be reversed.
- Customers. Clients and partners of IngenID’s products are stored as “customers” in the database. The contact information of our clients and partners are used for billing purposes only. Every customer must have at least one active application user group, and at least one active user in each application user group, for billing to occur. It is not unusual for customers to have multiple application user groups. Should a customer or partner ceases to do business with IngenID, we will delete them from the database upon mutual, written agreement. NOTE: as part of this process, we also delete all application user groups and related individual users. This is an immediate process and cannot be reversed.
Other Disposal Notes:
- In cases where disposal of personal data conflicts with retention policies defined by Applicable Law, IngenID will work with its clients and partners to develop an appropriate disposal strategy.
- Should a request be made to terminate a contract with IngenID, IngenID’s default data disposal policy will be to immediately dispose of all Customer data (and related Application User Group and Individual User data). Clients and Partners can formally request that this process not occur for a period of 15 days following the effective termination date – to allow time for them to download available Personal Data from the IngenID system.
ChildrenIngenID and its software products are not directed at children. We are a B2B provider of software designed for adults. We do not knowingly collect information from or about children under 13 years of age, and use of our services by children under 13 years of age is forbidden.
260 E. Main Street
Rochester, NY 14604
END OF DOCUMENT