Layer 2 — Cryptographic Voice Identity

Voice Enrollment

Live voice replaces the password — and resists the recording.

Sesim Cryptographic Voice Identity (Layer 2) lets a customer enrol a voice biometric credential in 2–5 seconds. The raw audio is never persisted; only a salted, irreversible voiceprint hash is stored — bound to a patent-pending integrity stack with anti-spoofing, dynamic challenge and post-quantum primitives integrated during pilot.

Private pilot

Live voice enrolment is restricted to active pilot customers. To request access for a caller-auth, mobile voice-login, or ATM voice-PIN pilot, contact us.

Request pilot access →

How enrolment works

Customer speaks for 2–5 seconds (any short phrase or one-time enrolment text).
ECAPA-TDNN extracts a 192-dimensional voiceprint embedding in-memory.
Embedding is salted per-user and hashed with SHA-256, then encrypted at rest (AES-256, HSM-managed key).
Raw audio is securely erased; nothing else is retained.

KVKK / GDPR posture

Voice biometric data is special category (KVKK Art.6 / GDPR Art.9).
Explicit consent flow is operated by the bank; Sesim provides the template.
Right-to-erasure honoured within 30 days, with deletion certificate.
In-VPC inference option available so audio never leaves the bank perimeter.

What this proves

A single voiceprint enrolment is enough to authenticate across phone, mobile and ATM channels.
No password storage, no SMS-OTP smishing exposure, no SIM-swap dependency.
Coercion at the moment of authentication can be flagged via Layer 1 cross-signal (silent alarm).

Pilot at a glance

Duration

8–12 weeks

Fee

$25–40k creditable

Scope

One channel — caller-auth, mobile voice-login or ATM voice-PIN

KPI gates

FAR ≤ 0.1% · FRR ≤ 2% · spoofing-rejection ≥ 95%