Between Alexa’s built-in functionality and Skills API, you can now use the platform to do almost anything. Simple voice commands let you do things like order a pizza, send someone money on Venmo, or even buy another Echo.

But here’s the thing – anyone using your Echo can do these things without your permission, potentially putting you on the line for fraudulent transactions.

Luckily, a team at TC’s Disrupt NY Hackathon decided to built Sesame, an Alexa Skills app that lets you add voice authentication to certain tasks.

To use the service a user goes to Sesame’s web-based app, and gives a voice command like “Venmo Joe $10”. Sesame then authenticates the user’s voice by matching it with a prerecorded passphrase, and passes the request onto Alexa to fulfill.

But why does Sesame need to be web-based and not native on Alexa? Because Alexa’s API doesn’t actually pass through voice to developers, only a text transcription of what the user said. Since a text transcription obviously isn’t enough to authenticate your voice,  Sesame had to be built as an in-between between your voice and Alexa.

Sesame’s current iteration lets you send a friend money on Venmo, order Pizza, and send a text message, but the team expects to add functionality like the ability for only certain users to change the song on Spotify or place an order on Postmates.

In addition to Alexa’s Skills API, the team also used VoiceIt to power their voice authentication.

The app was built by Shanto Goswami, Kunal Batra, and Ryan Neff, who all met for the first time at the event. The team plans on polishing Sesame and eventually releasing it as a full-fledged product built on top of Alexa.
from TechCrunch