The present web of information created by the hypertext transfer protocol is not accessible to a large portion of the public due to illiteracy, lack of access to computers or internet, etc. Compared to internet, cell phones have much greater penetration. A spoken web system is a key element of the expanding access to information technology to illiterate or semi-literate people. However, existing spoken web protocols (such as HyperSpeech Transfer Protocol—HSTP) do not have a strong security component, which serves as a bar to its potential deployment in supporting commercial transactions.
Spoken web allows for hyperlinks that automatically take a user from one voice site to the other. However, there is no way for a user to validate that he has indeed reached the site that he thought he was being taken to. This makes the protocol vulnerable to a variety of session attacks. A challenge exists for knowing that an individual has reached an intended site when dealing with voice traversal to sites that solicit confidential information such as, for example, payment gateways. Secure Hypertext transfer protocol (HTTPS) authentication cannot be used because it relies on visual cues in the browser (for example, a lock icon) to denote authentication, and the user reading the certificate details to verify that she is on the correct site.
This same problem exists for interactive voice response (IVR) systems. Existing IVRs that perform transactions can be reached by the user directly via a dialed number, but the connection is also potentially insecure.