Voice authentication is the hardest underestimated problem in voice AI. The agent needs to know who is calling before it can do anything sensitive, refund a charge, change an appointment, share an account balance, but the standard 'please verify your date of birth' flow is awkward and slow.
The serious answers are two: biometric voice match (the caller's voice is compared to a stored voiceprint) and knowledge-based authentication tied to their CRM record. Both have failure modes. Biometrics are weakened by spoofing; KBA is weakened by social engineering.
A production-grade auth flow combines both, escalates to a human for anything sensitive, and refuses to fall back to weaker verification when the strong path fails. That last point is where most vendors quietly cut corners.

