With criminals using increasingly sophisticated techniques to hack into computer systems and websites to obtain data, the European Network and Information Security Agency is now urging consumers to be more aware of the risks of fraud and take precautions to avoid personal loss.
Certainly, fraud is a rapidly growing problem for today’s businesses. The National Fraud Authority has calculated that the private sector loses GB pound 12 billion on an annual basis through fraudulent activity, while it costs each adult consumer GB pound 765 every year .
Discussions around ultimate responsibility for fraud continue unabated. It’s often argued that the greater responsibility lies with organisations to provide more stringent levels of protection for their customers. This principle is encapsulated in the Banking Code , which rests the liability to compensate consumers for any loss resulting from fraud firmly with the financial institutions (unless those institutions can prove that the victim acted in a negligent manner).
However, businesses themselves have felt hamstrung by the sheer volume of the challenge facing them, and that’s without mentioning the ongoing economic crisis, which effectively tightened purse strings and restricted their ability to respond with force.
Indeed, the austere economic climate continues to put companies under pressure to cut costs, including those earmarked for the security budget. Needless to say, such a course of action is counterproductive. Cancelling or postponing security measures essentially renders an organisation a soft target, potentially leading to much deeper and longer lasting losses.
It’s also a marketing disaster. During economic instability, inspiring trust in one’s customer base is essential. Robust security procedures to protect against fraud and ID theft are a crucial element when it comes to ensuring customer confidence.
While the introduction of Chip and PIN is considered to have reduced the occurrence of fraud, the number of fraudulent card-not-present transactions is rising and provides a stark reminder that criminals adapt quickly to circumvent security barriers.
It’s also worth bearing in mind that fraudsters are pragmatic and will alter their methods depending on the changing level of risk. As organisations invest in securing online transactions, so the fraudsters are shifting their attentions to unsecured domains, moving the phone channel to the front line in the fight against identity theft.
Staying one step ahead of the criminals
The best defence is to stay one step ahead of the criminals, which is perhaps why we’ve seen a groundswell of interest in biometric technology these last few years.
Further to this, voice biometric solutions have come of age and are now becoming more widely used by businesses to secure transactions.
Voice authentication technology essentially proves a person is who they claim to be based on the unique characteristics of their voiceprint. It does this by analysing voice samples and logging their vocal tract length and shape, pitch and speaking rate. These and other characteristics taken together are called voiceprints.
When a genuine customer enrols with a system, a voice sample is collected and a voice print extracted and stored for future use. When the caller speaks to the organisation again, a second voice sample is collected and compared to the stored voice print.
In turn, this comparison generates a confidence score as to whether the voice matches the existing voice print: the caller is either accepted (and gains access to the system) or rejected as a poor match and passed to a trained security agent for investigation.
As a state-of-the-art technology with a high accuracy rate, voice authentication is capable of accommodating changes in a person’s voice as a result of, say, a cold or ageing.
The adoption and flexibility of these solutions provides both the organisation and consumer with the convenience to encounter different levels of security based on the task at hand. For instance, a simply bank balance check may require less or different security checks than transferring money between accounts.
More secure than a credit card or PIN
Given the fact that a voice print is almost impossible to impersonate, it’s infinitely more secure than a credit card or PIN. It’s also the only biometric that can be verified remotely, making it the most convenient biometric to use.
In fact, recent research from Nuance conducted via a Twitter poll found that nearly a third of consumers surveyed believe voice biometrics is the best method for verifying identities on their mobile devices.
It also provides a quicker mechanism to authenticate a user’s identity than traditional methods, enabling organisations to save time and money while improving the customer experience. Furthermore, it’s less invasive for the customer as it removes the need for lengthy and unpopular interrogation by call centre agents.
By using automated voice authentication to fight fraud, organisations can recoup money and make identification and verification more convenient and more secure for the customer.
Research results published by the Centre for Economics and Business Research state that implementing automated voice authentication could save UK companies GB pound 1.4billion a year.
These benefits explain the escalated adoption of voice biometrics. According to Opus Research, over seven million registered voiceprints support user authentication around the globe. The forecast of 25 million by the end of 2012 will help move voice biometrics closer to fulfilling its market potential (which is estimated to be roughly $250 million).
Voice biometrics are particularly advanced in Canada, Australia and the US, and now attracting increasing interest in the UK. Voice authentication is already being used, for example, to enable employees to securely reset their passwords, and in curfew monitoring systems to verify that offenders are at home during restricted hours.
It’s also being used in banking and share trading in the US.
As a precise identification process, voice biometrics allows organisations to offer new automated services previously only available via agents. These include personalised caller menus – such as “Your account balance is GB pound 650.00, and your last deposit was recorded yesterday… Can I help you with anything else?” – as well as the opportunity to record a change of address without having to wait on the line to speak to an agent.
These and other applications lead to a more convenient and secure user experience, and represent key assets in terms of attracting and maintaining customers.
While other security measures add hurdles to accessing one’s own account, voice authentication effectively removes these barriers while keeping the good guys in and bad guys out.
In short, voice authentication is a candidate for widespread adoption.
End users should fully expect the ‘spoken token’ to replace the prevalence of passwords and PINs in the near future.
Paul Way is sales director (UK Enterprise and Mobility) at Nuance Communications
References
1The European Network and Information Security Agency is a ‘Centre of Expertise’ in network and information security for the EU Member States and EU institutions, offering expert advice and recommendations to interested parties
2The National Fraud Authority, January 2011
3The Banking Code his is a voluntary code which sets standards of good banking practice for financial institutions to follow when they’re dealing with personal customers in the UK, providing valuable protection for customers and explaini8ng how financial institutions are expected to deal with them day-to-day and in times of financial difficulty
4CEBR research: ‘The Economic Impact of Call Automation’, 2010