Your voice is your password

By Scott Wickware

Fraud has always been a problem for the financial services industry. Fraud losses on UK credit and debit cards alone totalled GBP£440m last year. Despite persistent efforts to raise consumer awareness of the risk of fraud, many still claim the responsibility lies firmly with financial organisations to provide more stringent levels of protection. Either way, fraud is costing banks money and causing their customers anxiety. However, by using automated voice authentication to fight fraud, financial organisations can actually save money and make identification and verification more convenient for the customer. According to the centre for economic and business research, automated voice authentication could save UK financial services companies GBP£472 million per year.

Although chip and PIN has reduced the occurrence of fraud, most banks still see between a five to 10 percent identification and verification failure rate with their existing systems. PINs and passwords are themselves easily compromised through intentional theft, user apathy and shoulder surfing. Organisations need to keep abreast of technology advances to ensure they stay one step ahead of the criminals.

We've seen significant investment in voice authentication in recent years, which uses voice biometric technology to prove the customer is who they say they are based on the unique characteristics of their voice. It is particularly advanced in Canada, Australia and the US and is becoming increasingly used in the UK. 

Peoples' voices are unique, just like their finger prints. Voice authentication analyses voice samples to extract key characteristics of a person's voice based on, for example, their vocal tract length and shape, their pitch and speaking rate. This set of characteristics taken together is called a voice print. When a genuine customer enrols with a system, a voice sample is collected and a voice print extracted and stored for future use. When the caller speaks to the organisation again, a second voice sample is collected and compared to the stored voice print. This comparison generates a confidence score as to whether the voice matches the existing voice print - the caller is either accepted, and gains access to the system, or rejected as a poor match.

Voice authentication is now state-of-the-art with a high accuracy rate - it is even capable of accommodating changes in a person's voice as a result of a cold or ageing. As a voice print is almost impossible to impersonate, it is infinitely more secure than a credit card or PIN. It is also the only biometric that can be verified remotely, making it the most convenient biometric to use.

Furthermore, automated voice authentication is quicker than traditional methods, so banks save time and money, while improving the customer experience. It is less invasive for the customer as it removes the need for lengthy and unpopular interrogation by call centre agents.

A more precise and automated identification and verification process will allow organisations to offer new automated services, previously only available via agents. These include personalised caller menus (such as "Your account balance is GBP£650.00, and your last deposit was recorded yesterday, can I help you with anything else?"). Automation of riskier transactions, requiring stronger security, such as change of address, is also possible. Combined these applications lead to a better and more secure user experience and happier customers. However, like all security processes, voice authentication is best used in conjunction with a second factor; something a user has (e.g. credit card, mobile phone) and/or something a user knows (e.g. postal code, secret date).

While customers are increasingly nervous about fraud, they will shy away from systems that are cumbersome or time consuming, leaving them and the bank exposed. Not only is voice authentication user friendly, it offers a highly effective, affordable and convenient solution to security issues, making it a candidate for widespread adoption. Its prevalence could pre-empt the end of passwords and PINs, giving rise to a ubiquitous "spoken token".

About

As Vice President of Enterprise and Mobility, EMEA Scott Wickware, is responsible for all aspects of Nuance's pre-sales and marketing activities for Enterprise and Mobility in (EMEA). He joined Nuance from Real Networks where he was VP, Product Management, EMEA. Wickware spent 17 years at Nortel Networks where he held various technical, management and executive positions.