Interview with Nick Ogden, CEO of Voice Commerce

Timon Singh

As founder and CEO of The Voice Commerce Group, a regulated Financial Service Group which operates and delivers mobile financial, payment, identity and verification services and solutions to consumers and businesses, Nick Ogden is primarily responsible for the company's overall corporate strategy and business development.

“"Voice is the natural basis of trust"”
-Nick Ogden

Whilst at the TM Forum Management World Conference in Nice, FST EU were able to speak to him;

FST EU: You founded WorldPay, that's a safeguard essentially against identity theft, which is a big concern for many at the moment. With more and more hackers finding their way around the pin and password safeguards. how do you see the future of identity theft and online security changing over the next several years?

Ogden: Okay, I think there are two parts to that. I think the first part is for the last ten years for whatever reason we've all been internet fixated, and perhaps part of that's my fault, because we guaranteed internet transactions. We didn't guarantee non internet transactions. But there's been sort of a constant battle led by Visa, MasterCard and those other organisations trying to come up with solutions to combat online fraud. And there's nothing wrong with the solutions that are being provided apart from the fact that online fraud still persists and identity theft isn't dealt with by any of the online payment fraud solutions which have been created.

The other anomaly behind all of this is that we've tended to focus on the last ten years on the smaller of the markets which people use. Let me explain that: there's about one-and-a-half billion internet users worldwide today, and yet there's about four-and-a-half billion people with mobile phones. As there are approximately 4.7 billion people in the world with bank accounts, it's logical to sort of assume that most of the people or many of the people with mobile phones have bank accounts, and yet we haven't tried to deal with the fraud/identity theft issues at all associated with mobile telephony.

FST EU: That's another aspect of it. People are using the likes of smartphones and mobile devices to check their banking often which aren't as fully secure as your regular computer. Do you think that the increase in people using their phones to check their banking has made things easier for identity thieves and online banking fraud?

Ogden: Well, the Reserve Bank of India has just issued an instruction to banks in India, that provide these mobile banking services, that they will be fined if there's a security breach. Now that I think answers that question pretty neatly, because when you've got a regulator saying, "Guys, tighten your act up," then I'm just a little guy in the industry and the regulator carries more punch than I do. I think Smartphones and apps and all the rest of it open up new market opportunities, but set against that there is the whole NFC debate about having cash on mobile phones and all the rest of it, where at the moment there are limits being set in the UK of "we're only gonna let people effectively lose 15 pounds of cash on their mobile phones" because of who's responsible if I have virtual cash and the phone gets lost, irrespective of the identity and fraud issues which also surround the same person and activity.

FST EU: I mean that kind of tied into the latest news that's coming to the industry today, that Twitter's Alex Payne is setting up his own online bank to "make things simpler". That's what he's really pushing. It's gonna be "bank simple" - everything's gonna be simple, such as depositing cheques by taking pictures of them. What do you make of all that? Is simple the way to go, or is it just worse for security?

Ogden: I think anybody who's an innovator should be applauded. There are some of the things which he's proposing I think are substantially difficult to a) regulate, and b) provide integrity on.

I think that before we dive down into trying to create simpler things and new banks for checks, which at the end of the day are becoming obsolete in the UK over the course of the next six to eight years, which means that if his bank's based around the check system it has a relatively short lifestyle, it's to really look at the whole basis upon the way that people create trust for themselves and have the capability to manage their own trust and identity, and that's what we've been doing in Voice Commerce Group.

It is trying to come up with systems which allow people to create unassociated e-accounts. What I mean by that is it's an e-account which we operate for them. It doesn't require deposits, it doesn't require them to do anything, and it doesn't cost them anything, but they can use that e-account securely to process online transactions, mobile transactions, and authenticate themselves with a wide range or increasing range of organisations with whom they may transact, and that benefit for that is that they then have control and full knowledge of when their identity/payment instruments are being used. And if their identity or payment instruments are being used or are attempted to be used by a third party, they become instantly aware and those devices can't be used. And what we're doing now is putting guarantees in place to consumers to protect their identity and their money if they use systems such as the systems that obviously we're rolling out.

FST EU: And what about biometric security, how do you see that changing and being implemented over the next five years?

Ogden: Well, it's what we do. We've spent the last three years and a ton of money developing voice biometric technology, and the reason why we've done that is that voice is the natural basis of trust. We've never spoken before, but we may speak again and we'll recognise each other's voices. I've got a plumber who does work at my house. If we have an issue with our central heating or something I'll call him up and say, "I'm away travelling, but my wife's phoned up with a problem. Can you come to my house and fix it?" and that forms a basis of a contract because he knows who I am. He knows where my house is. He'll go and fix the work, and he knows if he sends a bill in that he'll get paid.

That's the way that all of us work, and what we're trying to do with it by creating the voice biometric solutions that we're doing, is effectively create an environment whereby your natural trust is held within a data center which can be used to authenticate you to a third party, and that authentication is validated by us effectively as the underwriter/operator of the identity and payment scheme.

FST EU: In terms of using biometrics though, the European market has always been a tiny bit resistant towards it. In Asia it's taken off in a big way, but there was a lot of news when Poland launched their first biometric ATM despite this happening in parts of the world for years. Europe's really only just getting on board -why do you think that is? Why do you think it's only now that we're getting on board the whole biometric wagon?

Ogden: I think two things; firstly biometrics are a bit Tom Cruise/Mission Impossible, and you have to come up with something that's simple which the majority of the population will use, not something that's technically clever which the geeks will use.

I think it's only now that we can develop and deploy simple technologies which will work for the majority of the time, because just by making something biometric doesn't make it perfect. It makes it substantially better, but, for example, within voice biometrics, if you lose your voice, then at a standard level then the system is inoperable. Within fingerprint technology, if you're a construction worker and you've been working on a building site and your hands are covered in grime, it's unlikely that your fingerprints will work. And interestingly, in Japan - I think Japan or Korea - one of those countries this week, they've been reporting that people are using false fingerprints to gain access to their immigration systems. So these things are substantially better, but nothing is perfect.

FST EU: It does sound very 'James Bond' with fake fingerprints... and that's the thing: for every new level of security there's going to be the criminals that are gonna circumvent it.

Ogden: Well, to a far lesser extent in the model that we believe that we've created. I mean if I give you an example, if you use voice pay on a typical e-commerce transaction today, you go to a shop, fill up your shopping cart, get to the checkout, and then ordinarily you either give your personal details to the merchant or whatever, and you may get prompted for a 'verify by Visa or a MasterCard secure code', but it's unlikely, it's not the norm.

In our world you get to the checkout, you filled up your shopping basket, you then click on the voice pay icon and you enter either your mobile phone number, your email or a pin. Whatever you choose, it doesn't matter. And then your mobile phone rings, and the mobile phone says, "Please tell us your name," so I'd say "Nick Ogden". And at that point I have two factual forms of authentication. I know from the CMI I've called that that device is preregistered to our network that belongs to Nick Ogden, and I know biometrically that Nick Ogden has just answered the phone.

What I then do is say, "Welcome. You're in Fred's Hardware Shop and you're buying X, Y, and Z, and the total value of the transaction is GBP£86.50, if you want to complete this cart transaction, please say ‘voice signature'." I say "voice signature" and that's been authenticated again against my biometric. And if that's correct, then the transaction is complete.

No card details are sent. The transaction's totally secure. No personal data's given on the phone call. No personal or financial data is sent over the internet and the two systems are separated. You've got part of the transaction running on an IP network; part of the transaction running on a mobile network and can that be hacked? Well, of course it can, because anything can. But the probability of somebody being able to hack into my IP router that's being operated by my ISP and concurrently workout which mobile phone mast we're going to be making an outbound call through to you and pull those together in a 30 second time span is remote in the extreme.

FST EU: How about markets where, when it comes to say card security, they are much more lax? I recently went to the US and I was paying on a debit card and they don't yet have a chip and pin system. Literally they just swiped it, and they didn't even ask for my signature, which I was surprised at...

Ogden: ...nor would if you actually used a card with no signature on, they don't notice, and apparently even if you sign it Mickey Mouse they don't care.

FST EU: It seemed insane from someone who's just used to the chip and pin system, that it's not surprising that such a high level of card fraud can occur...

Ogden: But the issue that they have there, and this is the problem, how do you come up with a solution which works for the masses? And how then do you change a system which you, as a group of financial institutions, have introduced as being substantially better than using cash or checks, which is effectively what electronic payments are all about? And off the back of that, your inducement to get the system to work was to give substantial amount of credits to your customers to encourage them to use this system which you've created which then subsequently isn't actually as secure as it should be, and it's a real problem.

FST EU: In terms of - you briefly touched upon credit- that's another sector that seems to be taking off in a big way: e-money. Social networking groups like Facebook have said they're gonna introduce an e-money scheme in order to monetise the company as well as cut down on ponline fraud. Do you think that's something that has a future, or is it a kind of a flash in the pan idea?

Ogden: I was at a Central Bank conference in Kuala Lumpur last weekend and part of the discussion was about these virtual currencies and non-national currencies and all the rest of it, and I think that companies like Facebook and other organisations will be regulated and required to meet appropriate legislation if they are operating e-money schemes. Now that doesn't stop them doing what they want to do. What it does do is make sure that their customers and the integrity of the financial systems that they're operating are correct. And, again, this isn't suggesting that they wouldn't do things correctly, but it's making sure again that if the consumer's using one of these systems - because remember today the biggest issue of e-money is employers, because they pay us all. It's making sure the integrity of the money that we're receiving on payroll in respect to what we decide to do with it is safe.

A serial entrepreneur, Nick has consistently been at the forefront of innovation in technology since 1985. In 1993, he founded Multi Media Investments Limited, a technology research and development company that brought the internet to the Channel Islands through Interactive Telephony Ltd. This led to the construction of Europe's first on-line store, Wine Warehouse, in October 1994 and the development of one of the first bank-endorsed e-commerce initiatives in the form of the UK's first electronic shopping mall, ‘BarclaySquare', in 1995.

In 1997 Nick founded WorldPay, which guarantees internet transactions worldwide, and led the company through its growth to over 270 employees with 20,000 merchants in 120 countries and processing transactions in excess of US$2 billion per annum. WorldPay was acquired by the Royal Bank of Scotland in 2002.