Blog: A Soon-to-Be Must-Have: Biometrics Authentication for Customer Service
Apple Pay’s Touch ID application has pushed biometrics payments authentication into the mainstream. But biometrics authentication goes beyond fingerprint sensors, and voice biometrics authentication is one of the best ways to thwart identity fraud.
There were more than 12 million identity fraud victims in 2012, and fraudsters stole nearly $21 billion, according to Javelin Strategy & Research. This is about one victim every 3 seconds. Large data breaches provide account and personal information to fraudsters, who then use it to access individuals’ accounts. America leads the world in the number of payment card accounts, including prepaid, that have been breached. Business Insider reports that payment card breaches cost card issuers $3.4 billion in 2012 and merchants another $1.9 billion.
Fraud, identity theft and security breaches have continued to climb at alarming rates in America, along with resulting losses to consumers and businesses. While passwords, PINs, static security questions and other forms of account authentication were once “tried and true” for guarding against attacks on cardholder data, these methods no longer provide iron-clad protection. As white-collar crime evolves, it’s essential that security measures escalate to even higher levels of sophistication.
Today, biometrics authentication is one of the best ways to stop the fraudsters. And for financial institutions big and small, measuring and analyzing human body characteristics for authentication purposes is now within reach financially and operationally. The technology has improved along with the underlying communications channels, reducing the cost of a single authentication to pennies per instance. Compare this to the cost for a customer service representative to authenticate a customer, which could easily be $2. In the prepaid space, companies can use biometrics to control who has access to personal information and card data. Consumers can be uniquely identified by their face, fingerprint, hand, iris, retina, voice and, of course, DNA. In this day and age, biometrics authentication is easy with a smartphone that enables the snap of a “selfie” (facial recognition) or a repeat-after-me interaction (“me” being a voice biometric engine). As part of an onboarding and authentication system, biometrics can be combined with advanced knowledge-based authentication—for example, facial recognition by comparing a selfie with a stored photo at a records bureau.
Voice biometrics authentication, in particular, is incredibly reliable and shouldn’t be compared or confused with voice recognition. A voiceprint is distinctive like a thumbprint, but even more reliable than fingerprinting with a 99.99 percent success rate. Fingerprinting can provide misleading results due to contextual bias. For example, the FBI mistakenly matched a partial fingerprint found on a bag of detonators linked to the March 2004 terrorist bombings in Madrid to Oregon lawyer Brandon Mayfield.
While PINs and other authentication data can be breached, customers’ voices cannot be compromised or stolen.
By conducting sophisticated analysis of hundreds of voice characteristics, voice biometrics can accurately identify and authenticate a customer in real time. While the technology is complex, the process is simple for consumers, who are asked to speak a few words, at which time their voiceprints are mapped and stored in an encrypted file. From there on out, the voice is matched for account access and becomes a password, per se. It’s a quick, secure way to authenticate every time someone calls to make changes to an account, schedule transactions or request information. And there’s nothing for the customer to remember or lose.
The passwords, PINs and static security questions traditionally used for account authentication are a relatively weak defense against fraud. FFIEC guidance recommends and sometimes mandates using multifactored, dynamic forms of customer authentication, versus archaic, static methods. Voice biometrics—used by government intelligence agencies worldwide—is a proven method of identification that should be part of a multilayered authentication system.
The Beauty of Biology
While PINs and other authentication data can be breached, customers’ voices cannot be compromised or stolen. Even voice recordings or “replays” cannot be used to gain unauthorized account access. Voice authentication applications can ask for words, numbers and phrases in random order, making recordings or stolen voiceprints useless. Even in noisy environments, such as airports or industrial settings, voice authentication still can identify a customer’s voice by separating the background noise from the voiceprint. In any language, with any regional accent—and despite a stuffy cold or a muffled voice—biometrics can securely authenticate a voice in real time.
With this “Back-to-the-Future” technology, customers can be authenticated using inbound or outbound calling, texts, a mobile application or Web browser. And voice authentication can be integrated with new or existing interactive voice response (IVR) and call center systems. When a customer calls the IVR, he or she can authenticate in real time, or if speaking with a customer service representative (CSR), the CSR can send the customer a text message with a “talk back” link. Alternatively, the cardholder could be connected to a mobile Web browser to authenticate. Because call centers and customer service reps don’t have to repeat account verification or identification questions, 20 percent or more of their time can be saved, resulting in reduced costs and a much-improved customer service experience.
Biometrics technology enables fast, accurate authentication to prevent fraud, whether attempted by brute force attacks, credential sharing or resets, hacking, phishing, vhishing, Internet searches or social engineering. Many financial institutions have implemented voice biometrics with VIP customers for high-risk transactions, and others are piloting the technology with their mobile customers. Due to heightened security concerns and the need for multiple methods of authentication, a surge in the adoption of voice biometrics is underway. Giving voice to the consumer has new meaning.