Much like a fingerprint, an individual’s voice is extremely detailed, unique and difficult to alter or imitate. As we move towards a cashless and digitally driven world, we are faced with new risks that require new innovations in security – such as the use of voice biometrics. Banks and credit unions have tapped into biometric authentication as part of a layered security measure to help combat rising risk concerns, with many more expected to move in that direction. According to recent analysis from Goode Intelligence, it is predicted that 1.9 billion bank customers will regularly use biometric interfaces by 2020.
As new advancements enter the market, myths also rise to criticize the new technology that holds the potential of becoming the norm. Many myths have circled around voice biometrics and how it could be more of a security risk rather than a security solution.
There are three particular myths that are fair questions to the idea of voice biometrics but are discredited when you dig a little deeper. The facts of voice biometrics clearly denounce the myths.
Myth One: My password can be stolen if it is heard in a public place.
The motive of voice biometrics and having voice authentication is allowing the individual’s voice itself to verifiy access to an account, not the words. Yes, in essence a password may be vulnerable to theft. However, it is rendered useless without the original voice. In other words, everyone could have the same password to access their accounts, but the differentiating voices would prevent any crossover from occurring.
Myth Two: Voice replication by fraudsters could be easily accomplished via high quality recording.
It cannot be denied that fraudsters’ techniques and abilities constantly advance with new ways to hack accounts. In fact, there are tools in existence with the ability to artificially recreate a person’s natural sounding voice, such as a speech synthesizer; however, these tools require many speech samples and are not yet practical. If a recording is taken and used in an attempted fraud act, the bio-identifiers embedded into the system would be triggered into calling on additional security protocols.
When someone logs into an account online and enters an incorrect password too many times, typically one is asked to answer the security questions that were created with the account. In voice authentication, a similar protocol is made except the person whose voice is in question will be asked to repeat random phrases. Only a decidedly advanced, highly sophisticated program would be able to work fast enough before being locked out. At this point, the true account holder would be notified that there was an attempt to access their information.
Myth Three: Voice biometrics fraud is growing exponentially due to call center vulnerabilities.
The truth is, fraud in general is becoming a heavier issue across the board but voice biometric authentication is the most secure option available. Especially for banks and credit unions, voice is more secure than a fingerprint which makes it the perfect solution.
As mentioned in the previously debunked myth, fraudsters are capable of getting passcodes spoken on the phone. However, if a phone call is recorded in attempt to find the passcode it will not be useful. Voice biometrics require authentic voice, not a passcode. The beauty of voice biometrics is that it detects 100 physical and behavioral factors to validate the voice pattern in question. Since the access is granted by voice with a random phrase, it is impossible to duplicate in real-time and reach the account.
With any new technology, especially when it involves people’s finances, there will be heavy speculation. While this is understandable, the in-depth research behind this security practice and all the factors considered in its development brings peace of mind. It is best to ease minds and boost confidence now, because voice biometrics is on its way to be the new standard for security.
Download ACH Alert’s whitepaper, “Combating Fraud: The Role of Voice Biometrics in Your Layered Security Program,” here.