America’s-Guard-is-Still-Down-With-Identity-Theft

America’s Guard is Still Down With Identity Theft

You would think that by now, after years of seeing cybersecurity updates in the headlines, most consumers would have a basic understanding about how to stay safe online and from identity theft.

Unfortunately, this does not appear to be the case.

According to a new study from Experian, half of the consumers that were polled think they will never experience identity theft because a poor credit limit makes them unappealing targets.

What’s more, a quarter of consumers have shared their credit card number or personal identification number (PIN) with friends and family members. And 20 percent would allow a friend or family member to use their personally identifiable information to get a job or credit.

These are just a few of the troubling statistics that appear in the report. For instance, 66 percent of respondents believed that the threat of identity theft will diminish over time after personally identifiable information is stolen.

Only 44 percent of respondents knew that the risk of identity theft can last for a lifetime.

Plus, the study shows that most consumers find the task of monitoring their financial services so challenging that they only rely on banks and credit card companies to catch fraudulent activity.

You may not have the power to change your customers’ minds about cybersecurity risks, but you do have the power to make identity protection fast and convenient for them.

One way to accomplish this is to supplement your mobile application, website and contact center with biometric identity verification solutions like voice, fingerprint, iris and face scanners. It is recommended that businesses implement a variety of these technologies, so that customers have several options to choose from.

To learn more about voice biometric identity verification, click here.

Register for a FREE Developer Trial Now

Mobile-Devices-Are-a-Top-Threat-to-Enterprise-Security

Mobile Devices Are a Top Threat to Enterprise Security

Rest assured, your employees are using smartphones and tablets at work whether you have a “bring your own device” policy or not. Mobile devices are the fastest and most convenient way to chat, search for information and communicate with team members.

Unfortunately, they can also be considered a top enterprise security threat based on the findings from a study conducted by Dimensional Research.

Of the 412 enterprise security leaders that were questioned in the survey, 64 percent don’t believe that their organization has the security software to stop a cyberattack on their mobile devices.

Here are some other terrifying statistics from the study:

  • 20 percent of companies have been victims of a cyberattack through their mobile devices, while 24 percent have no idea if they have been compromised.
  • 94 percent of security professionals claimed they expect a cyberattack on their mobile devices within the next 12 months.
  • 97 percent believe that cyberattacks through mobile devices are increasing.

Unfortunately, there is a big disconnect occurring here.

Respondents appear to be well-aware that their companies aren’t taking mobile security seriously enough, with over half indicating that their company hadn’t used a mobile security solution. And yet, little is being done to change this.

One reason for this is a lack of resources. 53 percent of respondents claimed they could not afford strong security solutions. Other organizations may have a lack of executive awareness or support, an unwillingness to change or concerns about implementing a mobile security policy that would restrict and alienate workers.

Voice biometric identity verification is one cost-effective, and easy technologies that can help enterprises improve mobile security.

“Voice is a unique biometric,” explained VoiceVault EVP of Sales and Marketing Julia Webb during a recent Biometric Authentication podcast. “Unlike other biometric voice can be used anywhere there is a microphone, which makes it inexpensive to deploy. And it can be just as accurate as other biometric technologies such as EyeVerify, which was recently acquired by Alibaba, or even [Apple’s} Touch ID. And all we need is a small amount of speech in order to authenticate an individual.”

Want to learn more about mobile voice biometric identity verification? Try our free developer trial today!

Register for a FREE Developer Trial Now

Still Using Passwords

Still Using Passwords?

According to a recent report from Verizon, weak and stolen passwords are still a leading factor in enterprise data breaches. In fact, the odds of getting hacked via password are greater than any other method.

Does this mean you should immediately migrate away from passwords? It may be unrealistic to suggest this, as your users may still prefer using them on their devices.

While passwords may not be going away any time soon, though, your company can at least start looking for new ways of fortifying them so that they cannot be easily exploited by hackers.  It’s possible, for instance, to layer additional security technologies alongside passwords — one being voice biometric identity verification.

What should you do if your business isn’t quite ready for voice biometrics?

Here’s something to look into:

Researchers at Carnegie Mellon University and the University of Chicago have created a new tool that takes passwords and compares them to a large database of codes that have been made publicly-available from leaks.  This tool will scan a password to make sure it hasn’t been used by a user on another website, and it will make sure that the password does not follow a common pattern. As Forbes explained, the tool also checks passwords against common dictionary terms.

Of course, we can speculate that in time hackers will find a way to use this new tool to break more complex passwords. But in the meantime, it should suffice as a quick fix while your organization considers integrating more advanced security measures.

When you’re ready to give voice biometrics a try, head over to VoiceVault’s demo section where you will find free trials of our software.

To get started, click here.

Register for a FREE Developer Trial Now

Study Highlights Alarming Power of Financial Malware

Study Highlights Alarming Power of Financial Malware

Financial institutions are now facing an uphill battle in the war against cybercrime. According to a new study from Symantec, the malware that hackers are using to target financial institutions has gotten extremely dangerous.

“As we had predicted in 2015, we saw an increase in attacks against corporations and financial institutions themselves during 2016,” stated Candid Wueest in the report. “With more than 1.2 million annual detections, the financial threat space is still 2.5 times bigger than that of ransomware.”

Here are some additional items of interest from the report:

  • Ramnit was the most active financial Trojan last year. It was responsible for 38 percent of [nefarious] activity.
  • At least 170 mobile applications were targeted for credential stealing.
  • Financial institutions in the U.S. were targeted the most out of any other country.

The report also mentioned social engineering as a major threat that financial companies are now facing. Hackers are now going to great lengths to spoof employees into surrendering sensitive information.

In light of this report, financial companies should strongly consider building advanced authentication tools into the framework of their digital applications and contact center communications systems.

We encourage financial companies to take a multifactor approach to user authentication by implementing a variety of different security technologies. This should include both traditional and biometric systems. For instance, passwords and personal identification numbers (PINS) could be offered alongside voice biometric, iris, face and fingerprint readers.

Why use a multifactor strategy? There are two major benefits: It provides an extra layer of security for users, and it’s more convenient.

To learn more about VoiceVault’s approach to security, click here.

Register for a FREE Developer Trial Now

Experience the Power and Flexibility of Fusion 9 from VoiceVault

Experience the Power and Flexibility of Fusion 9 from VoiceVault

The cybersecurity landscape has changed dramatically in recent years, as attacks have increased both in volume and sophistication. As such, the need for advanced user authentication has never been greater.

Despite this, many organizations continue to protect user accounts with outdated and inefficient authentication technologies like passwords and personal identification numbers (PINs), both of which are ill-equipped at stopping targeted and persistent attacks.

Fortunately, it’s getting a lot easier for the average business to upgrade to powerful voice biometric authentication systems, for extra security during money transfers and account logins.

Today, for instance, VoiceVault released a new version of its leading voice biometric engine, Fusion 9. It’s the most flexible, secure and cost-effective engine from VoiceVault to date.

In Fusion 9, customers can choose from hybrid, on-device and cloud-based deployment models. Plus, there are new biometric modes (Cryptocode and CRDate) for added protection against new threats like synthetic speech attacks.

Other exciting updates in Fusion 9 include a new, expanded UI portal with detailed transaction reporting and location services, audio playback and viewing and a full suite of administrative controls for adding users, language packs and configurations.

Businesses can also utilize Content Addressable Storage (CAS), which grants full control over its binary data storage in filesystem, database, Amazon S3 and more. These controls make it possible to duplicate, encrypt and migrate data between storage systems — allowing for significant cost reductions.

“As news feeds today are constantly filled with reports of data breaches, malicious cyber-attacks, biometric spoofing attempts, and synthetic speech attacks, VoiceVault is excited to launch VoiceVault Fusion 9 raising the bar against these anticipated threats,” stated Julia Webb, Vice President of Sales and Marketing. “With the ability to seamlessly integrate with other authentication factors, VoiceVault Fusion 9 continues to set the standard for voice biometrics in demanding consumer applications.”

Want to learn more about Fusion 9? Contact us today via the form below.

 

Register for a FREE Developer Trial Now

Banks-and-Fintechs-Use-Multifactor-Authentication-to-Reduce-Operational-Risks

Banks and Fintechs: Use Multifactor Authentication to Reduce Operational Risks

Over the last year or so, there has been a significant uptick in the number of financial institutions leveraging disruptive financial technology (fintech) services. Third party fintech providers are now streamlining everything from payment processing and lending to wealth management.

As these two industries continue to merge, though, cybersecurity is quickly becoming a growing concern to U.S. policymakers and regulatory agencies. Just recently, for instance, a group of business leaders from the fintech industry travelled to Washington, D.C. for a series of important discussions with the Federal Reserve Board (FRB), Consumer Financial Protection Bureau (CFPB), Office of the Comptroller of the Currency (OCC) and Federal Deposit Insurance Corporation (FDIC).

While cybersecurity wasn’t the only topic that was discussed, it was a big one.

According to The Hill, U.S. regulators are worried about operational risks associated with the use of novel technologies in financial settings. As such, regulators and policymakers expect financial institutions to “meet high standards for the due diligence and monitoring of their third-party service providers, especially around cybersecurity and data security.”

Of course, identity verification is a major piece of the cybersecurity puzzle for banks and fintechs. And one way that companies can strengthen authentication and reduce fraud is to embed multifactor security options into their applications — providing extra security options beyond traditional passwords and personal identification numbers (PINs).

While this may sound difficult, it can be easily accomplished by working with a company like BioConnect, a VoiceVault partner and creator of the BioConnect Identity Platform which supports a range of enterprise-grade biometric technologies including face, fingerprint and iris scanners. The BioConnect Identity Platform also utilizes VoiceVault’s cutting-edge voice biometric identity verification technology. Fintechs can use the BioConnect Identity Platform to obtain simple, user-friendly and highly-secure user identity verification.

“Ease of use, security and fraud reduction are major drivers as to why we’re seeing changes to identity verification within every day, run of the mill banking applications,” stated Bianca Lopes, Vice President of Strategic Marketing and Global Alliances for BioConnect. “VoiceVault has a brilliant track record and a sound voice recognition technology that will provide enterprise clients with ease of use, scalability and ultimately, greater choice by being a part of the BioConnect Identity Platform.”

To learn more about BioConnect, click here. To learn more about VoiceVault, click here.

 

Register for a FREE Developer Trial Now

Three sneaky ways hackers break into phones

Three Sneaky Ways Hackers Break Into Phones

Here is a scary fact: According to one recent study, 47 percent of businesses that were surveyed had at least 1,000 sensitive files exposed to every employee while 22 percent of companies had 12,000 or more.

Does this sound a bit like your organization? Chances are likely that your employees have sensitive data floating around on their mobile devices, which could be easily extracted by a sophisticated hacker.

Unfortunately, smartphones are highly vulnerable to hacking. Here are three unexpected ways that a hacker could break into a mobile device and lift information for personal gain:

Number spoofing: What’s the easiest way to break into someone’s phone? As it turns out, you don’t have to breach their device at all. Now, hackers can download a spoofing or caller ID application to mask their telephone number and assume someone else’s. Hackers could use this strategy to trick employees into surrendering sensitive information via SMS.

Motion orientation sensors: Smartphones contain a major security flaw, in that mobile websites and applications do not need special permissions to access motion and orientation sensors.

As explained in Android Authority, hackers are now using device positioning and movement sensors to hack passwords. When a user taps, scrolls or presses on a screen, in other words, each movement will cause the person to hold the device a certain way and it can be easily observed by a snooping third party. This information is very valuable to a hacker. In one study, hackers were able to hack four-digit PINS with 70 percent accuracy the first time around, and 100 percent accuracy the second time.

Masterprints: Here at VoiceVault, we maintain that fingerprint sensors — though effective most of the time — should only be used in conjunction with other authentication solutions like voice biometrics. This is because they can be vulnerable to attacks. Researchers, for instance, recently discovered that smartphone fingerprint sensors could be fooled up to 65 percent of the time by “master prints” which are digitally rendered from common fingerprint readings.

So take our advice: It’s time to fortify your business’s mobile end points before one of your employees’ phones gets hacked.

Register for a FREE Developer Trial Now

Why-did-HSBC’s-Voice-ID-system-fail

Why did HSBC’s Voice ID system fail?

You may have read the news that the BBC have successfully caused HSBC’s Voice ID system, provided by another voice biometric vendor, to falsely accept the non-identical twin of an enrolled user. This occurred after the ninth attempt that the twin took to access the user’s bank account. Thus, causing the issue to be that of failing to follow best practices rather than a failing biometric element. Since all biometrics are statistical in nature, measures must be taken to ensure that the likelihood of a false accept is as low as possible. Current best practices can include account or device lock-out after multiple failures, which would have prevented the BBC’s false accept.

To further help financial organizations protect and prevent against this recent type of breach, VoiceVault is excited to share with you the upcoming release of VoiceVault Fusion 9. Version 9 of our core, proprietary, engine includes additional controls, new biometric modes, seamless integration with other authentication factors, and detailed reporting with location services. Official announcement and details forthcoming in the very near future.

In addition to staying on the forefront of voice biometric technology, we pride ourselves in working collaboratively with our clients and partners to suit each individual use case. With over 10 years of experience in the market, our team is more than happy to talk through the end-to-end statistics and recommend an array of additional methods of best practice, including the implementation of multifactor authentication.

As mentioned by a spokesperson from HSBC, since launching last year, HSBC’s Voice ID system has been successful in reducing fraud. Therefore, voice biometrics are still more secure than historic knowledge-based-authentication systems, such as passwords and PINs.

Register for a FREE Developer Trial Now

UK-Banks-It’s-Time-to-Look-Beyond-Passwords

UK Banks: It’s Time to Look Beyond Passwords

Consumer interest in biometric banking is very strong in the UK right now. According to one recent study, 56 percent of UK customers actually prefer biometrics to traditional authentication solutions like passwords — even though there is still some general confusion among customers about how biometrics work.

Another study found that British consumers are almost twice as likely to trust banks over government agencies with storing and keeping biometric data safe.

There’s just one problem:

In order for customers to move beyond passwords and use biometric technologies, banks need to provide access to them. And there are still some mixed feelings in the financial community about the role that biometrics should play in authenticating logins and transactions. Many people still believe that passwords are better for protecting consumer accounts.

Passwords vs. biometrics: The debate is on

Consumer demand has forced the conversation to move forward. Recently, the Digital Banking Club (founded by Intelligent Environments, the digital financial services providers) gathered at the Law Society, London to address the motion “This house believes the password will never be replaced by your body.”

The debate was chaired by Retail Banker International Editor and Digital Banking Club Chair, Douglas Blakey. Guest panelists from Forrester, Fujitsu and Intelligent Environments spoke for the motion, while representatives from Secco, DWC and MasterCard spoke against it.

Before the debate, 42 percent of people agreed that the password will never be replaced by the body. But after the debate, just 19 percent agreed with the motion.

Opinions about biometrics varied from expert to expert. For example, some panelists voiced concern over false acceptances (FA) and false rejects (FR) in biometric systems. There is a small risk, in other words, that a biometric solution could malfunction and grant access to an imposter or reject the right user. This problem, however, can be addressed by embedding multifactor security layers. If one layer is breached, a hacker will still have to enter further credentials.

What’s more, some technologies — like VoiceVault’s voice biometric identity verification — come with very low FA and FR rates. VoiceVault guarantees a FA rate of just 0.01 percent, and a FR rate of less than 5 percent. Not all biometric technologies will offer the same level of protection.

We can also argue that false acceptances and rejects happen all the time with passwords when accounts get hacked, or locked.

Will we ever see beyond passwords?

It largely depends on who you ask. Some of the panel at the Digital Banking Club debate, believe that while biometrics will be popular, passwords will never be completely replaced. However, other panelists argued biometrics will eventually replace passwords, but in time.

One panelist likened favoring passwords over biometrics to favoring a horse and cart over a car. The technology is outdated, inefficient and insecure. The same panelist mentioned a study from the Netherlands, conducted by Mastercard, where nine out of 10 participants indicated they would like to replace their passwords with biometrics. And almost 75 percent of users are convinced that biometric security will decrease fraud.

What was interesting is that every single panel member used their iPhone fingerprint scanners to access their debate notes on the podium…

So, should your bank abandon passwords right now?

For now, you don’t have to worry about replacing passwords altogether. But you can look beyond passwords and start  phasing them out with biometrics, which can coexist nicely with passwords.

Your best bet is to give customers a variety of different security options, and let them choose the ones they are most comfortable with. If you try to force any technologies on them, you are liable to experience negative blowback.

View highlights of the debate below:

06.04.17 The Digital Banking Club Live Debate from Intelligent Environments on Vimeo.

 

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Avoid-Sacrificing-Speed-for-Security-with-Voice-Biometrics

Avoid Sacrificing Speed for Security with Voice Biometrics

As a contact center administrator, you’re seeking a voice biometric identity verification solution that will enable a secure, but convenient, phone-based login experience for your customers.

This is very important, as you don’t want to implement security with voice biometrics that customers will have a hard time using. This could result in a low user adoption rate.

As such, you have a tough decision to make: Should you opt for active or passive voice biometrics?

Active voice biometric authentication would require an end user to submit a correct voice sample every time he or she dials into the contact center. This is done by speaking a short phrase into the microphone.

Conversely, a passive system would require a customer to submit a single voiceprint during enrollment. No further samples would need to be given for subsequent logins, as the computer would naturally scan the user’s voice during a normal conversation with an agent. This type of enrollment takes about 45 seconds for the customer.

So, which is the better solution? The short answer is that it depends on your business’s needs. You can make a case for both kinds. But if there’s one thing you don’t want to base your security with voice biometrics decision on, it’s time savings.

Many people, in other words, think that passive authentication systems will lead to higher adoption rates because it saves the user time during the identity verification process. The truth, though, is that the difference between active and passive authentication comes down to just a few seconds. And most customers will dial into the contact center sporadically. It’s not usually an everyday task, and so a few seconds probably won’t be enough to annoy a customer.

To learn more information about VoiceVault’s solutions for contact centers, click here.

 

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store