Study Highlights Alarming Power of Financial Malware

Study Highlights Alarming Power of Financial Malware

Financial institutions are now facing an uphill battle in the war against cybercrime. According to a new study from Symantec, the malware that hackers are using to target financial institutions has gotten extremely dangerous.

“As we had predicted in 2015, we saw an increase in attacks against corporations and financial institutions themselves during 2016,” stated Candid Wueest in the report. “With more than 1.2 million annual detections, the financial threat space is still 2.5 times bigger than that of ransomware.”

Here are some additional items of interest from the report:

  • Ramnit was the most active financial Trojan last year. It was responsible for 38 percent of [nefarious] activity.
  • At least 170 mobile applications were targeted for credential stealing.
  • Financial institutions in the U.S. were targeted the most out of any other country.

The report also mentioned social engineering as a major threat that financial companies are now facing. Hackers are now going to great lengths to spoof employees into surrendering sensitive information.

In light of this report, financial companies should strongly consider building advanced authentication tools into the framework of their digital applications and contact center communications systems.

We encourage financial companies to take a multifactor approach to user authentication by implementing a variety of different security technologies. This should include both traditional and biometric systems. For instance, passwords and personal identification numbers (PINS) could be offered alongside voice biometric, iris, face and fingerprint readers.

Why use a multifactor strategy? There are two major benefits: It provides an extra layer of security for users, and it’s more convenient.

To learn more about VoiceVault’s approach to security, click here.

Register for a FREE Developer Trial Now

Banks-and-Fintechs-Use-Multifactor-Authentication-to-Reduce-Operational-Risks

Banks and Fintechs: Use Multifactor Authentication to Reduce Operational Risks

Over the last year or so, there has been a significant uptick in the number of financial institutions leveraging disruptive financial technology (fintech) services. Third party fintech providers are now streamlining everything from payment processing and lending to wealth management.

As these two industries continue to merge, though, cybersecurity is quickly becoming a growing concern to U.S. policymakers and regulatory agencies. Just recently, for instance, a group of business leaders from the fintech industry travelled to Washington, D.C. for a series of important discussions with the Federal Reserve Board (FRB), Consumer Financial Protection Bureau (CFPB), Office of the Comptroller of the Currency (OCC) and Federal Deposit Insurance Corporation (FDIC).

While cybersecurity wasn’t the only topic that was discussed, it was a big one.

According to The Hill, U.S. regulators are worried about operational risks associated with the use of novel technologies in financial settings. As such, regulators and policymakers expect financial institutions to “meet high standards for the due diligence and monitoring of their third-party service providers, especially around cybersecurity and data security.”

Of course, identity verification is a major piece of the cybersecurity puzzle for banks and fintechs. And one way that companies can strengthen authentication and reduce fraud is to embed multifactor security options into their applications — providing extra security options beyond traditional passwords and personal identification numbers (PINs).

While this may sound difficult, it can be easily accomplished by working with a company like BioConnect, a VoiceVault partner and creator of the BioConnect Identity Platform which supports a range of enterprise-grade biometric technologies including face, fingerprint and iris scanners. The BioConnect Identity Platform also utilizes VoiceVault’s cutting-edge voice biometric identity verification technology. Fintechs can use the BioConnect Identity Platform to obtain simple, user-friendly and highly-secure user identity verification.

“Ease of use, security and fraud reduction are major drivers as to why we’re seeing changes to identity verification within every day, run of the mill banking applications,” stated Bianca Lopes, Vice President of Strategic Marketing and Global Alliances for BioConnect. “VoiceVault has a brilliant track record and a sound voice recognition technology that will provide enterprise clients with ease of use, scalability and ultimately, greater choice by being a part of the BioConnect Identity Platform.”

To learn more about BioConnect, click here. To learn more about VoiceVault, click here.

 

Register for a FREE Developer Trial Now

Three sneaky ways hackers break into phones

Three Sneaky Ways Hackers Break Into Phones

Here is a scary fact: According to one recent study, 47 percent of businesses that were surveyed had at least 1,000 sensitive files exposed to every employee while 22 percent of companies had 12,000 or more.

Does this sound a bit like your organization? Chances are likely that your employees have sensitive data floating around on their mobile devices, which could be easily extracted by a sophisticated hacker.

Unfortunately, smartphones are highly vulnerable to hacking. Here are three unexpected ways that a hacker could break into a mobile device and lift information for personal gain:

Number spoofing: What’s the easiest way to break into someone’s phone? As it turns out, you don’t have to breach their device at all. Now, hackers can download a spoofing or caller ID application to mask their telephone number and assume someone else’s. Hackers could use this strategy to trick employees into surrendering sensitive information via SMS.

Motion orientation sensors: Smartphones contain a major security flaw, in that mobile websites and applications do not need special permissions to access motion and orientation sensors.

As explained in Android Authority, hackers are now using device positioning and movement sensors to hack passwords. When a user taps, scrolls or presses on a screen, in other words, each movement will cause the person to hold the device a certain way and it can be easily observed by a snooping third party. This information is very valuable to a hacker. In one study, hackers were able to hack four-digit PINS with 70 percent accuracy the first time around, and 100 percent accuracy the second time.

Masterprints: Here at VoiceVault, we maintain that fingerprint sensors — though effective most of the time — should only be used in conjunction with other authentication solutions like voice biometrics. This is because they can be vulnerable to attacks. Researchers, for instance, recently discovered that smartphone fingerprint sensors could be fooled up to 65 percent of the time by “master prints” which are digitally rendered from common fingerprint readings.

So take our advice: It’s time to fortify your business’s mobile end points before one of your employees’ phones gets hacked.

Register for a FREE Developer Trial Now

Avoid-Sacrificing-Speed-for-Security-with-Voice-Biometrics

Avoid Sacrificing Speed for Security with Voice Biometrics

As a contact center administrator, you’re seeking a voice biometric identity verification solution that will enable a secure, but convenient, phone-based login experience for your customers.

This is very important, as you don’t want to implement security with voice biometrics that customers will have a hard time using. This could result in a low user adoption rate.

As such, you have a tough decision to make: Should you opt for active or passive voice biometrics?

Active voice biometric authentication would require an end user to submit a correct voice sample every time he or she dials into the contact center. This is done by speaking a short phrase into the microphone.

Conversely, a passive system would require a customer to submit a single voiceprint during enrollment. No further samples would need to be given for subsequent logins, as the computer would naturally scan the user’s voice during a normal conversation with an agent. This type of enrollment takes about 45 seconds for the customer.

So, which is the better solution? The short answer is that it depends on your business’s needs. You can make a case for both kinds. But if there’s one thing you don’t want to base your security with voice biometrics decision on, it’s time savings.

Many people, in other words, think that passive authentication systems will lead to higher adoption rates because it saves the user time during the identity verification process. The truth, though, is that the difference between active and passive authentication comes down to just a few seconds. And most customers will dial into the contact center sporadically. It’s not usually an everyday task, and so a few seconds probably won’t be enough to annoy a customer.

To learn more information about VoiceVault’s solutions for contact centers, click here.

 

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Facebook Announces Plan to Retire Passwords

Facebook Announces Plan to Retire Passwords

Facebook made several exciting announcements at its recent F8 developer conference. There was the launch of Facebook Spaces, talk of augmented reality and some exciting new features for Messenger.

Our favorite announcement, though, came when Facebook announced a roadmap to transition users away from passwords.

The plan is not going to happen overnight, but Facebook has already started the process. At F8, the company launched a closed beta version of Delegated Account Recovery, which will provide login assistance for users on affiliated third party websites. This program will allow Facebook to act as a backup security key when users cannot access their accounts. Users who forget their passwords for other sites will be able to use knowledge-based questions (like photo recognition) to recover their accounts.

The goal is to limit the amount of personally-identifiable information that users have to distribute when logging into accounts.

“We want to make sure we can let you use [identifying] information to keep yourself secure, but not have to trade your privacy,” state Facebook security engineer Brad Hill. “Right now you tell your mother’s maiden name to 500 different places and if any one of them gets hacked, then you’re vulnerable everywhere.”

As of right now, developers must apply to use Facebook’s technology, but eventually it will be open-sourced.

Since the program is still in its beta version, that means there is plenty of room for growth and innovation. One way that Facebook can make this service even better is to add a voice biometric identity verification component. Voice authentication is one of the most convenient —and secure — ways to authenticate an end user.

Why not try the technology for yourself? To learn more about VoiceVault’s free trial for developers, click here. A free demo app is available here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Use Voice Biometrics To Enhance Smart Home Devices

Use Voice Biometrics To Enhance Smart Home Devices

What does it take to stand out in the saturated consumer IoT market?  It’s no longer good enough to just offer connected smart home devices. You need to go above and beyond in order to differentiate your solutions and win over customers. Otherwise, you’ll risk falling behind the competition – especially as the market continues to grow!

So, where should you focus your attention? There are two areas you should consider improving:

Ease of use: How do consumers interact with your products? Do they have to manually toggle through a built-in interface on a device? Or do they have to use a mobile interface? Both could prove to be burdensome. Think of a customer resting in his or her chair, and wanting to adjust the heat or lighting. The customer should be able to do so without getting up or picking up a phone.

Accessibility: Should everyone have unrestricted access to your products? Customers may not want children or elderly relatives using connected appliances or accessing certain areas of the house. And they should have the ability to protect them.

You can improve ease of use and accessibility by embedding voice biometric identity verification directly into the framework of your connected products. And VoiceVault can help.

VoiceVault offers embedded voice biometric authentication for smart home devices. You can use VoiceVault’s API for the following types of IoT systems:

  • Home entertainment
  • Utility management
  • Kitchen appliances
  • Security systems

To learn more information about how VoiceVault can enhance your products, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

No Need to Be Exclusive About Mobile Identity Verification

No Need to Be Exclusive About Mobile Identity Verification

Imagine a large house, with multiple entrances. A well-balanced structure will have a combination of storm doors, sliding glass doors and wood fixtures all offering strong security as well as convenient access into the home. It’s rare to find a house with just one type of door.

In a mobile application, security checkpoints act like doorways into the software for customers. And just like architects have many different types of doors to choose from, developers have multiple biometric—or biological—options to layer on top of an application for mobile identity verification.

These can include:

Of course, these solutions all offer varying levels of convenience and security. Generally speaking, it’s difficult to say that any one is better or worse than another. For example, voice biometric identity verification is widely regarded as the most secure option of all of these; however, there are some environments where voice biometric authentication can actually be inconvenient for users — like in a noisy environment where it can be difficult for a microphone to pick up a clear voiceprint. In this case, a customer would be more apt to use a fingerprint or iris scanner to log into an account.

So as a developer, it’s best to take a multimodal approach to mobile identity verification. Offer your customers or coworkers a variety of options for logging in securely, and they will be more apt to actually turn them on and use them instead of bypassing them out of convenience. There is no need to be exclusive when it comes to biometric authentication.

To learn more about how voice biometric identity verification can fit into your multimodal authentication strategy, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

bolster your cyberdefenses

Want To Bolster Your Cyberdefenses? Eliminate Complexities

If you have kids, then you know how tough it can be trying to keep your home free of safety hazards. It’s a constant battle making sure doors get locked, appliances get turned off and toys stay off the staircase. The bigger your house is, and the more kids you have, the harder the job can be.

It’s not much different trying to maintain cybersecurity in an enterprise when you have hundreds or thousands of employees to look after — each with private accounts and mobile devices containing sensitive company information.

It takes a great deal of oversight from IT to keep cybercriminals out of the network. Many organizations, however, are struggling to keep up.

In a recent study, for instance, 83 percent of businesses claimed they are at risk due to organizational and IT complexities. Employees, in other words, are choosing to circumvent cyberdefenses like passwords because they hinder productivity. And shadow IT is increasing as employees are choosing to use their own tools in the workplace without receiving consent from IT. In doing so, corporations are losing control over their digital assets.

Has your organization become too technologically complex? If so, it’s time to channel your inner parent and take action before it leads to a data breach.

Voice biometric identity verification can make the login process easier and more secure, as it will allow employees to access their accounts using their own voiceprints.

This will result in:

  • Fewer account lock-outs
  • No more passwords to remember (or to lose!)
  • A less disruptive login process
  • More protection when devices are lost or stolen

Want to see voice biometric identity verification in action? Check out VoiceVault’s free 45-day trial to see if it’s a good fit for your organization!

 

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

UK-Banks-Be-Like-Barclays-and-Update-Your-Authentication-Technology

UK Banks: Be Like Barclays and Update Your Authentication Technology

Last year, Barclays sent shockwaves through the financial industry when the company gave customers the ability to use secure voiceprints to authenticate themselves during telephone banking sessions.

Now, countless organizations across the UK are following suit and considering abandoning passwords in favor of cutting-edge voice biometric identity verification solutions. Voice biometric identity verification is very user-friendly (the authentication process only takes a few seconds), and it provides customers with a much more secure solution for protecting their identities.

With a voice-protected account, in other words, a fraudster can have a customer’s full name, password and mailing address; but without the right voiceprint, her or she would not be able to gain access to the customer’s account. The voiceprint would have to be an exact match in order to grant the intruder access.
Unlike other types of biometric security solutions (like fingerprint or iris scanners), voiceprints cannot be easily spoofed. A voice biometric identity verification engine will scan for a variety of determining factors in order to accurately verify a customer’s identity.

So if your financial institution is still using outdated authentication technologies during telephone banking sessions, it’s time to be like Barclays and make the jump to a modern platform that can offer greater protection.

VoiceVault can work with your organization to integrate a customized, cloud-based voice biometric identity verification platform that meets even the most stringent security and compliance requirements. And you can even run a free, 45-day trial before you make a purchase to see if it’s a solid fit for your organization.

So make 2017 the year that you overhaul your authentication strategy and show your customers that you mean business about preventing fraud.

To learn more about how VoiceVault can help, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Migrating to Voice Biometrics Is Less Complicated Than You May Think

Migrating to Voice Biometrics Is Less Complicated Than You May Think

We already know what you’re thinking about the idea of migrating to voice biometrics as a security solution: How long will this project take?

After all, change at the corporate level can take eons. Meetings will need to take place, and committees will have to be formed before a new project can get underway. Research will need to be completed. Approvals may need to be acquired. And a  project that should take just a few weeks can stretch on forever.

Plus, as a developer you have a laundry list of other action items that require your full attention. So how on earth will you find the time for this project?

We can’t control your schedule, or how your organization operates. But we’ve done everything on our end to make the process of migrating to voice biometrics as easy and pain-free as possible. Our mobile voice biometric identity verification solution, ViGo, is based on ready-made configuration settings for plug-and-play delivery. This means less work for you, the developer. It’s a fast-to-market solution that is designed to streamline delivery so that businesses can get up and running as quickly as possible.

We also offer free 45-day trials for up to 100 users, for businesses that want to sample our solution before making a purchase. Developer licenses (3 months) and production licenses (1 year) are also available.

This means you can start using VoiceVault while your team decides whether voice biometric identity verification is the right choice. It’s a no-pressure solution, with minimal barriers to entry.

So whatever you do, don’t fear the process of migrating to voice biometrics. It’s not as painful as you may think! To learn more information, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store