Why-did-HSBC’s-Voice-ID-system-fail

Why did HSBC’s Voice ID system fail?

You may have read the news that the BBC have successfully caused HSBC’s Voice ID system, provided by another voice biometric vendor, to falsely accept the non-identical twin of an enrolled user. This occurred after the ninth attempt that the twin took to access the user’s bank account. Thus, causing the issue to be that of failing to follow best practices rather than a failing biometric element. Since all biometrics are statistical in nature, measures must be taken to ensure that the likelihood of a false accept is as low as possible. Current best practices can include account or device lock-out after multiple failures, which would have prevented the BBC’s false accept.

To further help financial organizations protect and prevent against this recent type of breach, VoiceVault is excited to share with you the upcoming release of VoiceVault Fusion 9. Version 9 of our core, proprietary, engine includes additional controls, new biometric modes, seamless integration with other authentication factors, and detailed reporting with location services. Official announcement and details forthcoming in the very near future.

In addition to staying on the forefront of voice biometric technology, we pride ourselves in working collaboratively with our clients and partners to suit each individual use case. With over 10 years of experience in the market, our team is more than happy to talk through the end-to-end statistics and recommend an array of additional methods of best practice, including the implementation of multifactor authentication.

As mentioned by a spokesperson from HSBC, since launching last year, HSBC’s Voice ID system has been successful in reducing fraud. Therefore, voice biometrics are still more secure than historic knowledge-based-authentication systems, such as passwords and PINs.

Register for a FREE Developer Trial Now

UK-Banks-It’s-Time-to-Look-Beyond-Passwords

UK Banks: It’s Time to Look Beyond Passwords

Consumer interest in biometric banking is very strong in the UK right now. According to one recent study, 56 percent of UK customers actually prefer biometrics to traditional authentication solutions like passwords — even though there is still some general confusion among customers about how biometrics work.

Another study found that British consumers are almost twice as likely to trust banks over government agencies with storing and keeping biometric data safe.

There’s just one problem:

In order for customers to move beyond passwords and use biometric technologies, banks need to provide access to them. And there are still some mixed feelings in the financial community about the role that biometrics should play in authenticating logins and transactions. Many people still believe that passwords are better for protecting consumer accounts.

Passwords vs. biometrics: The debate is on

Consumer demand has forced the conversation to move forward. Recently, the Digital Banking Club (founded by Intelligent Environments, the digital financial services providers) gathered at the Law Society, London to address the motion “This house believes the password will never be replaced by your body.”

The debate was chaired by Retail Banker International Editor and Digital Banking Club Chair, Douglas Blakey. Guest panelists from Forrester, Fujitsu and Intelligent Environments spoke for the motion, while representatives from Secco, DWC and MasterCard spoke against it.

Before the debate, 42 percent of people agreed that the password will never be replaced by the body. But after the debate, just 19 percent agreed with the motion.

Opinions about biometrics varied from expert to expert. For example, some panelists voiced concern over false acceptances (FA) and false rejects (FR) in biometric systems. There is a small risk, in other words, that a biometric solution could malfunction and grant access to an imposter or reject the right user. This problem, however, can be addressed by embedding multifactor security layers. If one layer is breached, a hacker will still have to enter further credentials.

What’s more, some technologies — like VoiceVault’s voice biometric identity verification — come with very low FA and FR rates. VoiceVault guarantees a FA rate of just 0.01 percent, and a FR rate of less than 5 percent. Not all biometric technologies will offer the same level of protection.

We can also argue that false acceptances and rejects happen all the time with passwords when accounts get hacked, or locked.

Will we ever see beyond passwords?

It largely depends on who you ask. Some of the panel at the Digital Banking Club debate, believe that while biometrics will be popular, passwords will never be completely replaced. However, other panelists argued biometrics will eventually replace passwords, but in time.

One panelist likened favoring passwords over biometrics to favoring a horse and cart over a car. The technology is outdated, inefficient and insecure. The same panelist mentioned a study from the Netherlands, conducted by Mastercard, where nine out of 10 participants indicated they would like to replace their passwords with biometrics. And almost 75 percent of users are convinced that biometric security will decrease fraud.

What was interesting is that every single panel member used their iPhone fingerprint scanners to access their debate notes on the podium…

So, should your bank abandon passwords right now?

For now, you don’t have to worry about replacing passwords altogether. But you can look beyond passwords and start  phasing them out with biometrics, which can coexist nicely with passwords.

Your best bet is to give customers a variety of different security options, and let them choose the ones they are most comfortable with. If you try to force any technologies on them, you are liable to experience negative blowback.

View highlights of the debate below:

06.04.17 The Digital Banking Club Live Debate from Intelligent Environments on Vimeo.

 

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Major Australian Bank Adopts Voice Biometric Identity Verification

Major Australian Bank Adopts Voice Biometric Identity Verification

Interest in mobile banking may be strong among consumers today, but user adoption continues to lag behind. According to one study, a third of consumers in the U.S. and U.K. claim they avoid mobile banking applications. About one third say will never use them. And almost three quarters of people in who agree blame security.

In light of this, many banks are reassessing their mobile security strategies as they attempt to make them more attractive for customers. We are seeing an increasing number of banks offering multifactor security options that integrate traditional password and answer-based authentication technologies with cutting-edge biometrics like voice, fingerprint and iris scanners.

Just recently, for instance, Australia’s ANZ bank announced it will begin offering customers voice biometric security to protect high-value mobile transactions of $1,000 or more. Previously, customers had to make these transactions in person.

“A person’s voice has five to ten times as many security points than other methods such as fingerprints so we know this will improve security and be welcomed by our customers,” stated ANZ Managing Director Customer Experience and Digital Channels Peter Dalton.

Dalton is referring to the fact that voice biometric engines can register points like the average pitch, speed and tone of a user’s voice. All of them must match in order to approve authentication, which makes it one of the most complex secure options out of all the biometric solutions on the market.

For years, VoiceVault’s mobile voice biometrics solution, ViGo, has been protecting high value mobile transfers for a major global bank as well as in many other financial institutions. VoiceVault has protected billions of dollars in transfers.

To learn more about how VoiceVault can protect your organization, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Voice Biometrics Help Boost LATAM Economy

Voice Biometrics Could Help Boost the LATAM Economy

Latin America is one of the fastest-growing e-commerce markets in the world. By 2018, 139.3 million people in the region are expected to buy goods online, which is an increase from the 84.7 million people who did so in 2013.

As such, regional mobile network operators are looking to ride this momentum, and accelerate the digitalization of the region’s economy. And for help, they are turning to companies like mobile authentication solutions provider Safran Identity & Security, a company offering the GSMA Mobile Connect platform for convenient and secure SIM-based mobile authentication.

“Digital life calls for digital identities,” stated Rafael Canon, a telecom marketing manager for LATAM at Safran Identity & Security. “Security and convenience in handling these is the basis for digital growth – here mobile network operators have the opportunity to build acceptance and growth of digital transactions by offering new ways for secure and convenient authentication.”

Now, here’s what we are most excited about:

Soon, Safran Identity & Security will enhance GSMA Mobile Connect with a biometric solution which should make authentication even more secure and convenient.

This is fantastic news, as it means that biometric authentication is going to start spreading rapidly through LATAM.

It’s our belief that voice biometric identity verification can play a big part in growing LATAM’s digital economy, and so we hope to see a voice biometric component added to GSMA Mobile Connect in the future.

Voice, when offered in multimodal fashion next to fingerprint, iris and facial scanning technologies, offers customers an easy way to authenticate themselves using just a voiceprint. Of all the leading biometric technologies on the market, voice biometrics is one of the most preferred among consumers.

Are you new to voice biometrics? Try the technology for yourself! To try our free demo, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Fact or Fiction Voice Biometrics are Error Prone

Fact or Fiction: Voice Biometrics Are Error Prone

Voice biometric identity verification is relatively new on the mainstream stage. So, we still have quite a bit of work to do in correcting misconceptions that are floating around about the technology.

Just recently, for instance, we were notified about a report from an anti-fraud firm claiming that error rates on voice biometrics could double over the next two years. According to the report, this is because human voiceprints change subtly in pitch and speed over the course of several months or years.

“Too many companies will just deploy voice biometrics, and that’s a mistake,” the report stated. “There’s a real need for multifactor authentication, with voice biometrics just being a piece of the puzzle.”

For this reason, the report explains, companies should use multifactor authentication in conjunction with voice biometric identity verification.

So, is there any truth to this? Here’s our take on the matter:

VoiceVault strongly supports multifactor authentication, but not for the reason mentioned in the report.

It’s true, voiceprints do change subtly over time. However, VoiceVault’s voice biometric platform was designed to constantly adjust to an end user’s voiceprint. Our voice biometric engine is always learning, and is therefore less susceptible to errors.

What’s more, voice readings are easily replaceable. If some sort of major incident happens that impacts an end user’s voice, like accident or injury, that person could simply re-enroll without a hassle.

As for multifactor authentication, we recommend it more for reasons related to security and convenience. Voice biometric authentication, for instance, is not optimal for every type of environment — like a crowded or noisy room. In this type of environment, users may have an easier time using a fingerprint scanner or even a traditional password. So it’s nice to offer end users a variety of login options.

What’s more, multifactor is a great way to enhance security. It’s possible to set up an account so that an end user has to use two or more authentication solutions before being granted access into a private account.

To learn more about the VoiceVault approach to biometrics, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Wells-Fargo-CEO-Endorses-Voice-Biometric-Identity-Verification

Wells Fargo CEO Endorses Voice Biometric Identity Verification

Migrating to a voice biometric identity verification platform may seem like an intimidating process to businesses in the financial services industry. Questions abound: Will customers like it? Are other banks doing it? How do other executives feel about this type of authentication technology?

Here’s something that may sway your opinion: At the recent FinTech Ideas Festival, Wells Fargo CEO Tim Sloan endorsed voice biometrics during a presentation on five ways technology will change banking. Voice biometric identity verification was listed as point no. 3 on his list (which also included APIs, artificial intelligence, digital wallets and the cloud).

Sloan stated that it’s time to “move away from passwords so that the body becomes your password.” He also explained how a voiceprint is more secure than plain text authentication because it cannot be stolen like a password can and praised how the technology enables remote banking.

Such an endorsement is fantastic news for the voice biometrics industry, as it proves that financial executives are feeling good about the technology. We expect 2017 to be a massive year for voice biometrics, as more and more financial institutions adopt it for use in mobile applications, online banking portals and contact centers. We can’t wait to see how much the technology grows by the time Money 20/20 2017 rolls around in October!

So why not heed Sloan’s advice? Try voice biometrics for yourself and see what all the fuss is about. VoiceVault offers free 45-day trials, so you can see if the technology is a solid fit for your organization before you make a purchase.

To get started, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Thwart E-commerce Fraud With Voice Biometric Identity Verification

Thwart E-commerce Fraud With Voice Biometric Identity Verification

Back in September, Experian reported that e-commerce fraud was on pace to surpass the total amount that was registered in 2015. While we’re still waiting on the year-end report to confirm, there’s one thing we know for certain: Online fraud is a major problem. And it shows no sign of slowing down next year.

So, how can your business stay safe against online fraud? Unfortunately, this is no easy task, as fraudsters are becoming increasingly successful in their efforts to obtain private information. In one type of attack, for instance, a fraudster may pose as a customer and attempt to swindle an unsuspecting agent into surrendering private information. In another attempt, a hacker will take aim at a customer or employee’s passwords, or use social engineering to gain access. There are countless techniques that are being used today, and new ones are constantly arising.

Voice biometric identity verification is one highly-effective tool that online businesses can use to eliminate fraud. It’s just one part of the mobile security puzzle, and won’t solve every security-related problem. But it’s a very effective technology for ensuring that only authorized users can access their accounts.

VoiceVault — a leading voice biometrics provider — can equip your business’s mobile application or call center with a solution that will require account holders to speak a short phrase into their device’s microphone when logging in. This technology will scan the user’s voiceprint for a variety of different metrics, in order to determine that the user is in fact authentic.

Your business does not have to be a victim to online fraud! With the help of VoiceVault, you can combat this costly problem and increase security in a way that is secure, and convenient.

To get started, click here.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

The Yahoo Hack: It Could Have Been Your Company

The Yahoo Hack: It Could Have Been Your Company

The business world is still reeling from Yahoo’s recent announcement that 500 million user accounts were hacked in 2014. The hack is regarded as the largest publicly-disclosed data breach of all time.

As of right now, the incident is under investigation by the FBI. The source, motive and method behind the attack are still unknown.  It remains to be seen whether the breach will impact Yahoo’s pending $4.8 billion sale to Verizon.

What is clear is that hackers obtained direct access to customers’ names, email addresses, birthdates and phone numbers. In some cases, security questions and answers were revealed as well.

This data breach should be a clear reminder that passwords are highly vulnerable to hacking. It’s an opportunity to look into security solutions other than passwords.

“Cybercriminals know that consumers use the same passwords across websites and applications, which is why these millions of leaked password credentials are so useful for perpetuating fraud,” explained FIDO Alliance executive director Brett McDowell in a recent CNET article. “We need to take that ability away from criminals, and the only way to do that is to stop relying on passwords altogether.”

One way to do this is to implement voice biometric identity verification.

Voice biometric identity verification can be used as a standalone security checkpoint for mobile or Web accounts. Or, it could be used in conjunction with other technologies. This strategy is called two-factor authentication.

With a voice biometric authentication system enabled, stolen passwords are rendered useless. In order to log into an account, a user is required to submit an exact voiceprint. Voiceprints are almost impossible to spoof, based on the fact that they analyze multiple parts of a person’s speech.

VoiceVault’s ViGo developer program makes it incredibly easy to install voice biometric authentication. See for yourself! To start your free 45-day trial of the ViGo developer program, click here.

 

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

What Should You Look For in a Cutting-edge Voice Biometrics Solution?

Last week, a new player emerged in the voice biometrics market when former NASA administrator Dan Goldin officially unveiled his top secret startup, KnuEdge—a project which has been in development for the past 10 years.

KnuEdge is bringing to market a tool that uses artificial intelligence to enable voice biometric identity verification for computers, Web/mobile applications and IoT devices. The company is also working on neural networking, to enable next-generation computing.

The arrival of KnuEdge is welcome news for the voice biometrics community, as the company is already generating a great deal of positive press about voice biometrics. It also serves as a reminder that the global voice biometrics market—which is growing at a CAGR of 22.15 percent (2014 to 2019)—is currently thriving and intensely competitive.

VoiceVault has operated in this extremely competitive market for over ten years delivering enterprise ready solutions that include many of the same features that companies like KnuEdge are marketing as unique. These features include:

Prompt obfuscation: One of the top concerns when using voice biometrics is the potential for fraudsters to use audio replays and man-in-the-middle attacks to spoof the system and gain unauthorized access. Prompt obfuscation helps to eliminate this threat. It involves generating one-time security tokens so that customers aren’t aware of what they will have to say. VoiceVault provides this service through its partner, SayPay, which generates one-time use tokens for VoiceVault’s algorithms.

Cross-platform authentication: Customers are now communicating over a variety of different platforms ranging from Bluetooth systems to wearables. As a result, comprehensive cross-platform authentication is a must-have feature. VoiceVault uses robust algorithms to successfully authenticate customers from just about any platform they choose.

Military-grade authentication: Many companies like KnuEdge are just now rolling out military-grade voice systems to enterprises. VoiceVault has been providing military-grade authentication to high-risk industries like finance, healthcare and insurance for many years.

So before you rush into a voice biometrics solution for your business based on marketing claims, do some research and compare the available solutions. To get started, head over to VoiceVault’s support center.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

TalkTalk Telecom Says Goodbye to Passwords (and Hello to Voice Biometrics)

Back in late 2014, TalkTalk Telecom Group was hit with a major website hack that exposed the names, account details, addresses and personal data of well over 100,000 customers to cyberthieves.

Following the attack, it was also revealed in the code-sharing forum Pastebin that hackers gained access to customers’ personal account passwords. According to Engadget, after users changed their passwords on TalkTalk the information was stored in plaintext on its website and “may not have been secured in any way.”

Fortunately, TalkTalk learned its lesson and now the company is taking preventative action to better protect its customers. And its new strategy is built around voice biometric identity verification.

TalkTalk’s customers no longer have to supply passwords or personal security information when confirming their identities and logging into personal accounts. Now, when a customer calls support services, he or she can establish a unique and secure voiceprint.

“We’ve listened to what our customers have told us about wanting a simple, secure service,” explained TalkTalk consumer managing director Tristia Harrison following the announcement. “TalkSafe is an important and exciting step on that journey.”

It’s great to see TalkTalk embracing voice biometrics, as it will provide greater security and also convenience for its customers. TalkTalk is following suit with countless other companies, like MasterCard, who are moving forward with voice biometrics in favor of outdated security technologies.

It’s important that your company follows suit and looks to safeguard its customer accounts before it gets hit with a costly data breach.

Want to learn more about how VoiceVault can help your organization accomplish this? Click here to access our support center where you can access voice biometric tutorials, frequently asked questions, case studies and more!

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store