The Yahoo Hack: It Could Have Been Your Company

The Yahoo Hack: It Could Have Been Your Company

The business world is still reeling from Yahoo’s recent announcement that 500 million user accounts were hacked in 2014. The hack is regarded as the largest publicly-disclosed data breach of all time.

As of right now, the incident is under investigation by the FBI. The source, motive and method behind the attack are still unknown.  It remains to be seen whether the breach will impact Yahoo’s pending $4.8 billion sale to Verizon.

What is clear is that hackers obtained direct access to customers’ names, email addresses, birthdates and phone numbers. In some cases, security questions and answers were revealed as well.

This data breach should be a clear reminder that passwords are highly vulnerable to hacking. It’s an opportunity to look into security solutions other than passwords.

“Cybercriminals know that consumers use the same passwords across websites and applications, which is why these millions of leaked password credentials are so useful for perpetuating fraud,” explained FIDO Alliance executive director Brett McDowell in a recent CNET article. “We need to take that ability away from criminals, and the only way to do that is to stop relying on passwords altogether.”

One way to do this is to implement voice biometric identity verification.

Voice biometric identity verification can be used as a standalone security checkpoint for mobile or Web accounts. Or, it could be used in conjunction with other technologies. This strategy is called two-factor authentication.

With a voice biometric authentication system enabled, stolen passwords are rendered useless. In order to log into an account, a user is required to submit an exact voiceprint. Voiceprints are almost impossible to spoof, based on the fact that they analyze multiple parts of a person’s speech.

VoiceVault’s ViGo developer program makes it incredibly easy to install voice biometric authentication. See for yourself! To start your free 45-day trial of the ViGo developer program, click here.

 

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

What Should You Look For in a Cutting-edge Voice Biometrics Solution?

Last week, a new player emerged in the voice biometrics market when former NASA administrator Dan Goldin officially unveiled his top secret startup, KnuEdge—a project which has been in development for the past 10 years.

KnuEdge is bringing to market a tool that uses artificial intelligence to enable voice biometric identity verification for computers, Web/mobile applications and IoT devices. The company is also working on neural networking, to enable next-generation computing.

The arrival of KnuEdge is welcome news for the voice biometrics community, as the company is already generating a great deal of positive press about voice biometrics. It also serves as a reminder that the global voice biometrics market—which is growing at a CAGR of 22.15 percent (2014 to 2019)—is currently thriving and intensely competitive.

VoiceVault has operated in this extremely competitive market for over ten years delivering enterprise ready solutions that include many of the same features that companies like KnuEdge are marketing as unique. These features include:

Prompt obfuscation: One of the top concerns when using voice biometrics is the potential for fraudsters to use audio replays and man-in-the-middle attacks to spoof the system and gain unauthorized access. Prompt obfuscation helps to eliminate this threat. It involves generating one-time security tokens so that customers aren’t aware of what they will have to say. VoiceVault provides this service through its partner, SayPay, which generates one-time use tokens for VoiceVault’s algorithms.

Cross-platform authentication: Customers are now communicating over a variety of different platforms ranging from Bluetooth systems to wearables. As a result, comprehensive cross-platform authentication is a must-have feature. VoiceVault uses robust algorithms to successfully authenticate customers from just about any platform they choose.

Military-grade authentication: Many companies like KnuEdge are just now rolling out military-grade voice systems to enterprises. VoiceVault has been providing military-grade authentication to high-risk industries like finance, healthcare and insurance for many years.

So before you rush into a voice biometrics solution for your business based on marketing claims, do some research and compare the available solutions. To get started, head over to VoiceVault’s support center.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

TalkTalk Telecom Says Goodbye to Passwords (and Hello to Voice Biometrics)

Back in late 2014, TalkTalk Telecom Group was hit with a major website hack that exposed the names, account details, addresses and personal data of well over 100,000 customers to cyberthieves.

Following the attack, it was also revealed in the code-sharing forum Pastebin that hackers gained access to customers’ personal account passwords. According to Engadget, after users changed their passwords on TalkTalk the information was stored in plaintext on its website and “may not have been secured in any way.”

Fortunately, TalkTalk learned its lesson and now the company is taking preventative action to better protect its customers. And its new strategy is built around voice biometric identity verification.

TalkTalk’s customers no longer have to supply passwords or personal security information when confirming their identities and logging into personal accounts. Now, when a customer calls support services, he or she can establish a unique and secure voiceprint.

“We’ve listened to what our customers have told us about wanting a simple, secure service,” explained TalkTalk consumer managing director Tristia Harrison following the announcement. “TalkSafe is an important and exciting step on that journey.”

It’s great to see TalkTalk embracing voice biometrics, as it will provide greater security and also convenience for its customers. TalkTalk is following suit with countless other companies, like MasterCard, who are moving forward with voice biometrics in favor of outdated security technologies.

It’s important that your company follows suit and looks to safeguard its customer accounts before it gets hit with a costly data breach.

Want to learn more about how VoiceVault can help your organization accomplish this? Click here to access our support center where you can access voice biometric tutorials, frequently asked questions, case studies and more!

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

This Easy Spoofing Trick Will Make You Think Twice About Biometric Fingerprint Scanners

Researchers at Michigan State University have discovered a frighteningly easy—and inexpensive—way to spoof mobile fingerprint scanners.

All that’s needed to perform the operation, Biometric Update reports,  is a standard inkjet printer, some conductive  silver ink and a special type of photograph paper that can be easily obtained by consumers.

The entire process takes about 15 minutes. It involves photographing a target user’s fingerprint, mirroring the image  and printing it onto the paper using the special silver ink. If done correctly, it’s capable of  reproducing large numbers of spoofed fingerprints.

Researchers claim to have successfully used this technique to unlock the widely-used Samsung Galaxy S6 and Huawei Honor 7 smartphones. They have had mixed results when testing the iPhone 5s.

Understandably, this development is causing a great deal of panic in the mobile community, and users and security experts alike are now putting pressure on mobile manufacturers to fast track anti-spoofing technologies. But it will take a great deal of time and research before any real progress is made.

Instead of waiting for an anti-spoofing solution to hit the market, you should instead look into a stronger type of mobile security technology that is available: voice biometric identity verification.

Voiceprints, after all, are virtually hack-proof due to their complexities. Scanning a voiceprint is not like analyzing a fingerprint. There are many different identifying factors which can be taken into account like tone, speed and pitch. Each point needs to be spot-on in order for access to be granted. It’s virtually impossible for a hacker to accurately mirror all of  the different components at the same time.

So if your company is currently using mobile fingerprint scanners, don’t panic. Simply back them  up, or replace them, with a voice-based mobile identity verification solution.

Click here to learn more about how VoiceVault, a leader in voice biometric security, can help.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

MasterCard Biometric Security Plan Is A Step In The Right Direction

Don’t look now, but the selfie has officially grown up.

What started as a fun social media phenomenon is now being used for a much more important reason in the financial industry: protecting customers’ mobile banking accounts.

Last week, for example, MasterCard made headlines when the company announced plans to implement a facial recognition system for its mobile customers in the U.S., Canada and Europe. MasterCard will begin rolling out the new security solution over the next few months. Customers will also have the option to use fingerprint scanners, too.

It’s an exciting announcement from MasterCard, as it indicates that the company is moving in the opposite direction from its long-used password-based authentication system. The decision coincides with a recent benchmark study from MasterCard which shows that 90 percent of participants think biometric payment authentication is something they would use on a daily basis. What’s more, 88 percent of participants claimed that biometric authentication is extremely easy to use on its own. And 86 percent of respondents claim that it’s easier than passwords.

We here at VoiceVault applaud MasterCard’s willingness to embrace biometrics, as it will offer both greater security and convenience to MasterCard customers. What we were most excited to learn, however, is that MasterCard is reportedly weighing the option of another, more secure biometric technology: Voice recognition software.

We strongly encourage MasterCard to offer voice biometric identity verification along with other types of biometric solutions for the following reasons:

Stronger security: First and foremost, it’s much more difficult to spoof a voiceprint than a fingerprint or photograph. Voice recognition software analyzes multiple components of a person’s speech, including speed, tone, pitch and more. It’s just about impossible—even for an experienced hacker—to successfully mirror someone else’s voice.

Greater convenience: Have you ever tried to take a selfie while walking? It’s not easy. So for mobile customers who are constantly on-the-go, the idea of having to take a picture while walking to unlock a phone may not be all that appealing. Plus, MasterCard will require customers to blink during the scanning process to ensure that a photograph is not being used. With a voice biometric security solution, however, a customer simply has to recite a short  phrase or series of numbers into the microphone of his or her device.

Easier deployment: That leads us to another point: You don’t need a fancy fingerprint scanner or even a camera to use a voice recognition system. All you need is a microphone. It should be also be noted that voice biometrics can be easily deployed on a massive scale via the cloud.

With these points in mind, we hope MasterCard—and any other company considering a biometric security solution—considers the benefits of voice biometrics.

Want to see just how easy it is to use voice biometrics? Click here to access VoiceVault’s free demo today.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

HSBC Embraces Mobile Voice Biometric Security Technology

From USAA to Barclays to RBS, the number of financial organizations that are relying on voice biometric identity verification continues to grow. Now, global banking powerhouse HSBC is part of the mix.

On Feb. 19, HSBC announced that the company will soon protect customer accounts with voice recognition software. It will also be implementing fingerprint scanners via Touch ID. The service will be offered to about 15 million HSBC and First Division customers. First Division, it should be noted, is owned by HSBC.

Why is HSBC embracing voice biometrics? The company wanted to improve more than just the security element of its customer login process. It also wanted to make it more convenient.

“The launch of voice and touch ID makes it even quicker and easier for customers to access their bank account, using the most secure form of password technology – the body,” explained head of retail banking and wealth management Francesca McDonagh at HSBC UK following the announcement.

Moving forward, customers simply have to download the HSBC mobile banking app in order to access this innovative feature.

The news comes at an exciting time for the global voice biometrics market, which is expected to continue growing at a rate of 22.15 percent until 2019. Countless organizations are abandoning their traditional password and PIN-based login systems in favor of advanced, cloud-based voice biometric solutions which are a stellar alternative. A voice biometric engine can be easily—and cost effectively—added to the front of a mobile banking application. It requires no additional hardware to use (just a microphone), and no additional downloads.

Want to see just how easy and effective voice biometrics can be? Click here to try industry leader VoiceVault’s free mobile demo today.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Study Highlights Critical Need for Mobile App Security

Most companies today are focusing heavily on driving business to their mobile applications. This is for good reason, as mobile apps allow companies to grow customers because they serve them in a variety of ways, such as completing transactions, providing real-time service, offering product information and more.

There’s one problem, though: Mobile apps pose a big security risk. They’re just as risky as a website when left to traditional identity verification methods like passwords, PINs and security questions alone.

What’s more, a recent study from Bluebox indicates that 80 percent of consumers would stop using a company altogether if its mobile app was compromised by a security breach. The same survey also indicates that 74 percent of developers believe that most apps are moderately vulnerable to hackers.

These are alarming statistics, and they should leave developers questioning and re-questioning their current app safeguards. The fact is that yesterday’s security technologies are no longer capable of adequately protecting today’s mobile apps and all of the sensitive data they contain.

In that regard, one leading security strategy you should consider implementing is cloud-based voice biometric identity verification. A voice biometric engine can be easily integrated into the front end of an app, so that consumers can log in simply by speaking a phrase into the microphone on their mobile devices. The voice biometrics engine will scan the customer’s voice, taking into account a variety of factors, to verify the individual’s identity. If the voiceprint is valid, the customer can then either enter further security questions or move into the application, depending on how the customer has set up preferences.

Click here to learn more about leading voice biometric identity verification provider VoiceVault’s approach to this next-generation security technology.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

You’d Be Horrified If You Discovered Your Employees’ Passwords

Right now the cybersecurity industry is abuzz about a new report highlighting the worst  passwords of 2015. And rightfully so, as some on the list are downright terrible.

For example, “123456” topped the list. It was followed by “password,” “12345678” and “qwerty.” Other noteworthy passwords included “football” and “starwars.”

With these abysmal examples in mind, it’s no wonder that criminals are continuing to have a field day hacking into private corporate accounts. In order for passwords to be even marginally effective, for instance, they need to be long and must contain a mix of different characters. As these examples indicate, most people do not go to such lengths, thus making it easy for criminals to gain entry.

In 2015, it should be noted, over 169 million personal records were stolen and 781 public breaches were recorded. It’s a problem that is bad and getting worse for corporations.

The unfortunate reality is that employees in your company—yes, yours—are using passwords like this. Mainly employees are choosing easy passwords because, you guessed it, they’re easy to remember. Those that are long and complicated, are difficult to remember and even more difficult to enter. Plus, most employees think that a data breach will never happen to them.

It’s time, therefore, to take action to ensure that your organization’s sensitive data does not become exploited by hackers who are looking for easy passwords to exploit. Consider a solution like VoiceVault’s voice biometric identity verification technology, which can provide strong security measures while also satisfying your end users demands for a simple and efficient login process.

Using voice biometric identity verification technology, end users simply have to recite a phrase or series of digits into their microphones. It eliminates the need for passwords, since the voice biometric engine will authenticate them by the sound of their voice. So you can kiss passwords like “welcome,” “abc123” and “letmein” goodbye.

Click here to learn more about how VoiceVault can streamline account authentication for your company.

Register for a FREE Developer Trial Now

Experience Voice Biometrics with the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Don’t Let What Happened to Gyft Happen to You

Chances are likely you may not be aware of Gyft, a California-based startup that allows customers to send digital gift cards to friends and family members. The company provides a handy service not undeserving of positive press.

Unfortunately, the first thing that holiday shoppers saw this year when Googling Gyft is a negative headline about a data breach.

According to Krebs on Security, cyberthieves recently targeted Gyft, asking certain customers to submit to unauthorized password resets. Following the incident, Gyft confirmed that hackers successfully acquired usernames and passwords, and forced password resets for customer accounts. As of right now, there is no telling how many customers were affected as the information has not yet been made public by Gyft. All affected accounts are being closely monitored for fraud attempts.

It’s a sad story indeed, as it’s one that could easily have been prevented by taking appropriate security precautions. The incident is a stark reminder that username and passwords are outdated security measures, and that businesses should instead be looking to next-generation technologies like voice biometrics to protect end-user accounts.

If Gyft had been using voice biometrics, for instance, hackers would have been unable to access accounts even following a reset. That’s because a voice biometrics engine will only grant access to a confirmed end-user voiceprint. Voice biometrics is spoof-proof, as it measures a variety of different factors in a voiceprint, and thus cannot easily be hacked.

So moving further into 2016, make sure your business does not wind up the victim of a data breach. Secure your mobile applications with voice biometrics! Click here to learn more.

Download the Mobile Voice Biometrics White Paper

Or download the ViGo, Mobile Voice Biometrics, Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store

Digital Consumers Are Growing Weary of Passwords

Consumer trust in usernames and passwords for digital identity verification purposes finally appears to be eroding, a study from Accenture shows. 77 percent of digital consumers, in fact, claimed in the Accenture report that they would be interested in alternative online identity verification solutions.

Why are digital consumers tiring of passwords? Sixty percent of respondents surveyed claimed that usernames and passwords are cumbersome to use. We’ve all experienced the pangs of typing in the wrong credentials, for instance, and getting locked out of our accounts. It’s a frustrating and time-consuming process.

Further, consumers are also worried about issues related to identity—and device—theft and, therefore, want access to a more robust form of identity verification. Usernames and passwords have proven to be highly susceptible to unauthorized third-party break-ins.

One viable alternative to usernames and passwords is biometric identity verification, that is, using a unique, personal identifying characteristic to gain entry into a mobile device. As the report shows, 58 percent of consumers plan to use a form of biometrics—such as a voice, finger or retina scan—within the next year.

It should be noted that out of all of the digital biometric identity verification solutions available for mobile devices and applications, voice biometrics is the most secure. In fact, it’s just about impossible to spoof a voiceprint based on the fact that it measures a wide range of physical and behavioral end-user characteristics.

Further, voiceprints are very convenient; an end user simply has to speak a phrase or series of digits into the microphone of a device in order to use it. A mobile voice biometric identity verification solution like ViGo by VoiceVault can work on any device, regardless of make or model.

Click here to learn more about ViGo.

Register for a FREE ViGo Trial Now

Or download the ViGo Demo App
ViGo-on-Google-PlayViGo-on-the-App-Store