Your Voice is Your Password

Tuesday, October 19, 2010 by Nuance Communications UK

Fraud has always been a problem for the financial services industry. Fraud losses on UK credit and debit cards alone totalled £440m last year. Despite persistent efforts to raise consumer awareness of the risk of fraud, many still claim the responsibility lies firmly with financial organisations to provide more stringent levels of protection. Either way, fraud is costing banks money and causing their customers anxiety. However, by using automated voice authentication to fight fraud, financial organisations can actually save money and make identification and verification more convenient for the customer. According to the centre for economic and business research, automated voice authentication could save UK financial services companies £472m per year.

Although chip and PIN has reduced the occurrence of fraud, most banks still see between a 5% - 10% identification and verification failure rate with their existing systems. PINs and passwords are themselves easily compromised through intentional theft, user apathy and shoulder surfing.

We have seen significant investment in voice authentication in recent years, which uses voice biometric technology to prove the customer is who they say they are based on the unique characteristics of their voice.

Peoples' voices are unique, just like their finger prints. Voice authentication analyses voice samples to extract key characteristics of a person's voice based on, for example, their vocal tract length and shape, their pitch and speaking rate. This set of characteristics taken together is called a voice print. When a genuine customer enrols with a system, a voice sample is collected and a voice print extracted and stored for future use. When the caller speaks to the organisation again, a second voice sample is collected and compared to the stored voice print. This comparison generates a confidence score as to whether the voice matches the existing voice print – the caller is either accepted, and gains access to the system, or rejected as a poor match.

Voice authentication is now state-of-the-art with a high accuracy rate. As a voice print is almost impossible to impersonate, it is infinitely more secure than a credit card or PIN. It is also the only biometric that can be verified remotely, making it the most convenient biometric to use.

Furthermore, automated voice authentication is quicker than traditional methods, so banks save time and money, while improving the customer experience. It is less invasive for the customer as it removes the need for lengthy and unpopular interrogation by call centre agents.

A more precise and automated identification and verification process will allow organisations to offer new automated services, previously only available via agents. These include personalised caller menus (such as "Your account balance is £650.00, and your last deposit was recorded yesterday, can I help you with anything else?"). Automation of riskier transactions, requiring stronger security, such as change of address, is also possible. Combined these applications lead to a better and more secure user experience and happier customers. However, like all security processes, voice authentication is best used in conjunction with a second factor; something a user has (for example credit card, mobile phone) and / or something a user knows (for example postal code, secret date).

While customers are increasingly nervous about fraud, they will shy away from systems that are cumbersome or time consuming, leaving them and the bank exposed. Not only is voice authentication user friendly, it offers a highly effective, affordable and convenient solution to security issues, making it a candidate for widespread adoption. Its prevalence could pre-empt the end of passwords and PINs, giving rise to a ubiquitous 'spoken token'.