Bank call centers using voice verification

Bank call centers using voice verification

Call centers need to be able to quickly response to issues such as false identification and fraud since more and more digitally engineered attacks are on the rise.  Because of their susceptibility, more financial institutions are considering using voice biometrics to fight call center fraud.

A recent paper published by Aite, a financial services consultancy, cited call centers as the weakest security link in financial institutions. U.S. banks have noted a rising number of cases where customer service representatives are tricked into sharing and changing banking account details.  If fraudsters find it tough to attack the technology and its protective layers, they find it easier to con unsuspecting customer service representatives to siphon money out of other people’s account.   Fraudsters easily can get not just personal details but also passwords and answers to security questions.

Financial institutions have identified voice biometrics as one of the best means to secure its client accounts and financial information.  Voice biometrics compares various characteristics drawn from a person’s voice such as inflection, pitch, dialect, among others, and matches that with data captured.   For voice recognition to work it requires banks and other financial institutions to register their clients voice patterns and correlate them to personal data for incorporation into a database.

Some security experts question the strength of voice biometrics in fighting call center fraud noting the problems with false positive identifications.  False positives are the equivalent of unverified identities.  False positives require callbacks for further verification and authentication, which ends up being more costly and time consuming for the call center.

But voice biometrics is just one of the layers identified for security purposes. Some banking institutions have invested in sending their call center representatives to fraud prevention training sessions and adopting out-of-band verification for phoned-in transactions.

Avivah Litan, fraud analyst for Gartner, said that the use of external challenge questions by call center staff accounted to a 15 to 20 percent failure rate for one financial institution.  Verifications such as recent bill payments, location where the payment was made, and inquiries on a latest balance, have all provided better security than the knowledge-based questions.

One company, Victrio, however has a new approach in voice biometrics as means of security against call center frauds. Tony Rajakumar, founder of Victrio said their products rely on a database of biometric voiceprints that screens calls in real-time.  It makes use of a broad database, even extending to United States and United Kingdom, alerting the institutions whenever a suspicious voice or those voices linked to previous fraud incidents comes in.   Instead of registering each client, Victrio uses the database to identify fraudsters.

Previous voice biometrics technology had not factored in fraud prevention as the core driver. Will this new approach reduce fraud?

Article Topics

 |   |   |   |   |   |   | 


One Reply to “Bank call centers using voice verification”

  1. This is they type of article one can exepct from a communication specialist from a company selling a technologically limited product it suggests it secure and enhancing privacy. That it suggests education is a good idea, but the education should be about the dangers of traditional biometrics. This article is about as meaningful as saying it is nearly impossible to hack into someone else computer so we don’t need to worry about cyber-security. The average person cannot hack in, but the average person is not the threat. A database that has value becomes a target for those with skills and so the question is if skilled attackers can break it. A PR specialist is not really qualified to even answer that question. Standard biometric templates can be inverted to produce images/templates that can be matched by the system or against other standard templates. There are multiple papers on the topic including J. Feng, and A. K. Jain, FM Model Based Fingerprint Reconstruction from Minutiae Template , Proc. International Conference on Biometrics (ICB), June, 2009. and Galbally, J., Cappelli, R., Lumini, A., de Rivera, G.G., Maltoni, D., Firrez, J., Ortega-Garcia, J., Maio, D.: An evaluation of direct attacks using fake fingers generated from iso templates. Pattern Recognition Letters 31, 725–732 (2010) Yes one cannot always reconstruct it, its only effective 90-95% of the time. That is not even close to secure or private. Even if they were not invertible, If the data can be used to search for you by the organization then it can be used by others to identify you without your permission, which makes it a privacy violation.But Steven’s comment above is not quite right. There are identity technologies that are the analogous to public-key encryption, you can have a public biometric-based identity token that you can use to prove you are you, but no one can search for you nor recover data that can be matched with you. I am an academic that has worked on biometric privacy and security for more than a decade and started a company producing formally privacy protecting biometric technology. But the market is being poisoned by marketers that keep mis educating the public with this type of unsubstantiated and incorrect statements that try to position their product for sale. As I said in a talk at the biometric consortium conference in 2009, the biometric industry is heading down the path of the lemon law of Akerlof. Soon the only products on the market will be the lemons and snake oil, with salespeople pitching the virtues of their products where most users cannot actually evaluate their false security/privacy claims. I agree we need public education but it should be by people that actually know what they are talking about.

Leave a Reply

Brand Focus

Biometrics Research Group

Biometrics White Papers

Biometrics Events

Explaining Biometrics