Voice Recognition Authentication and the Contact Centre By Matt Peachey, VP/GM International at Pindrop
After years of relying solely on increasingly ineffective Knowledge-based Authentication (KBA) to screen callers, call centres are exploring new technologies to help authenticate customers. Not a moment too soon – call centres are under renewed attack as increasingly effective controls in the online channel drive attackers to the phone.
Pindrop’s recent State of Fraud report revealed that1 in 700 calls to contact centres is fraudulent costing them £0.51 per call. In addition, fraudulent calls cause a significant loss to productivity and time by forcing call centres to screen every single caller. This is driving the search for new technologies to help efficiently and accurately distinguishcustomers fromfraudsters.
One such advanced authentication method is voice biometrics, where characteristics of a speaker’s voice are used to authenticate him or her. Voice biometrics is focused on speech verification, which means confirming the claimed identity of a speaker from his or her voice. In other words, a caller claims to be someone, and the technology then matches the voice to an existing voiceprint.
Voice authentication is attractive for several reasons. A positive voice print can verify a customer, saving time and providing a higher level of security than KBA. And a negative voiceprint can be used to “blacklist” callers, alerting on them or blocking them when they call.
Despite this process, deployments have been limited. However, Voice User Interface (UI) such as Siri, Cortana and Amazon’s Echo has demonstrated that the technology has advanced to a point where voice recognition can be used as an authentication alternative to passwords.Google is working to ensure its speech recognition software will work with even the thickest of accents.
While voice UI has been around for decades, the technology has made massive strides over the years and its improving accuracy continues to raise its profile. In 1970, machines could recognise words with just 10 percent accuracy, 70 percent in 2010 and today in 2016, this has increased to a stunning 90 percent accuracy.
Voice UI as Password
As voice UI accuracy continues to improve, it will naturally become a form of authentication, similar to fingerprint. The financial services sector is one area where voice UI is being examined closely to introduce voice recognition for people to gain access to telephone banking services. It’s important for banks to look into new security measures, as aseparate Pindrop survey of 1000 consumers revealed that over half of respondents felt that no bank was fully secure. A further 59 per cent said they would leave their bank if they thought another one was more secure.
However, contact centre operatorsand their customers looking at voice UI as an authentication feature do have a number of issues to consider. Chief among these will be the security implicationsof voice UI and what managing voice authentication in the daily work environment will mean. How will voice authentication be added, changed or shared? What will that look like organisation-wide?
The emergence of the voice UI is bound to shake up how organisations approach the protection of their content and overall security strategy. In a few years,password usage is expected to reducein favour of what will be a much more accurate voice UI.Plus, the added convenience relieves people of having to continuously remember and regularly change their passwords.According to the Pindrop surveyapproximately 30 per cent of respondents listed security clearance as a key frustration.
The most astute and forward-thinking IT-contact centre managerswill be paying close attention to developments in voice UI with a view to adopt voice recognition as a password. However, adoption should be slow and staged in order to limit the security risks to the business – if there are speed bumps during implementation, new security operations can be tested, re-tested and contained if necessary.
Voice as part of two-factor authentication
Two-factor authentication adds a second level of verification to an account log-in. In traditional password authentication, the additional credential can be an additional piece of information known by the user such as a phone number or owned by the user like a biometric. The added layer of security can trump the action of a hacker with access to the first authentication information. But there is a dilemma with passwords in that hackers can pretend to be users and request to recover sign-in credentials – which is much harder with voice recognition.
Two-factor authentication is part of the larger movement of maturing multi-factor authentication. For instance, biometrics is one way to solve the credential recovery issue, but it cannot detect fraud on its own.
Technology like Phoneprinting™ is a great example of multi-factor authentication. It identifies specific components about each call such as the location a call is coming from, the device, whether it’s a mobile or landline and whether the phone has been used to call the company before. Combined this can aid in detecting fraudulent activity before it becomes an issue.
So whilevoice UI will be a key piece in the authentication puzzle, businesses cannot look to voice as a direct and sole replacement for authentication. No matter how good the voice UI is today, it is still always better to have multiple factors.
Matt Peachey is VP/GM International at Pindrop
For additional information about Pindrop’s Contact Centre Anti-Fraud Solutions visit their Website