Online fraud complaints jumped 23 percent in 2009 to 336,655 with a total loss of $560 million, more than doubling the $265 million in losses from 2008, according to an article in the May 2010 edition of Bank Technology News. Additionally, a recent Gartner survey found “nearly half of people who don't use online banking listed security as a reason.” The item goes on to say that financial institutions will probably seek out-of-band security solutions (e.g., voice biometrics) as an additional factor of authentication.
This should be music to the ears for voice biometrics vendors. After all, voice biometrics is an ideal way to remotely authenticate online banking customers – and the technology is beginning to get some legs. For example, a recent posting in my blog mentioned that the top three banks in Israel have all implemented public-facing voice biometrics solutions.
One cautionary note comes from George Tubin, senior research director, TowerGroup, who says “voice biometrics still needs work. There's background noise and connection issues. There's also the matter of how well it functions." I’ve been hearing these concerns since I entered the space five years ago – and they continue to be a serious hurdle. It is incumbent upon the voice biometrics industry to find a way to overcome these legitimate concerns. The potential remote authentication market is just too big!
Friday, April 30, 2010
Wednesday, April 28, 2010
Voice Biometrics is the Right Choice for Contact Centers
Voice biometrics is a proven technology which can reduce contact center operating costs, increase security, enhance customer service and facilitate regulatory requirements (see my article on SpeechTechMag.com).
Voice biometrics has been successfully deployed at contact centers throughout the world. Want to learn more? Here are links to five case studies:
Voice biometrics has been successfully deployed at contact centers throughout the world. Want to learn more? Here are links to five case studies:
Australia Health Management
Bell Canada
National Australia Bank
TD Waterhouse Canada
Vodafone Turkey
Monday, April 26, 2010
Embedded Voice Biometrics Solutions
An article in The Economic Times (India)states that voice biometrics is not yet a viable option for logging on mobile devices such as computers and smart phones. The author claims that these devices are not sophisticated enough to handle biometric technology. I don’t know if that’s the case.
What I do know is that embedded voice biometrics, where enrollment and verification functionality is self-contained, is a natural fit for smart phones and other devices with a microphone. Additionally, several voice biometrics vendors (e.g., PerSay) are actively engaged in developing embedded solutions.
One company, Sensory, Inc., based in Sunnyvale, CA, has been providing embedded voice biometrics solutions to the toy and robotics industry for years. I’ve seen this technology in use in a toy voice activated biometric-safe. According to Sensory’s Website, their product’s “equal error rate (where the probability of an incorrect acceptance equals that of an incorrect rejection) ranges between 0.01-7% depending on the number of words and whether the passwords are known to the fraudster.”
I’m certain that, in the not too distant future, we’ll have a robust voice biometrics solution which can be embedded in a variety of mobile devices.
What I do know is that embedded voice biometrics, where enrollment and verification functionality is self-contained, is a natural fit for smart phones and other devices with a microphone. Additionally, several voice biometrics vendors (e.g., PerSay) are actively engaged in developing embedded solutions.
One company, Sensory, Inc., based in Sunnyvale, CA, has been providing embedded voice biometrics solutions to the toy and robotics industry for years. I’ve seen this technology in use in a toy voice activated biometric-safe. According to Sensory’s Website, their product’s “equal error rate (where the probability of an incorrect acceptance equals that of an incorrect rejection) ranges between 0.01-7% depending on the number of words and whether the passwords are known to the fraudster.”
I’m certain that, in the not too distant future, we’ll have a robust voice biometrics solution which can be embedded in a variety of mobile devices.
Friday, April 23, 2010
Voice Biometrics and HIPAA
Jason Gaya posted an item about HIPAA and biometrics on his emPower LMS blog that, in my opinion, makes a strong case for a voice biometrics solution. HIPAA mandates strict protection of health records. One way to ensure compliance is to implement tighter identity verification through multi-factor authentication. The three factor categories are “something the caller knows” (e.g., account number), “something the caller has” (e.g., hardware token) and “something the caller is” (e.g., voiceprint).
In his article, Gaya identifies several features that a biometric system used to secure health records should have:
• Cost-effective
• User-friendly
• Easy to deploy
• Fast verification process
• High degree of accuracy (e.g., low crossover error rate (CER))
• Interoperability
• Customized to the environment (e.g., factor in background noise of emergency room, etc.)
I believe that a voice biometrics solution has those features. Additionally, it’s a proven technology which can ensure HIPAA compliance by allowing only authorized access to health records.
In his article, Gaya identifies several features that a biometric system used to secure health records should have:
• Cost-effective
• User-friendly
• Easy to deploy
• Fast verification process
• High degree of accuracy (e.g., low crossover error rate (CER))
• Interoperability
• Customized to the environment (e.g., factor in background noise of emergency room, etc.)
I believe that a voice biometrics solution has those features. Additionally, it’s a proven technology which can ensure HIPAA compliance by allowing only authorized access to health records.
Wednesday, April 21, 2010
Criteria for Selecting a Voice Biometrics System
An item on policeone.com, by Thomas Bush III, Strategic Advisor for BIO-key International, caught my attention. In the article, “How to buy police biometrics products,” he presents guidelines, or, what he calls the “Four E’s,” for selecting biometrics systems. Although Mr. Bush focuses on fingerprint biometrics, I believe his criteria are spot-on for voice biometrics as well. Here they are:
• Effectiveness: “The basic measure of any authentication solution is accuracy. However, biometrics accuracy often comes with a price - in the form of “false negatives” or improper rejection of individuals who should have been successfully authenticated. While this is often attributed to “user error,” the potential end result in user frustration and time lost in re-authenticating must still be part of the measurement of overall effectiveness.”
• Ease of deployment and use: “No technology can be effective unless, and until, it’s operational and in regular use. A “bleeding edge” biometrics solution, even if it’s potentially more effective, may never get out of pilot, and one that users find confusing or cumbersome may not even make it that far. The solution should be easy to deploy and maintain and shouldn’t require significant changes to business processes.”
• Enterprise-wide capability: “While an organization may deploy an authentication solution to meet a single need today, it makes sense early in the selection process to look at where and how the use of biometrics may be expanded to meet future needs. This can save money and simplify administration.”
• Economic considerations: “Keeping costs under control is important – even when budgets aren’t under the strain they are today. …While the software is usually proprietary, a strong ongoing maintenance and support agreement can help ensure that the software can be enhanced on an ongoing basis, extending the life cycle of the solution, even as technology changes.”
• Effectiveness: “The basic measure of any authentication solution is accuracy. However, biometrics accuracy often comes with a price - in the form of “false negatives” or improper rejection of individuals who should have been successfully authenticated. While this is often attributed to “user error,” the potential end result in user frustration and time lost in re-authenticating must still be part of the measurement of overall effectiveness.”
• Ease of deployment and use: “No technology can be effective unless, and until, it’s operational and in regular use. A “bleeding edge” biometrics solution, even if it’s potentially more effective, may never get out of pilot, and one that users find confusing or cumbersome may not even make it that far. The solution should be easy to deploy and maintain and shouldn’t require significant changes to business processes.”
• Enterprise-wide capability: “While an organization may deploy an authentication solution to meet a single need today, it makes sense early in the selection process to look at where and how the use of biometrics may be expanded to meet future needs. This can save money and simplify administration.”
• Economic considerations: “Keeping costs under control is important – even when budgets aren’t under the strain they are today. …While the software is usually proprietary, a strong ongoing maintenance and support agreement can help ensure that the software can be enhanced on an ongoing basis, extending the life cycle of the solution, even as technology changes.”
Monday, April 19, 2010
Voice Biometrics Opportunity -- Authenticating the Identity of e-Prescribers
The March 31, 2010 Federal Register included an interim final rule posting by the Drug Enforcement Agency (DEA) that would permit hospitals, healthcare providers, and pharmacies to use electronic prescriptions in the dispensing of controlled drugs. Although providers may currently create electronic prescriptions for controlled substances, those prescriptions cannot be transmitted as electronic data files to the pharmacy. Instead, the e-prescriptions must be printed out for signatures or faxed to a pharmacy. The DEA's rule would eliminate the need for a manual process.
Of particular interest to the voice biometrics community is that the new rule allows "biometrics" (including voice) to be used, as one of two-factors, to authenticate the identity of the e-prescriber. Specifically, the rule states that the “DEA is allowing the use of a biometric as a substitute for a hard token or password.” For a biometric to be acceptable, it must meet several requirements (e.g., a “false accept rate” of 0.001 or better, etc.).
The opportunity is there. Who will be the first to step up to the plate?
Of particular interest to the voice biometrics community is that the new rule allows "biometrics" (including voice) to be used, as one of two-factors, to authenticate the identity of the e-prescriber. Specifically, the rule states that the “DEA is allowing the use of a biometric as a substitute for a hard token or password.” For a biometric to be acceptable, it must meet several requirements (e.g., a “false accept rate” of 0.001 or better, etc.).
The opportunity is there. Who will be the first to step up to the plate?
Thursday, April 15, 2010
Top Three Banks in Israel Deploy Voice Biometrics
According to a press release, PerSay has completed the deployment of public-facing voice biometrics systems at the top three banks in Israel – Bank HaPoalim, Bank Leumi and Discount Bank. Applications range from automatic PIN reset to multi-factor identity verification.
Bank HaPoalim’s Contact Center manager commented about voice biometrics on Israeli TV as follows:”Besides the efficiency we gained by eliminating authentication questions, we have significantly improved our service accessibility and customer experience.” Also, Israel’s former Chief Scientist (and PerSay Board Member), Dr. Orna Berry, commented that she expects to see a global expansion of voice biometrics in the next few years to accessing remote services and applications over the phone, Internet, as well as mobile devices.
This latest news can only enhance the credibility of voice biometrics as the right technology for remote identity verification in contact centers. As my recent article on speechtechmag.com asks, “What’s Everyone Waiting for?”
Bank HaPoalim’s Contact Center manager commented about voice biometrics on Israeli TV as follows:”Besides the efficiency we gained by eliminating authentication questions, we have significantly improved our service accessibility and customer experience.” Also, Israel’s former Chief Scientist (and PerSay Board Member), Dr. Orna Berry, commented that she expects to see a global expansion of voice biometrics in the next few years to accessing remote services and applications over the phone, Internet, as well as mobile devices.
This latest news can only enhance the credibility of voice biometrics as the right technology for remote identity verification in contact centers. As my recent article on speechtechmag.com asks, “What’s Everyone Waiting for?”
Wednesday, April 14, 2010
Opus Research: Voice Biometrics Webcast Recap
Dan Miller and Derek Top, Opus Research, along with Paul Heirendt, CEO of TradeHarbor, presented a Webcast yesterday titled “Meeting New Demands for User Authentication.”
The central theme was that voice biometrics should be seen as an enabling technology (i.e., for transactions and interactions) over a number of channels and networks. Paul presented several examples, including:
• Identity and authentication – voice biometrics authenticates that the person is actually who they claim to be
• Increased customer convenience and reduced operations costs – live agent knowledge-based authentication takes 30 seconds to 2 minutes while voice biometrics authentication takes less than 9 seconds
• Privacy protection – voice biometrics strengthens authentication which can lead to a stronger privacy protection policy
Click here to view the archived Webcast.
The central theme was that voice biometrics should be seen as an enabling technology (i.e., for transactions and interactions) over a number of channels and networks. Paul presented several examples, including:
• Identity and authentication – voice biometrics authenticates that the person is actually who they claim to be
• Increased customer convenience and reduced operations costs – live agent knowledge-based authentication takes 30 seconds to 2 minutes while voice biometrics authentication takes less than 9 seconds
• Privacy protection – voice biometrics strengthens authentication which can lead to a stronger privacy protection policy
Click here to view the archived Webcast.
Monday, April 12, 2010
Alternative to Voice Biometrics? Eye-Movement Patterns
While scanning a press release about Innovate!2010, I read about an innovative biometrics company based in Israel. ID-U claims to have developed the first stimuli-driven biometric system, based on the uniqueness of a person's eye-movement patterns.
According to ID-U’s Website, the system works as follows: “the person to be identified (user) watches a moving target (visual stimulus) on a monitor, while a small, low-resolution camera acquires the user's eye-movement response; a processing unit, either inside the local device or remotely located at another physical site, uses both the stimuli and response to identify the user.” The “sample” pattern is compared to a “base” pattern previously captured. I’m not 100% certain if the person can enroll via their own camera (e.g., computer, cell phone, etc.).
ID-U lists several advantages of using eye-movement patterns, including: the product is software driven, it’s virtually impossible to reproduce a user’s response to stimuli and the product’s inherent liveness detection. Of particular interest to the voice biometrics industry is the Company’s statement that their biometrics technology can be used to secure mobile transactions by simply using a cell phone’s display and camera.
I plan to learn more about this technology (e.g., enrollment process, failure rates, etc.) and report back.
According to ID-U’s Website, the system works as follows: “the person to be identified (user) watches a moving target (visual stimulus) on a monitor, while a small, low-resolution camera acquires the user's eye-movement response; a processing unit, either inside the local device or remotely located at another physical site, uses both the stimuli and response to identify the user.” The “sample” pattern is compared to a “base” pattern previously captured. I’m not 100% certain if the person can enroll via their own camera (e.g., computer, cell phone, etc.).
ID-U lists several advantages of using eye-movement patterns, including: the product is software driven, it’s virtually impossible to reproduce a user’s response to stimuli and the product’s inherent liveness detection. Of particular interest to the voice biometrics industry is the Company’s statement that their biometrics technology can be used to secure mobile transactions by simply using a cell phone’s display and camera.
I plan to learn more about this technology (e.g., enrollment process, failure rates, etc.) and report back.
Friday, April 9, 2010
Voice Biometrics Case Study: Australian Health Management
In 2007, Australian Health Management (AHM), one of Australia’s top 10 health services providers with 250,000 members, introduced a voice biometrics system to validate member’s identities. Salmat (formerly VeCommerce) implemented the voice verification system, which is powered by Nuance Verifier™. According to AHM’s Website, the voice verification system was deployed to enhance member service. For example:
• Members would no longer need to go through the manual verification process every time they call
• Membership details would be accessed quicker to reduce waiting time
• Member’s health insurance information would be more secure
Enrollment Process:
• The enrollment process is voluntary and guided by a live agent
• Member is prompted to say their membership ID number
• This process creates the client’s “base” voiceprint and stores it in the database for future use
Verification Process:
• Member calls AHM and is prompted to say their membership ID number
• This process creates the member’s “sample” voiceprint which is then compared to their “base” voiceprint in the database
• If the voiceprints match, the member’s identity is verified
• If the voiceprints don’t match, the member is transferred to a live agent
Using voice biometrics, AHM is saving an average of 30 seconds per call.
• Members would no longer need to go through the manual verification process every time they call
• Membership details would be accessed quicker to reduce waiting time
• Member’s health insurance information would be more secure
Enrollment Process:
• The enrollment process is voluntary and guided by a live agent
• Member is prompted to say their membership ID number
• This process creates the client’s “base” voiceprint and stores it in the database for future use
Verification Process:
• Member calls AHM and is prompted to say their membership ID number
• This process creates the member’s “sample” voiceprint which is then compared to their “base” voiceprint in the database
• If the voiceprints match, the member’s identity is verified
• If the voiceprints don’t match, the member is transferred to a live agent
Using voice biometrics, AHM is saving an average of 30 seconds per call.
Wednesday, April 7, 2010
PerSay Forms Alliance with Global Telecom Solutions Provider
According to a press release, PerSay has entered into an alliance with Huawei, a global telecom solutions provider with headquarters in the People's Republic of China. The agreement enables Huawei to offer a pre-integrated voice biometrics enabled IP Contact Center solution across enterprises globally.
Reacting to the announcement, Almog Aley-Raz, PerSay’s CEO stated “While more and more solution providers, system integrators, and value added resellers realize the benefits of voice biometrics, Huawei has taken a unique proactive approach, integrating voice biometrics into its product suite and offering it to its customers. With this strategic alliance, we are more confident than ever that voice biometrics and PerSay products will play a role in every modern contact center.”
Coming on the heels of the recent TradeHarbor-USAN partnership announcement, I'm hopeful that contact centers will soon begin deploying voice biometrics en masse!
9EZG58FGVCXG
Reacting to the announcement, Almog Aley-Raz, PerSay’s CEO stated “While more and more solution providers, system integrators, and value added resellers realize the benefits of voice biometrics, Huawei has taken a unique proactive approach, integrating voice biometrics into its product suite and offering it to its customers. With this strategic alliance, we are more confident than ever that voice biometrics and PerSay products will play a role in every modern contact center.”
Coming on the heels of the recent TradeHarbor-USAN partnership announcement, I'm hopeful that contact centers will soon begin deploying voice biometrics en masse!
9EZG58FGVCXG
Monday, April 5, 2010
Voice Biometrics Basics - Standards
The majority of voice biometrics platforms and applications are proprietary in nature. This eliminates any opportunities for interoperability among the various components (i.e., enrollment, verification, database, etc.) that comprise a voice biometrics system. For example, a ‘sample’ voiceprint captured via system ‘B’ cannot be compared to a ‘base’ voiceprint captured by system ‘A’, and so on.
There are several organizations actively engaged in the development of biometric (including voice) industry standards, including:
• American National Standards Institute (ANSI)
• BioAPI Consortium (BioAPI)
• International Standards Organization (ISO)
• Internet Engineering Task Force (IETF)
• World Wide Web Consortium (W3C)
Two examples of standards under development include:
Media Resource Control Protocol (MRCP): MRCP is a protocol, developed by Cisco Systems, Inc., Nuance Communications, Inc., and SpeechWorks, and backed by the IETF, that allows interoperability among various speech resources within telephony applications.
Voice Extensible Markup Language (VoiceXML): According to Wikipedia, “VoiceXML is the W3C’s standard XML format for specifying interactive voice dialogues between a human and a computer. It allows voice applications to be developed and deployed in an analogous way to HTML for visual applications. Just as HTML documents are interpreted by a visual web browser, VoiceXML documents are interpreted by a voice browser or IVR.”
There are several organizations actively engaged in the development of biometric (including voice) industry standards, including:
• American National Standards Institute (ANSI)
• BioAPI Consortium (BioAPI)
• International Standards Organization (ISO)
• Internet Engineering Task Force (IETF)
• World Wide Web Consortium (W3C)
Two examples of standards under development include:
Media Resource Control Protocol (MRCP): MRCP is a protocol, developed by Cisco Systems, Inc., Nuance Communications, Inc., and SpeechWorks, and backed by the IETF, that allows interoperability among various speech resources within telephony applications.
Voice Extensible Markup Language (VoiceXML): According to Wikipedia, “VoiceXML is the W3C’s standard XML format for specifying interactive voice dialogues between a human and a computer. It allows voice applications to be developed and deployed in an analogous way to HTML for visual applications. Just as HTML documents are interpreted by a visual web browser, VoiceXML documents are interpreted by a voice browser or IVR.”
Friday, April 2, 2010
Identity Thieves/Fraudsters Find New Hunting Grounds
Identity thieves and fraudsters continue to find new ways to ply their trade. An article in today’s "Voice&Data" Magazine identifies three non-traditional domains where identity related crimes are proliferating:
E-Payments
New online and mobile payment methods, such as peer-to-peer (P2P) payments (already available as a Facebook application) are creating opportunities for identity thieves. According to the article, some of these payment modes do not ensure adequate identity verification when processing a transaction.
Mobile Payment
Many mobile devices can now be used as “electronic wallets” to facilitate financial transactions. Unfortunately, this technology provides additional opportunities for fraudsters to not only steal your identity, but your money as well.
Social Media
Social networking sites, such as Facebook and LinkedIn, contain personal information which can be “borrowed” by identity fraudsters to create fake accounts in your name.
The article goes on to recommend the use of multi-factor authentication, with biometrics, including voice, as one of the factors, to help prevent identity fraud.
For more information on identity theft, including steps you can take to safeguard your personal information, click here.
E-Payments
New online and mobile payment methods, such as peer-to-peer (P2P) payments (already available as a Facebook application) are creating opportunities for identity thieves. According to the article, some of these payment modes do not ensure adequate identity verification when processing a transaction.
Mobile Payment
Many mobile devices can now be used as “electronic wallets” to facilitate financial transactions. Unfortunately, this technology provides additional opportunities for fraudsters to not only steal your identity, but your money as well.
Social Media
Social networking sites, such as Facebook and LinkedIn, contain personal information which can be “borrowed” by identity fraudsters to create fake accounts in your name.
The article goes on to recommend the use of multi-factor authentication, with biometrics, including voice, as one of the factors, to help prevent identity fraud.
For more information on identity theft, including steps you can take to safeguard your personal information, click here.
Subscribe to:
Posts (Atom)
