Fraud Prevention with Voice Authentication
Posted by David Lover on Dec 10, 2019 10:00:00 AM
While voice authentication is now a hot topic, it is not a brand-new concept. Traditionally, voice authentication was used purely as a way to replace a user’s password. It was a very manual process to establish your voice password (today, we’d call that “active enrollment”), and you were limited to very specific ways of using it (typically a challenge-response model).
While active enrollment still makes sense for many companies, one big improvement in voice authentication that has occurred relatively recently is the idea of passive enrollment. This is where the system is listening to the conversation, using multiple forms of authentication to prove identity, and then automatically capturing a voiceprint that can be used later, also in real-time. This enrollment can happen in as little as 3-4 seconds—without the end-user even knowing it happened—and unlike a voice password, it’s not actually the recording of the voice that is used to authenticate or compare to other voices. It’s the characteristics of the voice that are recorded.
This has several benefits. For starters, there are no records to steal. More importantly, this makes for a much more flexible, accurate, and fast identification later on. It allows modern voice biometrics to recognize you correctly, even if you have a cold, just woke up and haven’t had your coffee, or just sound a little different today. And all without having to use the exact words that were used during the original enrollment!
But again, besides the obvious “real-time authentication” concept, what else can voice biometrics be used for? There’s one particular application of voice biometrics that I think is amazing: real-time fraud prevention. This is the idea that once we’ve identified a person committing a fraud, they can be added to a “watchlist” so that the next time that person (regardless of who they claim to be) contacts your business, they are identified as someone known to have committed fraudulent behavior in the past. The system can notify the contact center agent that the person they are talking to is on the fraud watchlist and take extra precautions to ensure that person is not committing additional fraud. These watchlists can potentially be shared among a vendor’s customer base so you are protected from a known fraudster even if they haven’t previously contacted your company specifically.
Taking fraud prevention one step further, there’s an offline application that searches past recordings of conversations, looking for voiceprints of one authorized user that match the voiceprint of a different authorized user. By this I mean a situation where a single user has created multiple identities while interacting with the business, claiming to be different people.
Why would someone do that? Easy. If you’ve found a way to commit fraud against a company, it’s best to do it often, but in smaller quantities. If you’ve found a way to steal money from a business, doing it once, with a target of a big dollar amount, will get you caught. Doing in several times under different aliases, with more reasonable dollar amounts, is less likely to show up on the typical exception reports. Those fraudsters also know that it is extremely unlikely that they will be recognized and detected by the agents, or even the fraud department, as they are just one of thousands or millions of calls coming in. And no, I don’t know this from personal experience, but I’ve watched a lot of movies. Plus, history has taught us that this is how most fraud happens against a company.
The good news? We now have the technology needed to find people who have created multiple aliases and bring them out into the open. Pretty cool.
Think of all the other use cases for this type of voice biometric-based authentication. Most companies use outbound dialers (I’m thinking proactive outreach, not spam robo-dialers) to return a call or reach out to a customer to notify or remind them of something. They are almost always are intended for a specific person. The extent of the typical verification goes something like:
“Hi, can I speak to David Lover?”
“Yes, that’s me.”
Voice biometrics can be used to ensure that you’ve outreached to the right person without having to ask for additional information.
Or how about recognizing identities when multiple speakers are involved—as in when an agent is talking to a first speaker, but mid-conversation, that speaker hands the phone to someone else. Did the agent even know it happened? Was the change legitimate? Is the new speaker authorized by the first speaker to conduct business on their behalf? Again, this situation can easily be identified and handled by today’s voice biometric solutions. The list of use cases goes on and on.
Voice calls into or out of a business are still a huge channel for the contact center. Automatically identifying and authorizing the caller is critically important. Is verifying the account code the best way to do this? Probably not. Voice biometrics are a hot topic for many organizations right now, and for good reason. Make sure you navigate your options to find the best solution for delivering the experience your customers deserve.
Topics: Customer Experience