By Brendan Read
Your contact centre isn’t the only channel that’s susceptible to fraud. Determined crooks continue to ramp up their efforts to penetrate other channels: from mobile apps to the web. Fortunately, biometrics technologies are advancing so that your organization can detect and stop fraudsters upon first contact.
Brett Beranek, Director of Security Strategy, Nuance, is addressing why biometrics needs to be an omni-channel initiative in an interview with Contact Management.
CM: 2017 showed that hackers aren’t slowing down their efforts anytime soon. What are you finding when talking with your customers?
BB: The majority of our customers now understand that when it comes to fraudulent attacks, it’s no longer an “if” game. We are now in a “when” game. When crooks try to attack, how are we going to be prepared to ward off and stop their efforts?
Companies that are not operating with that mindset are fooling themselves. Unfortunately they are making themselves and their customers extremely vulnerable to these types of attacks.
CM: How is the customer experience (CX) landscape different now, from what you were seeing – say, three to five years ago – especially when dealing with security?
BB: The industry has been doing a fine job in making more channels available for CX transactions, which is a very good thing. Consumers are very open to using mobile apps, web sites, virtual assistants and other tools to interact with the companies with whom they do business. At the same time, fraudsters are becoming increasingly sophisticated. They often first try the phone channel, and when that doesn’t work, e.g., because they can’t penetrate the voice biometrics, they target these other growing channels, devices and access points.
CM: You mentioned voice biometrics. Where does voice biometrics fit into the equation?
BB: Voice biometrics has been around for some time. We introduced it to our customers more than 15 years ago. But the market wasn’t conditioned to using automated voice technologies for identification and authentication. Instead, businesses relied on knowledge-based information such as U.S. Social Security Numbers, alphanumeric passwords and PINs. The problem with those methods is that once someone hacks into a database, it becomes a free-for-all, leading to a massive data breach, resulting in considerable financial and reputational fallout.
Every dollar of fraud costs organizations nearly 2.5 times more than the actual loss itself, according to LexisNexis. That’s a hard number to stomach.
Given all this, we have seen a drastic uptick in consumers using voice biometrics. For instance, in 2016 our customers had a combined 150 million enrolled voiceprints. In 2017, that number doubled to 300 million and biometrics was used to complete more than 5 billion transactions.
We now have tools that can take this security even further by detecting speech patterns associated with fraudulent behaviour with our ConversationPrint solution. We can tell if someone is an actual customer or a fraudster based on how they string their words together in a conversation with a contact centre agent or even while chatting with a live or virtual assistant.
For example, if an imposter gains knowledge-based information from a previous breach and contacts a credit card company to try and use the information, the system can flag the interaction based on words alone. Even though the fraudster may have all the required information, ConversationPrint can identify in real-time that it is fraudulent, based on word choices and speech or writing patterns. This is through speech-to-text, a core competency of Nuance, which is applied to short speech segments to analyze vocabulary, sentence structure and grammar.
CM: Does voice biometrics work for all channels?
BB: Voice biometrics is highly effective for most channels, such as interactive voice response (IVR), virtual assistants and mobile apps. But ideally companies will integrate other complementary biometrics technologies to further safeguard themselves and their customers from fraud. For instance, behavioural biometrics is an excellent tool for the Web channel or in tandem with voice biometrics for other CX interactions. This is why it’s vital that companies look at the whole omni-channel experience when developing strategies to combat fraud. They need to ensure that all points of contact are secure, and biometrics technologies are key to achieving this.
CM: Can you give me an example of how behavioural biometrics works?
BB: Behavioural biometrics analyze behaviour patterns. How a person types, uses a mouse, holds their smartphone or even how they pause when accomplishing a task can all determine behind the scenes that a person is who they say they are. We’ve learned that fraudsters and hackers have different behaviour and interaction with their devices than non-fraudsters, so behavioural biometrics is useful for detecting fraud before it happens. Note that at the same time we’re collecting behaviour patterns on customers, we’re also collecting those same patterns on criminals.
There are also artificial intelligence (AI)-powered technologies layered together to form a profile to verify legitimate users and flag fraudulent activity, including spoofing attacks using synthetic speech, recording attacks and mimics. They analyze audio to determine device types and models used during interactions and the call metadata to identify inconsistencies and determine phone number spoofing, and detect callers’ geographic locations via the phone network.
CM: How do voice and behavioural biometrics impact the customer experience?
BB: In the majority of instances, customers opt-in or enroll themselves for voice biometrics. By being able to simply say a phrase like, “My voice is my password,” a customer can easily and securely authenticate themselves when calling into customer service, for example. Many companies also use another layer of voice and/or behavioural biometrics behind the scenes to further ensure that the person is who they say they are. In those cases, the customer really doesn’t even know there are technologies working on their behalf to protect their identities and personal information.
CM: How are companies in Canada using biometrics technologies? How is this impacting their customers?
BB: There are several companies in Canada using voice biometrics, including Royal Bank of Canada, Manulife and Tangerine. Royal Bank of Canada has more than one million customers using voice biometrics for easy authentication and to prevent fraudsters from illegally accessing their private financial information. One of the leading telecom services firms reported fraud reductions following voice biometrics deployment.
CM: What do you recommend companies do to ensure that they don’t become one of the dozens of hacked companies we’ve seen in the news?
BB: It is vital that companies equip themselves with robust, omni-channel security solutions. They cannot operate in silos i.e., where those in charge of the IVR contact centre are not working with those developing the mobile apps, web chats or virtual assistants.
A robust, layered approach ensures that companies will be much more likely to identify and stop fraudsters across every channel, while simultaneously improving the CX experience. Treating biometrics security as an omni-channel initiative is a win-win for businesses and their customers.