1 / 36

Using Voice Biometrics to Verify Identity over the Telephone

Using Voice Biometrics to Verify Identity over the Telephone. Maurizio Miragoli. Agenda. The rising cost of fraud The insecure contact center Why voice can be used for security The speaker verification process Multiple security levels with voice Implementation requirements Proof points.

manning
Télécharger la présentation

Using Voice Biometrics to Verify Identity over the Telephone

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Using Voice Biometrics to Verify Identity over the Telephone Maurizio Miragoli

  2. Agenda • The rising cost of fraud • The insecure contact center • Why voice can be used for security • The speaker verification process • Multiple security levels with voice • Implementation requirements • Proof points

  3. The Rising Cost of Fraud

  4. The Rising Cost of Fraud • Total card fraud in the UK reached £428.1m in 2006 • The biggest fraud type in the UK is card-not-present fraud, which costs £183.2m. This is fraud on cards used over the telephone, Internet or for mail order. • 9% of the entire German adult population has been victim to bank fraud – 4.9 million people Sources: http://www.apacs.org.uk/resources_publications/card_fraud_facts_and_figures.html http://www.esta.biz/card_fraud_-_german_-_final.pdf

  5. The Insecure Contact Center

  6. Telephone versus Internet Security

  7. The Insecure Contact Center • Typical Contact Center Security • In the IVR • Account Number + PIN • With Agents • Account Number + 2 Security Questions • Mother’s Maiden Name • Date of Birth • Out of Wallet Questions

  8. Insecure The Insecure Contact Center • Typical Contact Center Security • In the IVR • Account Number + PIN • With Agents • Account Number + 2 Security Questions • Mother’s Maiden Name • Last 4 SSN • Date of Birth • Out of Wallet Questions

  9. Starting simple • Automated systems don’t feel rushed or pressured • Automated systems can’t be persuaded or flattered • Automated systems consistently follow the rules • Automated calls cost cents on the dollar compared to an agent

  10. Starting simple • Automated systems don’t feel rushed or pressured • Automated systems can’t be persuaded or flattered • Automated systems consistently follow the rules • Automated calls cost cents on the dollar compared to an agent Using automation is more secure than using agents

  11. Why Voice can be used for Security

  12. What Makes Each Voice Unique? • Relatively stable characteristics • Vocal tract length • Vocal tract shape • Vocal cord length (pitch) • Gender (breathiness) • Nasal cavity size and shape • Speaking rate and prosody • Language, dialect, and accent • Transient characteristics • Health • Emotional state • Environment

  13. Consumer Attitudes • Users understand the advantages of voice authentication • 88% of consumers find voice authentication to be more or equally convenient as PINs • 74% of consumers find voice authentication to be more or equally secure as PINs

  14. Consumer Attitudes • Users understand the advantages of voice authentication • 88% of consumers find voice authentication to be more or equally convenient as PINs • 74% of consumers find voice authentication to be more or equally secure as PINs People believe in the voice as a biometric

  15. Does it work? • Source: “Executive Briefing: Voice Biometrics for Financial Services”, Opus Research (2006)

  16. The Speaker Verification Process

  17. How It Works: Enrolment 1a. Analyze signal and create voiceprint 2. Confirm Enrolment 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 Speaker Verification Application • > Zero • > One • > Two • > Three • > Four • > Five • > Six • > Seven • > Eight • Nine Speech Recognition You’ve successfully enrolled! 1b. Did the caller speak correctly?

  18. How It Works: Verification 1a. Analyze signal and compare with stored voiceprint 2. Return confidence levels Please Repeat: 1 2 6 7 1 2 6 7 Speaker Verification Application > One > Two > Six > Seven > One > Two > Six > Seven Speech Recognition 1 2 6 7 1 2 6 7 3. Grant or deny access 1b. Did the caller speak correctly?

  19. Caller is… Authentic Imposter Correct False Accept Granted Access Caller is… False Reject Correct Refused Access Possible Outcomes

  20. Multiple Security Levels witih Voice

  21. High Security (0.2,3.0) User False Reject Rate (FR) High Convenience (3.0,0.2) Balance Imposter False Accept Rate (FA) Flexible Technology • Equal Error Rate (EER) • Operating point where FA% = FR%

  22. Speech is inherently multi-factor • By using speaker verification with speech recognition, we can test • Something the user knows • Something the user is • Within the application we can flexibly adjust which combinations we use • Speaker Verification is multi-factor while incurring no significant new hardware costs • Cards, USB devices, PIN generators are easily lost or stolen • Other biometrics require large hardware investment, e.g. in scanners • Speaker verification is deployed on existing IVR infrastructure

  23. Implementation Requirements

  24. Is it financially feasible? Source: Datamonitor, 2000 • “Voice biometric systems have the innate ability to scale quickly and without significant incremental cost” Opus Research, November 2005

  25. Document existing security strategy • Number of calls • IVR handled calls; calls transferred from IVR; agent-handled calls • Assess vulnerability of each authentication token • Customer convenience • Ease of imposter acquisition • Privacy • Accuracy of use • Calculate authentication vulnerability • Data driven approach

  26. Establish Cross-Functional Consenus • Choose which factors are appropriate • How will you resolve conflicts? • Voiceprint matches, but knowledge is lacking • Knowledge is present, but voiceprint mismatches • Weigh off security levels versus requirements • Common understanding of requirements and proposed solutions • Security – bullet-proof, no errors • Marketing – brand forward, customer loyalty • IVR – call containment, cost reduction • Customer Care – caller experience, customer sat

  27. Design VUI and application • Careful VUI design is essential • It increases security, e.g. through liveness testing • It enhances caller satisfaction • It increases ROI and call containment • It enhances branding

  28. What if I have a cold? What about impostors using a recording of my voice? • Voiceprints measure behavioral characteristics of the voice, as well as physical characteristics of the person’s vocal track, which don’t change when hoarse or nasal • VUI best practices such as liveness testing make tape recorded attacks very difficult • Poor quality recordings do not match the voiceprint sufficiently well What about impressionists imitating me? • Voiceprints capture more voice features than mimics can copy, so they are not easily tripped-up by impressionists Ongoing Consumer Education Market the Solution

  29. Proof Points

  30. Examples • Enrollment • Verification • Imposter Attempt

  31. Nuance Verification in Customer Loyalty • Loyalty plan redemption service • Enrollment • 95% succeeded in creating a voiceprint • Most failure due to non-participation • Combined success rate (91%) beat previous IVR approach (84%) • Multiple voiceprints per account to accommodate delegates • Prize winner on World Usability Day (Nov ’06)

  32. Nuance Verification in Financial Services • Financial Services Provider • Problem • 100,000’s calls per month • Users frequently forgot PIN • Goal: increase secure access, increase customer satisfaction • Speaker Verification • ~100,000 customers enrolled to date (opt-in) • Customer satisfaction measurably improved

  33. Nuance Verification in Communications Services • Cable Television Provider • Goals • Simplify and shorten calls to for PPV orders • Increase customer satisfaction • Speaker Verification • Strong customer opt-in • Customer satisfaction measurably improved • Call length and ROI significantly improved

  34. Multi-Channel Future Please say your Voice Key Jenny Cheung

  35. Summary • Issues • Call center security is weak • Fraud costs are high • Regulations increasingly demand MFA • Speaker Verification and Recognition • Multilingual • Support MFA • Cost Effective • Strong ROI • Highly Scalable • Highly Secure

  36. Summary • Contacts • Your Account Executive • maurizio.@nuance.com • Guy.earman@nuance.com • Questions…

More Related