Barclays to Introduce Voice Recognition for Telephone Banking
UK bank Barclays is introducing voice recognition for users of its telephone banking service, in a move that could lead to the phasing out of passwords.
The bank is using a system of voice biometrics, already used by customers in its high net worth banking arm, which it will roll out to 12m retail customers next year. The system works by storing a recording of the customer’s voiceprint, which can then be used to identify them in just 10 seconds, rather than the current average of 90 seconds.
Ashok Vaswani, chief executive (CEO) of Barclay’s personal and corporate banking, describes the new technology as ‘foolproof’.
When launched, customers of the service will have a brief conversation an agent, during which time their voice biometrics are checked, before they login to their banking. The bank says it will reduce fraud and increase security.
Jason Hart, vice president (VP) cloud solutions at encryption specialist SafeNet, said that Barclays’ announcement was not surprising. “Today we have so many passwords to remember that we choose easy-to-guess passwords, use the same passwords for several accounts, or even write down passwords where they can be easily found. So organisations need to look for alternative ways to authenticate users and bolster security. This means, not relying on basic username and password for customer authentication and adopting a holistic security strategy that offers multiple layers of protection, such as multi factor authentication and encryption.
“While biometrics can provide a convenient and alternative security mechanism, it should not be used as a single factor authentication solution. This is partly because of the fact that biometrics are not based on secrets. Your voice, your image and your fingerprint are not a secret. You leave them everywhere and they can be spoofed, with different levels of effort. So it’s important that they are used as part of a multi-factor authentication strategy.”
Chris England, director at identity management firm Okta, added that the point had been reached where usernames and passwords alone were no longer enough. “We’ve long had single sign-on technologies to remove the complexity of remembering multiple passwords, but what if someone else gets a hold of that single username and password?
“Not surprisingly, multi-factor authentication – which requires two or more factors to verify legitimacy of the user – has taken off and evolved pretty substantially in the past decade and we’re now seeing authentication methods becoming as personalised and specific to the individual as the experiences they’re trying to access.”