UK high street bank Barclays is introducing voice recognition for users of its telephone banking service.
The roll-out of the technology is designed to provide a more secure alternative to pass-codes and the answers to secrets questions as a means to authenticate consumers accessing telephone banking services.
The technology works by recording a customer's voiceprint, which is recorded and used to identify them in seconds during subsequent conversations with the bank's call centre. Barclays reckons the technology has the potential to reduce fraud and increase security while making life easier for consumers.
Jason Hart, VP cloud solutions at data protection firm SafeNet, commented: "It’s not surprising that Barclays is making the move away from password-based authentication for its telephone banking. Today we have so many passwords to remember that we choose easy-to-guess passwords, use the same passwords for several accounts, or even write down passwords where they can be easily found.
"So organisations need to look for alternative ways to authenticate users and bolster security. This means not relying on basic username and password for customer authentication and adopting a holistic security strategy that offers multiple layers of protection, such as multi factor authentication and encryption," he explained.
Hart added that voice-recognition biometrics alone were not enough and need to be supplemented with other security controls.
"While biometrics can provide a convenient and alternative security mechanism, it should not be used as a single factor authentication solution. This is partly because of the fact that biometrics are not based on secrets. Your voice, your image and your fingerprint are not a secret. You leave them everywhere and they can be spoofed, with different levels of effort. So it’s important that they are used as part of a multi-factor authentication strategy," he concluded.
Chris England, director at identity management firm Okta, said Barclays' customers are likely to welcome to move away from passwords.
“We’ve reached a point where usernames and passwords alone are no longer good enough," England explained. "We’ve long had single sign-on technologies to remove the complexity of remembering multiple passwords, but what if someone else gets a hold of that single username and password?"
"Not surprisingly, multi-factor authentication – which requires two or more factors to verify legitimacy of the user – has taken off and evolved pretty substantially in the past decade and we’re now seeing authentication methods becoming as personalised and specific to the individual as the experiences they're trying to access. At Okta, we’ve already seen a lot of organisations implementing more flexible, adaptive, people-centric authentication methods and expect to see more following in Barclays’ footsteps,” he added. ®
Sponsored: Ransomware has gone nuclear