In South Korea, the more than 26m customers of BC Card can use the financial service company’s mobile payments app to verify transactions by simply speaking into a phone. Catering to consumers fed up with lengthy authentication processes, such as PIN codes and passwords, companies are turning to voice recognition to speed up the safe transfer of money.
Powervoice, a South Korean company, has been researching voice recognition for 14 years and says that its technology now only identifies the wrong person once in 10,000 times. Its services are now used by BC for its mobile payment services. Transactions of Won300,000 (about $270) or less require one biometric verification — fingerprint, iris or voice confirmation. For larger amounts, people must also use a PIN code.
But Hee-suk Jeong, chief executive of Powervoice, thinks voice recognition could be the best option for securing mobile payments, as well as making wearable devices and the so-called internet of things — the connection of previously unlinked items over the internet — safer. It is hard to enter a password when using connected glasses or travelling in a connected car, but easy to talk to them.
Mr Jeong says the company’s speaker verification technology adapts to an individual’s vocal changes. “For example, if they catch a cold, it has advanced capabilities to distinguish between very subtle differences — even the voices of identical twins — and can differentiate between a recorded and an actual voice.”
Around the world, the financial industry is exploring voice technology as a means to access accounts. Vijay Balasubramaniyan, chief executive of US-based Pindrop Security, says many banks have been working on mobile voice recognition apps and some have rolled them out to selected customers.
Pindrop was a pioneer in voice recognition in call centres, monitoring 360m calls to banks, insurers and retailers each year. It is now developing technology to work in voice-activated devices, such as Amazon’s Echo and Google Home.
Voice recognition has also long been used by law enforcement agencies to track criminals. Emilio Martinez, chief executive of Spanish voice recognition company Agnitio, says all he needs is a 10-second recording to create a criminal’s “voice print”.
While some banks ask people to repeat a particular phrase, Agnitio has had to develop its technology to identify criminals and terrorists, who are not as easy to record. “It has to be very accurate as a method of authentication: enough to put somebody in jail,” Mr Martinez says.
Like Pindrop, Agnitio has also deployed its technology in call centres, focusing on identifying repeat fraudsters. “They are usually in gangs, with no more than 10 or 20 people, repeating calls to do some kind of illegal actions. Once they’ve done that, however, they won’t be able to do it twice,” Mr Martinez says.
But there are still risks associated with voice recognition. Callers may be locked out of their account if their voice is not recognised because, for example, they call from a noisy environment. Powervoice says that it has a 96 per cent verification success rate. Additionally, if banks use a set phrase, a customer could be tricked into saying it by a criminal who is recording their voice, says Mr Balasubramaniyan.
“One solution is never 100 per cent foolproof,” he says, adding that there should be more than one level of authentication, and many layers of defence, to complete a transaction.
“Everyone comes up with a new technology and forgets what we’ve learnt in security over the years: defence in depth,” he says.