Applications expand for biometrics

Perhaps one of the most maligned security products among end-users through the years has been biometrics. Whether it was a reader that used a person’s iris, fingerprint or some other type of biological identifier, people have complained that the technology was unreliable and too expensive for most applications. However, like with all new technologies, there were growing pains that have, by and large, been addressed by most vendors.

And while many people are familiar with biometric solutions for access control, there may be a new segment of the market poised for a breakthrough. Just this week, NICE Systems, which is known predominantly in the industry for its video management and physical security information management software, announced that it is launching the Contact Center Fraud Prevention Solution, which uses a voice biometrics engine capable of producing a voice print of callers.  

Perhaps stymied by improved IT security measures, an increasing number of identity thieves have turned to using a variety of tactics that take advantage of the human element of a call center. In fact, there have been several prominent victims of this type of fraud including Microsoft co-founder Paul Allen. In that case, a 30-year-old Pittsburgh man reportedly impersonated Allen on the phone and tricked a bank employee into sending him a debit card in Allen’s name.

"They perceive the call center to be the weakest link and what they are doing is going in and using social engineering, as well as others kinds of technologies that fabricate and hide the actual phone numbers they’re calling from," said Ori Bach, director of solution management  for fraud and compliance solutions at NICE Systems. "They commit fraud and basically, they get the agents to disclose information or perform a transaction. It’s either fraud that’s wholly contained within the contact center or sometimes it’s a more sophisticated type of attack that may start in the contact center, but then using a piece of information or credential gained in the contact center, moves to another channel, such as the online channel."

According to Bach, NICE’s new solution can identify fraudulent callers by looking at three factors; who, what and where.

"The who is voice biometrics by creating a voice print of the fraudsters. We manage a fraud watch database of criminal organizations that do repeat attacks and you can prevent them from doing that once you’ve identified them," he explained. "The what is really about what is being said. As I mentioned, the fraudster is going into the contact center to perform a specific action or invoke some type of response from the agent and he’s also doing it in a way that’s scripted. He’s going to play on the agent’s emotions, either through a positive approach and appeal to his better side by telling them 'you know, I really don’t remember the answer' or 'I’m stuck here, you’ve really got to help me out.' Some  of them use  a negative approach and actually try to bully the agent by threatening to complain in order to get what they want. The where is the pattern of the call and using analytics that look at the call pattern."

Bach said when a contact center using this solution receives a call that may be potentially fraudulent, the agent will receive a directive that  tells  them to transfer the call to the security department or the solution can also generate alerts that have people take a certain action, such as calling a customer or stopping a shipment. Obviously, this new Contact Center Fraud Prevention Solution would be of great interest for banks as it would help them reduce fraudulent transactions, but Bach said it would also be applicable for e-commerce companies, healthcare organizations and big telecommunications providers.

"Current security methods are no longer effective as they were," Bach said. "First of all, you’ve got knowledge-based authentication. Historically, it was true that only people had some private information that only they knew and therefore you could use that to authenticate them, but that’s no longer true, not because of what businesses did but because society changed. We’ve got LinkedIn and Facebook and other types of social media, as well as databases that have been breached that criminals have access to."

We’ve come a long way from the days of biometrics being viewed as a technology used by futuristic, Orwellian societies in movies to something that’s tangible and helping stop data thieves in their tracks in the present. If this new solution is any indication, the uses for biometrics are expanding and the technology is becoming a more viable option for security.