Cory Levine, Wall Street & Technology
RSA, the security company acquired earlier this year by mega-vendor EMC, announced yesterday its Adaptive Authentication for Phone service, which provides automated, risk-based caller authentication for telephone banking services. In addition to developing a risk score for phone-based transactions and taking appropriate authentication measures, the service features what RSA is touting as the financial services industry's first voice biometric solution suitable to meet the FFIEC standards on risk-based authentication.The voice biometric feature is based on technology from previously acquired Vocent and integrated with a voiceprint engine from Nuance. RSA claims the Vocent-Nuance technology is in production at multiple large U.S. banks, and will become part of customer-facing applications in early 2007.
"The technology behind voice biometrics is improving rapidly, but our research shows that more is required to accurately and transparently authenticate millions of consumers. With that in mind, we have combined our proven risk-based authentication capabilities with voice biometrics to deliver a high-quality, user-friendly, secure solution," said Chris Young, VP of consumer solutions at RSA, in a press release.
RSA will pair the voice identification with additional security layers, including secret questions. Marketing speak aside, it sounds like the voiceprint technology isn't quite ready to be put to use for authentication on its own, and it is not yet clear just how big a threat phone phishers pose. Voiceprint biometric technology can't really be considered a matured solution until it can function on its own to weed out the fraudsters.
Is the telephone the next big banking vulnerability that phishers are attacking? Is your institution actively looking to secure the telephone channel with voiceprint technology? Leave your thoughts on this emerging solution in the Comments section.