Financial IT Security Q&A Supplement on “Strong (Multi-factor) Authentication”

VoiceVerified addresses five key questions pertaining to FFIEC compliance in this special Q&A style supplement.

How can an institution implement Strong Authentication without having a negative impact on the customer’s online “experience”? Give your customers choices. They don’t want to be forced into a specific technology; they want to choose something that meets their needs. Given that choice, the vast majority of customers will select voice as their credential. It’s natural to them. It’s highly portable, because telephones are common the world over. Best of all, with VoiceVerified there is nothing to remember, nothing to lose, and nothing to steal.

How should banks educate customers—retail and small business—about the importance of Strong Authentication to ease adoption? Be frank. The marketplace has made customers highly aware of identity theft – you need to alert them to the consequences. Most customers don’t realize that checks may bounce, and cash may be stolen from DDAs. Worse, they usually don’t know that when a Social Security number is compromised at one institution, it’s compromised anywhere else Social Security numbers are used. So all of their other accounts are vulnerable as well. But VoiceVerified doesn’t use Social Security numbers. So even if a customer’s number is compromised at another institution, accounts protected by VoiceVerified won’t be affected. In other words, you can position your bank as a safe haven, where customers don’t have to trade privacy for security. And your customers will show their appreciation with increased business.

What Strong Authentication strategy offers the best solution? The best overall solution, by far, is VoiceVerified. It’s effective, since voices are unique to each individual. Voice is easy and natural for the customer to use, from virtually anywhere in the world. Better still, VoiceVerified works through almost every communication channel. Whether you’re using a contact center, IVR or the Internet, customers need only repeat 5 random digits to be verified. It’s as simple as it sounds – and there’s nothing to remember, nothing to lose and nothing to steal.

“…with VoiceVerified there is nothing to remember, nothing to lose, and nothing to steal.”

Can banks use Strong Authentication as a way to differentiate themselves from the competition, or is this strictly a security issue? Strong Authentication is much more than a security issue; it’s a major opportunity. Consider: studies show that consumers are keenly aware of data breaches, and they’re shying away from remote transactions. But if your bank breaks from the pack and offers a simple, natural solution like voice, you’ll see advantages far beyond stronger security, including: Increased brand loyalty. Customers will feel that you care about protecting them.

More confidence in remote transactions. Customers will quickly adapt to voice, because it’s simple, natural and doesn’t require a Social Security number. It also secures transactions over all your channels, including IVRs and the Internet. So customers won’t worry about identity theft – and will have more confidence in your less expensive self-service channels.

Build a safe haven. Build goodwill. Stand out. Customers will look to you as a safe haven, because they’ll know their accounts are protected, even if their Social Security number is stolen at another institution. Banks that seize the voice security opportunity will build goodwill and stand out in the marketplace.

Are today’s Strong Authentication techniques designed to prevent identity theft, fraudulent transactions, or both? You can use Strong Authentication techniques for both, but remember:

• Not all can be used across all of your access channels.
• Not all are practical at the transaction level.

Moreover, there’s a virtually infinite number of points where data could be compromised – merchants, medical institutions, insurance companies and government agencies, to name a few. The best Strong Authentication system is one that can prevent unauthorized access once an identity has been compromised elsewhere. VoiceVerified can do just that, because the system doesn’t request or keep personal information. So there’s nothing to be compromised, and a stolen Social Security number won’t enable unauthorized access to protected accounts.

About VoiceVerified
VoiceVerified is a pioneer in the voice biometric industry, providing verification services using existing telephony infrastructures. VoiceVerified’s PSPTM on-demand hosted voice verification service enables call centers and merchants to secure consumer not present (CNP) and other remote transactions, improve customer experience, promote brand loyalty, and protect privacy.

CONTACT:
Michael Antonucci, VP Marketing
Michael.Antonucci@VoiceVerified.com
215-862-7815 office / 215-909-6027 cell
VoiceVerified.com