The Need for OmniChannel Voice Authentication: Has the Penny Dropped?

A recent press release emanating from the RSA Conference 2022 was intriguing for what it appeared to be announcing. Described as new advanced features for voice biometric authentication, it highlighted the different approaches to Identity Assurance, fraud prevention, and the technological capabilities different vendors apply to solve these challenges.

Because the solution in question is contact center-focused, the first question to ask is, “what about the other channels on which fraud is perpetrated?”. 

Cross-channel fraud has been with us for several years, and fraud attacks always focus on the weakest channel. Organizations today must provide consistent omnichannel capabilities for their customers to interact with. Consequently, they must apply the same (high) levels of security whether engaging through the contact center, a web service, or a mobile. 

Another point of difference is what happens when a definite mismatch occurs. 

If a voice biometric authentication is a definitive detection of an imposter, i.e., a True Negative (as distinct to insufficient audio or a non-deterministic result, both requiring retries), then it has done what it was intended to do; block a fraudulent authentication attempt. 

By not relying on the efficacy of the result and instead invoking a more vulnerable form of authentication that cannot provide Identity Assurance, there will invariably be a greater risk of data breaches. This is counterintuitive to the reason biometric authentication is used!

The press release also highlighted a strategy that might be deployed in a single channel, i.e., contact center, with no mention of an omnichannel environment.

ValidSoft does not suffer from such limitations and has been recognized by Opus Research in their 2022 Voice Authentication analyst report as the most interoperable and configurable voice authentication solution in the market, entirely decoupled from any specific single engagement channel, while offering pre-built integrations for all major contact center and enterprise multi-factor authentication platforms.

Auth0, a leading authentication and authorization platform, claims that nearly 50% of all the logon requests their platform receives are fraudulent (credential stuffing attacks: the automated process of using stolen username/password combinations to try and breach multiple organizations’ websites). This, of course, is separate again from the plethora of other attack vectors used against digital channels that are reliant on password-based authentication or even certain 2-factor solutions such as OTPs delivered over unsecured SMS protocol.

Providing a complete voice-based customer Identity Assurance solution to an omnichannel organization requires an omnichannel voice biometric solution, not just a contact center solution. 

Clearly, one of the strengths of voice biometrics is its ability to use a single customer enrollment on all other channels, contact center included. This provides a seamless, consistent, and highly secure Identity Assurance workflow across all engagement channels.

The key takeaway is the difference in philosophy in how voice biometric authentication and identification should be used. 

While the RSA2022 announcement (from a well-known vendor in this space) focused on investigative solutions and fraud case management, ValidSoft takes a totally different view and is focused on preventative solutions. 

This difference may well be based on the confidence in the voice authentication engines’ performance and accuracy, i.e., the ability to stop fraudsters cold, while not blocking genuine customers. A solution lacking the accuracy to achieve this will have to take the investigative route (and suffer the fraud) to prevent an unacceptable level of False Negatives. 

At ValidSoft, we believe achieving the highest levels of precision and accuracy while adopting a preventative approach is possible.

ValidSoft continues to lead the field in the accuracy and performance of voice biometrics in omnichannel environments to enable the enforcement of fraud prevention before it occurs.

Has the penny dropped?

Share this post?