What’s wrong with Knowledge-Based Authentication (KBA)?

For many years, online and telephone-based authentication has relied on knowledge-based systems using passwords, PINs, and question-and-answer dialogues to confirm a customer’s identity. With the explosion in the number of contact centres, this approach is close to breaking point. Nobody in the modern world can be expected to remember all of the passwords they need to securely access all their services.

Workarounds don’t work

Imposing requirements for password complexity doesn’t help. If forced to include uppercase characters, numbers, or non-alphanumeric characters in a password, almost everyone simply turns the first letter into a capital and adds a “1” or an “!” to the end. The more adventurous may also change letters to easy-to-guess numbers (so “e” becomes “3”, “i” becomes “1”, “o” becomes “0” and so on). By doing this they effectively bypass the system providers’ intentions. Their passwords are still easy to crack, and the providers’ rules have merely made them more difficult for users to remember. Many attempts have been made to thwart the scammers, with some services completely side-stepping the issue by relying on third parties: controlling access via authentication credentials provided by Google, Facebook, LinkedIn or the like. But this is not an effective solution: a scammer could easily hack into other accounts with the same or similar passwords, or even create a fake account. There are also some serious privacy issues with this approach that make it undesirable for any critical authentication scenario.

A simple solution

Headaches such as these can be easily avoided by using a voice biometric authentication system. These systems add a much-needed layer of security to authentication that’s simultaneously difficult to circumvent and easy to deploy. Versatile and powerful voice biometric systems, such as Aculab’s VoiSentry, provide an easy speaker authentication method that doesn’t rely on memorisation of complex passwords.VoiSentry is unusual in that it has extra security features such as multiple integrated spoof detection algorithms: it not only indicates when a fraudulent attack may be happening, but also provides detailed information about exactly what type of attack it’s likely to be. Multiple Presentation Attack Detection (PAD) modules discriminate between the attack methods being used, whether it’s an attempt to impersonate another person’s voice (mimicry), playback of pre-recorded samples of the target speaker, the use of advanced speech technology to create acoustic signals which resemble the target’s voice (speech synthesis / text-to-speech), or a system to convert one person’s voice to sound like that of another (voice morphing).

Enhanced security

Security can be further enhanced by using multi-factor authentication and integrated spoken digit recognition. By prompting the speaker to say randomly selected, but memorable numbers (date of birth, house number etc.) it’s possible to simultaneously authenticate the speaker with both voice biometrics and speech recognition. VoiSentry provides unmatched ease of access and security, helping contact centre operators to effectively mitigate the risks associated with fraudulent account access. It also provides a fast and frictionless solution for call centre authentication, improving both the customer and agent experience. Find out more about VoiSentry.

Written on .

Categories

Archive

The Aculab blog

News, views and industry insights from Aculab

  • The Future of Communications: React Native SDK from Aculab

    Having access to quality, and trust-worthy digital communication platforms is essential in the contemporary business world. That’s why here at Aculab, we have employed the use of React Native – integrated into the WebRTC browser interface, we provide bespoke, human-centered, voice and video communication options

    Continue reading

  • The Future of Finance: Unlocking the Power of Biometrics

    Biometric technology works by using unique biological characteristics to identify individuals. Through its use of sensors and algorithms, it can capture and analyse biometric data and compare it with stored data to confirm an individual’s identity.

    Continue reading

  • The Big Switch Off Is Happening. Are You Ready?

    What Exactly Is The Big Switch Off?

    The Big Switch Off refers to the growing phase-out of BT’s Public Switched Telephone Network (PSTN) and Integrated Services Digital Network (ISDN). Businesses and homeowners will no longer be able to acquire PSTN and ISDN connections after September 2023, followed by the old technology being completely phased out and switched off by December 2025.

    Continue reading

  • 3 Ways Cloud Voice & Messaging Save a Business Time

    When we think of business voice call technology, we often imagine traditional phone calls, placed by a person with hundreds of calls on their list. Advancements in voice technology, particularly driven by the cloud, have changed the way we approach such situations.

    Continue reading

  • 5 Reasons to Use ApplianX in Your Migration Strategy

    Gateways have an important role to play in assisting in the migration from TDM solutions to IP based networks, by connecting them together with ease. Here are five reasons why you should consider using gateways as part of your migration plan.

    Continue reading

  • Twitter
  • Linkedin
  • Facebook
  • Blog

Contact Aculab

+44 (0) 1908 273800 (UK)
+1 (781) 352 3550 (USA)

This email address is being protected from spambots. You need JavaScript enabled to view it.
This email address is being protected from spambots. You need JavaScript enabled to view it.
This email address is being protected from spambots. You need JavaScript enabled to view it.

A link to the webinar recording will be sent to your email address upon submission
Please let us know your name.

Invalid Input

Please let us know your email address.

Invalid Input

Invalid Input

Invalid Input

Invalid Input

By clicking submit, you acknowledge Aculab will store and process the personal information provided under legitimate interest. For more information about how we process your data, please see our Privacy policy