What you think you know about biometrics is wrong

Now that the dust is settling from the Equifax breach, it’s time to ask about smarter security. Why aren’t more companies moving to biometrics? Steven Bridgeland gives us five popular misconceptions that keep enterprises from turning to biometric authentication.
By
Concerns you might think to be true about biometrics are simply not accurate

Now that the dust is settling from the Equifax breach and 140 million Americas have all frozen their credit (you have frozen it, haven’t you? If not, go here right now. We’ll wait.), it is time to ask the question, “Why haven’t we gotten rid of PINs and passwords by now???”

At Nuance, we have been moving companies to biometric authorization for years all the while showing how biometrics are more secure, make customers more satisfied and save money for the enterprise. I am proud to say that scores of companies are rolling out Nuance biometric authentication and we have yet to have a security breach where the data is compromised.

With all that, why aren’t more companies moving to biometrics? I’ve pulled several reasons that I hear many times a week. Do any of these sound familiar?

 

It is too expensive. (Is there an ROI?)

While I completely understand this rationale, it is just that, a rationale. If you knew that by spending $10 today you would get $20 tomorrow, you would do that (even if you must borrow $10 to invest.) The return on investment (ROI) for biometric authentication is the equivalent of investing in your company and getting the returns you expect. With biometric authentication you will gain:

Yes, it costs money, yet these four benefits (and more I haven’t mentioned) return that investment back on average in 14 months. After that it is all pure profit (or actually, less cost and happier customers –  which profits everyone).

 

I’ve heard it is not secure. Wasn’t there a biometric hack, and now criminals have access to fingerprints?

I heard about the Office of Personnel Management hack in 2015 from my brother, who was a victim. In that hack, actual images of fingerprints were stolen, and the scare is that using these images, criminals would be able to create “fake fingers” that could log into secure government sites. Scary proposition, but the problem wasn’t just lax security but also poor security design. Under no circumstances should actual images (in the case of fingerprint or facial recognition) or audio files (in the case of voice biometrics) be stored in a database, much less stored near personal, identifiable information.

When we implement a biometric authentication solution from Nuance, all biometric information is converted into a mathematical algorithm which the server stores in an encrypted voiceprint. When authentication is needed, that voiceprint on file is compared to a voiceprint made in real-time from the speaker’s voice. The beauty of the system is that a hacker can never recreate the voice of the person from their voiceprint (unlike the fingerprint image example above.) Even if they hacked the system, they couldn’t use what they stole!

 

But can’t hackers just record my voice?

Well they could, but they couldn’t use that recording to impersonate you. At Nuance, we have many sophisticated algorithms that can tell with high accuracy if the voice on the other end of the phone is you or not. For example, we can tell if it is a recording or not. We can also identify professional voice imitators and even detect state of the art synthetic voice. We take protecting our users from fraudsters very seriously.

 

Companies must rely on customers enrolling, and that is doomed to failure

One of the objections I have heard recently (due in no small part to competitive FUD) is that customers won’t enroll in the voice system, so any investment is not going to show benefit. This rumor has been around for years, and there is some truth in it. (gasp) When a company implements their security in a way that impedes the customer’s endeavors or is just a pain to use, customers bail out. Fortunately, we have been in the business for years and are very good at designing and planning for a successful rollout. Using some training and best practices, most businesses will see quick uptake that will prove ROI in as little as 14 months. See a past blog post here for a few more things that might prevent a successful rollout. In addition, Opus Research wrote a nice whitepaper about many different issues to address in a rollout.

 

Now is not the right time for my company

Only you can tell when your company is ready to move. According to Opus Research, biometric authentication has passed the early adopter stage, and they see dramatic growth fueled by large-scale implementations; the years of trials are over. One caveat is that the best time to have moved was before a public security breach.

Contact Nuance now and let us show you how a multi-modal biometric solution can improve your customer satisfaction and improve your security all the while saving you money.

Let’s work together
Engage us

Discover why brands are ditching passwords and PINs

Multi-modal biometric authentication is becoming the go-to security option for enterprises who want to offer the most convenient and secure customer authentication.

Learn more

Tags: , , , ,

Let’s work together
Engage us
Steven Bridgeland

About Steven Bridgeland

Steven Bridgeland joined Nuance in 2016 as senior solutions marketing manager for all things Voice Biometrics. Before joining Nuance, Steven worked in various product management and marketing positions at Microsoft, Sesame Communications and others. Steven Has an MBA from Yale School of Management and is a loyal Spartan from Michigan State University.