Beware of bargain voice biometrics

Beware of bargain voice biometrics

February 28, 2022

There is no shortage of sayings that are variations on the original Latin phrase: “Caveat Emptor!”

“Buyer beware!”

“You get what you pay for.”

“If the price is too good to be true, chances are it is.”

I’ll stop there and let you, the reader, judge for yourself as we delve into recent offerings of voice-based authentication offered by many of the leading providers of Contact Center as a Solution (CCaaS) providers. At the click-of-a-button an enterprise customer can start a year-long free trial of voice authentication resources. After gaining the consent of an individual, they can listen in on conversations with live agents or speech-enabled IVRs to create a digital voiceprint that encapsulates unique attributes of how a person speaks (pitch, tone, cadence).

Why stop at caller authentication? According to the literature, cloud-based Machine Learning (ML) supports Speaker Identification. Specifically, the service can compare the voice characteristics of an incoming caller against the stored voiceprints of known imposters and assign a “risk score” to a call based on the likelihood that an individual is the person he or she claims to be.

After the free trial, cloud service providers offer these services on a per-transaction basis, often for pennies apiece. What’s not to like?

Not All Solutions Tackle the Hard Problems

Let’s start with the first order problem of customer enrollment. Over the years, the core technology for generating voiceprints has become faster and less cumbersome. Callers are no longer required to say a predetermined phrase (like “My voice is my passport) and then repeat it two times in order to train the system. It is possible to capture sufficient spoken material to weave a voiceprint within 10 seconds (and sometimes less) of spontaneous utterances.

The challenges are no longer with the technology. They involve compliance with prevailing regulations and attention to disclosure procedures that callers’ privacy rights are respected. NICE, for instance, has offered passive enrollment, using existing call recordings to create strong voiceprints for a number of years. In so doing, it has honed a set of best practices for enrolling a customer’s voiceprint at the same time that it makes the enrollment process almost invisible.

The claims surrounding the use of Machine Learning to help identify known fraudsters is also something of a canard. It presumes that a company has already compiled a blacklist of known fraudsters. While it seems like a simple thing to build, the vast majority of companies would have to start from scratch. Thus, another false promise.

Bear in mind that the marketing literature from the budget-basement services seldom include claims of accuracy. Companies need to ask “how many times does it fail to identify an imposter (false acceptance) and how often does it fail to admit a legitimate customer (false rejection). Both outcomes create problems for companies that range from creating frustration among existing customers who are unable to carry out their business in a timely fashion, to exposing existing customers’ account information (or worse) to an imposter.

Authentication does not take place in a vacuum. When the ML-infused voice authentication system returns a low-confidence score for a specific caller, it triggers a set of processes that are potentially time consuming and unproductive for contact center agents as well as fraud investigators. The best solutions start with high-level of accuracy but add the tools, rules and workflows that optimize the efficiency of agents and the expense associated with fraud investigations.

Voice-based authentication involves many interrelated processes involving coordination between contact center agents and fraud investigators. As transactions become an accepted unit of measure, it is important to proceed with caution when pricing seems too good to be true. Beware the trappings of a false economy.

Learn more about how NICE can help with real-time customer authentication.