Many digital technologies use images for security, along with consumer-specific knowledge-based authentication (KBA) such as passwords. However, sound is increasingly moving to the fore in technology news as a means of providing digital security.
One reason is that some digital fraud is committed via the sound of a voice. Call centers are frequent targets of fraudulent calls. Forbes, for example, highlighted an attempt by one caller to have fraud protection on his bank account removed for 30 days because he was traveling overseas. But the call was not because a consumer was traveling; it was because her account could be more readily accessed by the caller, who wanted illegal access.
New digital technologies, however, can pinpoint voice data to recognize when callers are the legitimate holders of accounts – and conversely when they are not. They can also recognize when callers are not geographically where they say they are or where caller ID indicates they are. This is especially useful because banks and other credit card providers often flag suspect purchases because they are made far away from where the cardholder was at the time the purchase was made.
Data about “consumer voice” is also particularly needed as a second or even third line of defense against fraud.
Call centers have long required for the provision of security information prior to engaging with the customer. That’s one reason you’re asked the answers to security questions such as the first car you purchased and your favorite food on digital accounts. However, Forbes found that from 10% to 25% of legitimate account holders actually don’t remember the answers to these questions – a fact that helps fraudulent users, who feign ignorance to either find out the information or persuade call center employees to help them change it.
In addition, roughly 60% of Americans still use the same password across multiple sites. This increases the chance of identity theft exponentially. Data on their voice can, in the words of Fast Company, begin to serve in place of both user ID and password.
Fraud in call centers is widespread. One voice security company, Pindrop, runs its own call center, which it uses partly to “fingerprint” voices. It receives 90,000 fraudulent calls every day.
Sound is growing as a way to end run digital security. PCWorldrecently reported that a personal computer’s data can be hacked by using the noise made by mechanical systems inside the hard disk drives.
Apparently, if a computer has been “air-gapped,” a term meaning that it has been cordoned off from the web, it is vulnerable to sound methodologies that break the computer’s security. The sounds made by a PC’s cooling fans can be deployed to covertly send data, including encryption codes and passwords.
Essentially, researchers recorded the sound via a smartphone and then hacked it. The method, because not widely known, is unlikely to be known by the PC user.
In order to thwart potential hackers, PCWorld recommends that PC owners with an air-gapped system invest in solid-state drives. Because this type of drive doesn’t use moving parts, it can’t emit sound.
Sound is coming to the fore as a player in digital security, as much as images and KBA.