2 andrew barnett risk (4 3)
TRANSCRIPT
New Frauds & New
Technologies -Voice Biometrics & Corporate Online Banking
October 2015
Contents
• Driving force for implementation
• What is it?
• Implementation journey
• The thresholds
Voice Biometrics
Corporate Online Banking
• History
• Fraud attack vectors
• Our Response
• Future Implementations - Prevent v Detect
Why Implement Voice Biometrics
Voice of the Client – 2010 Survey
“Maybe they could ask me my name next
time”
“Impossible to get through your phone
security”
“Substantially reduce redundant security
checks it’s liudicrous”“stop the tortuous verification Q&A”
“if Barclays calls me to offer advice please
go ahead and do so without going
through the security rig marole”
“Long period taken for security verification
costing me international call charges”
Business Case -
• Improve Client Advocacy & Satisfaction
• A colleague journey that will provide our people to personalise every call and help Improve our Employee Engagement scores
• Reduce the Average Call Time
• Improve our risk profile
Fraud Risk not a major driver
Voice Biometrics - A Quick Guide
InconclusivePassVerifyEnrolConsent
What is it?
• A ‘template’ that uses the unique characteristics of a voice print
(more unique than a fingerprint) that is language and accent
independent and excludes all background noise.
How does it work?
• Once a client proves their identity, they are enrolled on to the
service and a voice print is stored against a unique ID.
• Each time they call thereafter, the live client audio is matched
against the stored print, and a result is presented to the Advisor;
PASS or INCONCLUSIVE
The Process
Eligible
Implementation Approach across our Businesses
Build & TestFriends and
Family
Service Centres International
(50% of client base)
Service CentresInternational
(remaining client base)
Build & TestService Centres
Intermediaries
Service CentresWM UK (20% of
client base)
I&I (RMD & RMS) Glasgow &
IoM
Client Relations
I & I
Service Centres
(WM UK & PCS)
Client Relations (WM
UK)
I&I (RMS London)
Wealth Asia(design)
2012
2013
2014
Build & TestOther businesses
Corporate Banking Servicing
Personal Banking (SkyBranch)2015
0.00%
10.00%
20.00%
30.00%
40.00%
50.00%
60.00%
70.00%
80.00%
90.00%
100.00%
-72
-67
-62
-57
-52
-47
-42
-37
-32
-27
-22
-17
-12 -7 -2 3 8
13
18
23
28
33
38
43
48
53
58
63
68
73
78
83
88
93
98
Cumulative % of Clients’ Scores (period of 1 week)
Scoring for the voice biometrics system ranges from -100 to 100
Barclays Voice Biometrics Evaluation
ModelFirst Pass
False Accept Rate 6.23%
False Reject Rate 4.97%
Equal Error Rate 5.56%
Calibration Audio Files 460
Voice Biometric Scores Thresholds
0
10
20
30
40
50
60
70
80
-72-68-64-60-56-52-48-44-40-36-32-28-24-20-16-12 -8 -4 0 4 8 12 16 20 24 28 32 36 40 44 48 52 56 60 64 68 72 76 80 84 88 92 96
Vo
lum
e o
f C
lien
ts a
t each
sco
re
Scores received for clients over the period of a week
Selecting The Threshold
Voice Biometrics
Any Questions
Corporate Online Banking
The 2 factor, smartcard authentication device had
served us well for over 8 years, however during H2
2012 and H1 2013 the threat was seen as increasing
with larger number of Corporate clients infected with
banking malware.
First Fraud October 2013!
Corporate Online Cases
Total Cases to date 125
Successful Cases 64
First Attack Vector – Man in the Machine 1 – October 2013
Fraudster Client EnvironmentBanks’
Environments
Systems
Client
machin
e Idle
Smartcard
left in reader
Internet
Payments Out
Second Attack Vector – Man in the Machine 2 – June 2014
What was our response?
Communicate / Communicate / Communicate
Improve our front line security
Whilst continuing on our journey to implement our layered security
approach for detection.
Now / Future Implementations – Prevent v
Detect1. Prevent – Biometric Finger
Vein Readers for
authentication
3. Detect – Biometric user
profiles
2. Detect – Real Time
Payment Profiling
BioCatch - The Videos
Fraudsters
Session
User’s
Session
Cool or Creepy??