RSA has added an extra biometric layer to the security of phone banking systems, as they come under increasing attack by fraudsters.
The RSA Adaptive Authentication for Phone product is designed to meet the financial industry's need for strong, automated and convenient caller authentication for telephone banking, and aims to meet regulatory industry guidance on better securing customers’ phone transactions.
“As we are strengthening security for the web channel, phone banking is effectively becoming the next big target. Current phone authentication techniques are typically conducted semi-manually. They are susceptible to social engineering and are not secure enough,” said Christopher Young, vice-president and general manager of consumer solutions at RSA, the security division of EMC.
RSA Adaptive Authentication for Phone uses the core technology already seen in RSA Adaptive Authentication for Web, which is currently used by more than 35 of the top 100 US financial institutions and some of the largest banks in Europe, said RSA.
The new product also incorporates RSA's voice biometric solution, based on the previously-acquired Vocent technology, and is integrated with the “voiceprint engine” from Nuance.
RSA said the new system would be deployed by several banks for customer-facing phone systems during the first quarter of next year.
RSA Adaptive Authentication for Phone is built to analyse various phone channel-specific risk parameters, from the phone number being used by the caller to a biometric voiceprint and user behaviour profiles.
The system is designed to then generate a comprehensive risk and authentication score for every call received and every high-risk transaction conducted.
Low-risk transactions proceed uninterrupted while transactions with a high risk score are verified with an additional layer of security, such as secret questions.