Note: You are experiencing only the raw content of this site, without the intended layout and design. Either your browser has ignored the Cascading Style Sheet (CSS) files for this site, or you are using an outdated browser which does not support Web Standards. Learn more.

Home « Blogs

EDS' Next Big Thing Blog: Read and Respond to What the EDS Fellows Say About Technology

Read and respond to what the EDS Fellows have to say about the future of technology on EDS' Next Big Thing Blog on eds.com.

Biometric Payments Without Special Hardware

by Randy Mears

Most biometric systems require specialized equipment, like fingerprint scanners, hand geometry readers or specialized video cameras. These systems are fine for on-site applications like access control, computer security or workplace employee time tracking, but they have had little traction when it comes to securing Internet based transactions.

When it comes to purchasing items over the Internet, all we really need is a connected computer and a valid credit card. Security continues to be a serious problem that is typically augmented by ensuring that the purchased items are only shipped to the credit card's billing address. It's an old security measure that seems to work fairly well. Another way to improve security would be to require biometric information to be included in the transaction; enter "Voice Pay." With Voice Pay, a biometric layer would be added to an Internet purchase and the only additional hardware required, a telephone, would likely be readily available. Voice Pay wouldn’t just be useful for Internet based transactions; it would enable a whole new level of telephone-only transactions (if it catches on).

Although biometric security systems can be beneficial when implemented at the right level, I think Voice Pay may be missing that mark. As far as the security side of things goes, I have to say, I don’t get it. Unless I missed something here, it is not the consumer but the seller that is protected by this system. For the typical consumer, there seems to be significant burden with little benefit because:

  1. A credit card (even one registered on the Voice Pay system) is still subject to the same potential abuses as before it was registered
  2. It is the consumer’s responsibility to sign-up
  3. It is the consumer’s private information that is stored on yet another database
  4. Transaction complexity increases, at the consumer level, for a typical Internet purchase

The consumer is expected to do all the work but appears to receive little in return. To the developers of this technology, voice authentication may be the "way to go," but in order to protect the consumer, the seller and the credit card provider, it needs to be integrated with a credit card’s complete set of processes.

Although Voice Pay is a good example of the kinds of two-channel authentication systems some banks are moving toward, by implementing is as a removable layer it will serve primarily to secure the seller at the expense of the buyer.

Published Tuesday, June 19, 2007 1:47 PM

Subscribe to this post's comments using RSS

Comments

# Posted by Nick Ogden Wednesday, June 20, 2007 11:28 AM

Hi Randy,

Perhaps I can help with your understanding of Voice Pay, and my comments below may help  clarify the points you have raised.

Firstly Voice Pay is not an internet only payment system but a system that allows payments to be made anywhere without the consumer having to install or use any software.

Secondly if a consumer uses Voice Pay their transactions are financially secure (guaranteed), and they never have to disclose their personal information again to any merchant. A device shortly being launched on Vista allows Voice Pay payments to be made using a sidebar gadget with no data entry requirement. This mirrors the Voice Pay mobile transaction environment.  Moreover the consumer regains control of their financial activities as they "sign" all their transactions.

My third point is that if the 47+ Banks on 6 continents who are now talking to us are correct, interlinking Voice Pay to their card issuance activities makes a dramatic difference to their cardholder security and their customers well being.  Any transaction using a registered card linked to a Voice Pay account that appeared anywhere on the Visa MasterCard Amex etc global network could then be signed by the cardholder, who can set signing levels within their Voice Pay account. If this capability was deployed globally credit or bank card theft and fraud would be substantially reduced. From the B2B card perspective adding a voice signature requirement to Corporate Card user is a major advantage to the CFO managing a large distributed workforce with purchasing capabilities.

Finally given that Voice Pay technically creates a card holder present environment; there are clear financial benefits to businesses and Banks alike through reduced interchange fees and corresponding reduction in scheme risk. In Europe we are returning this saving in part as cash back to the Voice Pay consumer account holders.

In conclusion the consumer benefits substantially from increased security, mobility of payments, no technology issues whatsoever (they just need to be able to talk and use a phone) and may end up being paid for the benefits Voice Pay provides to them, the businesses that they transact with, and the Bank they may have a relationship with.

I'm more than happy to set up a Voice Pay demo if anyone wants one or answer any questions, email me nick.ogden@voice-pay.com and thank you Randy for creating this debate piece,

Kind regards

Nick Ogden

CEO

Voice Pay

# Posted by Randy Mears Wednesday, June 20, 2007 3:25 PM

Nick,

Thanks for the clarification, particularly your third point.  The key to security for all parties; customer, seller and bank, is deploying at the bank level.  The result could be two-channel authentication, with the added benefit of a voice biometric.  That would be good.

# Posted by Nick Ogden Thursday, June 21, 2007 7:21 AM

Hi Randy,

Every transaction that a Voice Pay account holder signs is processed at a minimum of two factor authentication. In many instances we can achieve three factors, and our ability to deliver three factor authentication on all signed transactions will clearly grow over time.

The immediate advantages to Banks are twofold. Cost savings against 3rd party transactional approvals, and delivery of clearly identifiable personal security to their customers. The latter is achieved by the customer signing their transactions using their own voice and not having to rely upon a third party issued PIN which could have been compromised, as evidenced by the TKMaxx incident for example. This consumer capability, and responsibility delivered by Voice Pay almost turns the payment market on its head because once my credit card is linked to a Voice Pay account at the Bank Issuer level, I’m completely responsible, as a consumer for its security and use,

Kind regards

Nick

Post a New Comment

: required  
required  
optional
required  
Please only click Submit once.

Subscribe to EDS RSS Feeds

I would like to receive the EDS Newsletter