Biometrics Brush Aside Passwords, Bring Curtain Down on ‘Security Theater’

It’s time to bring the curtain down on “security theater.” You’ve been an actor, perhaps, on that stage — and no bit player, either.

Pindrop CEO Vijay Balasubramaniyan told PYMNTS’ Karen Webster that no matter the channel — digital, yes, but especially on the phone — we crave consistency in the experience, with a seamless balance between convenience and security.

Consider the fact that 182 million U.S. adults hold accounts with financial institutions (FIs) and 89% are accessing these accounts digitally, sometimes several times a day. The more accounts we have, the more login credentials we have.

To get a sense of how inefficient it all can be, phone calls are still the primary contact method for consumers trying to reach support teams regarding their accounts, usually in times of crisis. Joint research between PYMNTS and Pindrop reveals that 55% of FI consumers use a variety of channels, including digital and traditional, to reach the companies they do business with.

See also: Study: 57% of Consumers Prefer Advanced ID Verification After Trying It

Balasubramaniyan said the best example of security theater lies with the phone call that’s made in distress, perhaps to dispute a transaction, replace a lost or stolen credit card — or, as tax season looms, a dreaded chat with the Internal Revenue Service.

This is no easy task: A consumer can be on hold for a virtual eternity before being bombarded with a slew of questions if a live person eventually does pick up.

“The brand they’re contacting has a pristine moment to show some empathy,” Balasubramaniyan said, but all too often, they don’t. The contact person ends up asking the consumer to verify maiden names, date of birth, Social Security numbers … well, name the data point.

At that point of interaction, there’s significant friction, because the individuals — 12% of them — all too often don’t know the answer to those questions.

Those security questions don’t really help, Balasubramaniyan said, because they wind up catching only 8% to 10% of overall fraud attempts. The fraudsters themselves have become adept at leveraging social media to get all the answers to the standard litany of questions.

Often, the companies themselves are also lax in their approach: As many as 12% of insurance and financial firms don’t ask individuals for verification at all.

For firms that don’t strike the right balance of empathy, convenience and security, the cost is high, both in terms of customer satisfaction and what can happen when customers aren’t satisfied (they leave, of course). Data breaches also continue to mount, and as of last year, had risen to the highest level in more than a decade and a half.

The Way It’s Been Done

Balasubramaniyan said for the longest time, consumers have been led to believe that the more inconvenient the login and authentication processes, the more secure it is.

After all, companies must have some reason for making their users jump through all those hoops, with one-time passwords and security questions making you stretch back through the ages to remember your first dog’s maiden name (or something like that).

Consumers don’t mind having some assurance that when they’re logging on that there is work being done in the background to authenticate who they are — particularly since the nature of a financial account is that it contains personal information.

The memory problem is prevalent across online and offline channels: Simply put, the more credentials, the more there is to remember. And as Balasubramaniyan told Webster, 12% of us often can’t answer. That means a significant number of consumers are turned away, frustrated, at the most urgent point of contact.

Read more: Had It With Passwords? Two-Thirds of Consumers Are Done With Antiquated Authentication

Turning the Phone Into a Digital Experience

Balasubramaniyan said the phone can be turned into a digital experience as well, tied to alternative, identification verification techniques that take their cue from online activities.

Legitimate online users, he said, have certain behavioral patterns and unique identifiers, such as their voice, that can be examined and analyzed across multiple factors by firms such as Pindrop.

Machine learning and artificial intelligence (AI) have advanced to the point that they can help substitute for those inefficient security mechanisms (we’re looking at you, passwords). The consumer demand is there, measured as a six out of 10, according to Balasubramaniyan, but the technology rollout is at a three, which leaves significant greenfield opportunities.

The impact is noteworthy: As many as 57% of consumers who have tried an alternative method as mentioned above like it and want to use it more often.

Balasubramaniyan said that Pindrop has had success with an opt-in tactic, especially with healthcare companies, which prompts the user with a query: Now that the individual has answered the requisite questions, would they be interested in authentication through voice and behavior?

The “tale rate” has been more than 60%, he said, a few years ago — and during the pandemic, it jumped 79%.

Enterprises and government agencies would do well to sit up and take notice: They’re already seeing the impact and ineffectiveness of passwords in defense against fraud, to the tune of tens of billions of dollars. There’s also operational inefficiencies, as companies have agents spending the first several minutes of every call going through security questions.

“And in this new world,” he said, “artificial intelligence and machine learning allow you to have a combination of self-service while giving a human element.”

These technologies, he said, also help consumers move seamlessly between channels. Phones’ built-in microphones and cameras can help authenticate online and carry that authentication to the phone call.

The result? Customers stop thinking in terms of channels, but in terms of solving a problem or making a purchase.

If the person and preferences are known ahead of time, he told Webster, “The companies that re-imagine these interactions will do a better job of retaining their customers — and create a magical experience.”