back to article Brit bank Barclays rolls out speech recognition for telephone banking

UK high street bank Barclays is introducing voice recognition for users of its telephone banking service. The roll-out of the technology is designed to provide a more secure alternative to pass-codes and the answers to secrets questions as a means to authenticate consumers accessing telephone banking services. The retail bank …

COMMENTS

This topic is closed for new posts.
  1. Shane McCarrick

    Use Welsh/ Irish or Scots Gaelic

    If you want to talk to someone- just lapse into your favourite non-English language, to confuse the system- and get transferred to a real live person.

    1. R 11

      Re: Use Welsh/ Irish or Scots Gaelic

      God help us.

      https://www.youtube.com/watch?v=sAz_UvnUeuU

    2. Frankee Llonnygog

      Re: Use Welsh/ Irish or Scots Gaelic

      It's voice authentication, not recognition. Sigh ...

  2. Anonymous Coward
    Anonymous Coward

    This voice recognition tech can't be any worse than the voice recognition of some of the foreign call centre employees.

  3. tony2heads
    FAIL

    What about Prof Hawking? Will his account get emptied?

    Voice recognition (as opposed to speech) is really hard -particularly down a crappy noisy narrowband phone line with background noises. Sometimes I struggle to recognise close relatives on the phone.

    How it would recognise one speech synthesizer from another I cannot see.

  4. Anonymous Coward 101

    With the exception of words like 'yes' and 'no', it never works. I can only think banks are laughing at us when they ask us to read a 16 digit card number to these systems.

  5. Steve Evans

    Cool...

    Now we just need to wait for voice recognition on the customer end of the line to subtitle the Indian call centre!

  6. Herby Silver badge
    FAIL

    So you recite your card number

    In a nice public place (Grand Central/Paddington) where everyone can hear the 16 digits of your account number.

    I should equip myself with a nice microphone/recorder and standby. Shopping for goodies as I go. Wonderful!

    Then they will raise my card fees to cover the added fraud that is BOUND to happen.

    I don't think so!

    Little known fact: Entering the number by keypad is much quicker and takes less compute power than voice recognition. Since it takes less time the costs of the call are less (the bank IS paying for it). So it is cheaper to use the keypad. Of course you don't get the prompts "tell me what you want to do?" that are so vague, you can never tell what it will accept.

    p.s. The answer is "Deposit $1,000,000 please."

  7. John H Woods

    Bad news ...

    ... for friends of Alistair McGowan

  8. JeevesMkII

    Thsi just seems bizarre to me

    I mean, barclays hand out time-based password machines to all their customers. Why not just ask telephone banking customers for that, rather than buying an expensive new system that'll probably be about as secure as a glass bank vault.

  9. JohnG Silver badge

    I had to use one of these voice recognition systems when i lived in Germany. I soon found out that my German language skills were inadequate and spent ages trying to get the system to understand a few simple words.

  10. JaitcH
    WTF?

    Try voice recognition over VOIP or Skyphone links

    An organisation I deal with tried something similar. Doesn't work too well when phase distortion is introduced when using VOIP or satellite telephones.

    Mind you, it's way more convenient than the HSBC concept of giving everyone a mini-password generator - which sometimes catch fire or they have premature battery failures. HSBC might think they are secure, as might their customers, but then almost every country, including the UK, use AT&T longlines and other global cable services and do their data handling in the USA.

    This means that the GFCHQ and NSA can tap the cables, and anyone in the US government can access the data using the warrantless provisions of the US PATRIOT ACT.

    Of course, this defeats the whole purpose of security.

    1. Anonymous Coward
      Anonymous Coward

      Re: Try voice recognition over VOIP or Skyphone links

      First thing I'd recommend is the organisation sack who ever can't implement VoIP properly. A proper system is BETTER than POTS.

      Unless you are talking about a connection over a PoS link, when it shouldn't be used.

  11. hplasm Silver badge
    Meh

    Which system will Barclays run this on?

    The Win2k or NT4Server farm?

    1. fixit_f

      Re: Which system will Barclays run this on?

      It's true, Barclays are well known in the financial IT sector for being about the worst, even in a very conservative "if it works don't fix it" area of the industry. They have many legacy systems based around 1970's mainframe technologies, and their project failure rate is very high when it comes to upgrading them. I know many people on their contractor gravy train there who haven't got anything worthwhile achieved for years. So hopefully they've outsourced this particular implementation to somebody with any clue what they're doing as internally they're pretty third rate....

  12. paulf Silver badge
    Holmes

    I fear for this - YBS uses this kind of crap too

    I fear for access to my money again if the Barclays implementation is as good as the one Yorkshire Building Society use. [I accept this is voice recognition of words/text rather than the voice print but same goes].

    The YBS system has no "push the keys on your keypad" alternative and no "push ?? to speak to a person" so you're stuck hoping it will recognise your answers. After three failed attempts to recognise the first of three letters of my password ("J", did you say "G"; "J", did you say "K"; ad nauseum) it then threatened to reset all my authentication details. I hung up before it did so.

    When I finally got through to a call centre droid I went ballistic and was told they hadn't had many complaints about it. See icon - I bet people couldn't get through to complain.

    Halifax use this kind of system also but it is a "Say the answer or use your keypad" so at least it is optional - for now.

    My diction is reasonable, and I didn't have a cold or a strong accent and still it failed. $DIETY help people who have a speech impediment.

  13. Mephistro Silver badge
    Facepalm

    Sigh...

    My take on this is that with all the loss of information due to sound codecs, noisy environments, different phone models and such, the voice recognition can't be too picky. This tolerance* will in turn make it relatively easy to make a program that can change any voice sample to mimic any customer's voiceprint.

    So if this tomfoolery ever catches on, miscreants will be cruising the streets and shopping malls with sound recorders**, in order to capture customers voices and -with a bit of luck- even the security codes themselves. Of course, this last part assumes that the bank asks for the security codes to be spoken aloud (suicidal), instead of being input through the keyboard and then giving the customer a random list of common words to be used in the voice biometrics part.

    The next step is using stolen/imported/whatever phones and SIM cards to, probably with the aid of a fat laptop, fool the voice recognition system.

    "4: Profit!"

    * & **: These two points have been already made by several commentards in this thread.

  14. Handle-with-care

    SPEAKER VERIFICATION, not Recognition!

    Most of the comments are confusing Voice Recognition with Speech Recognition. Speech Recognition is where the system tries to understand WHAT the speaker says, or speech-to-text as another way of understanding it.

    Voice Recognition, or more accuratley, SPEAKER VERIFICATION, is where the system identifies a caller by the biometric print of their voice. There are 2 types of Speaker Verification: Active detection and Passive detection. Active detection is when you pre-register a phrase with the system, and then repeat that same phrase when calling in so the system can verify you are who you say you are. In Passive detection, the system creates a voice biometric print by capturing your speech during an interaction with a call agent. When you subsequently call again, the system again takes your voice while you're speaking to an agent, and validates that against the stored print. It returns a probabilistic score to the agent, so they can verify you are who you say you are, without having to go through the usual "give me your name, address, postcode, mothers maiden name et al".

    Active detection is far more accurate, with some vendors getting 99.9% accuracy (0.01% false negatives/false positives). Passive detection has about 95% accuracy. The normal implementation would be a traffic light system on the agents screen - green=high probability caller is not an imposter, red=high probability caller is an imposter, and amber=agent must ask a few security questions as the score is borderline.

    So, going back to my main point, do not confuse this with speech recognition.

    1. Frankee Llonnygog

      Re: SPEAKER VERIFICATION, not Recognition!

      What he said, only SHOUTED! I expect Handle-with-care's post will be followed by yet more confused (to put it kindly) comments

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019