Financial Services

Two-factor authentication has become an increasingly important security consideration in the fight against identity fraud. Current single-factor authentication methods, such as challenge questions and PINs, are not sufficiently secure for many types of transactions.

According to the Federal Financial Institutions Examination Council (FFIEC), single factor authentication is "inadequate for high-risk transactions involving access to customer information or the movement of funds to other parties".

View the FFIEC report:
Authentication in an Internet Banking Environment, October 2005

The FFIEC warns that a compromised authentication process creates the following risks:

The FFIEC specifically mentions biometrics as an accepted method for authenticating customers, and lists voice biometrics as one of the types used in two-factor authentication.

The commonly accepted authentication model, cited by the FFIEC, involves three main categories of authentication factors:

Combining two of the above factors provides superior authentication to single-factor, and the above framework can be used when designing a two-factor scheme. Diaphonics provides the "something the user is" factor with voice biometrics and, optionally, the "something the user knows" factor with automated speech recognition (ASR).

With Spike Server and SpikeCore Web Service, an organization can readily deploy two-factor authentication solutions based on voice biometrics.