Blog article
See all stories »

Securing our social media identity

We now live in the age dominated by social media networking channels in which people feel compelled to tell the world intimate details of their daily lives. This inevitably leads to a tendency to over-share which can cause a whole range of issues, from burglars being able to target the houses of those on holiday, to others unwittingly sharing their telephone number, banking details and security questions online.

Within the past week the LinkedIn data breach issue has appeared in news headlines where more than 6 million encrypted passwords were posted on the web for other hackers to decipher.

The particular problem here is that a lot of information about ourselves is stored on social media sites like LinkedIn and Facebook, so unfortunately, the LinkedIn issue is unlikely to be an isolated incident, especially because it is common practice for people to use the same password for a variety of social media accounts. In reality no one is going to have several hard to remember passwords for all their accounts!

Although we may not be able to prevent criminals from stealing our data, we can stop them from using it to access our bank accounts and guessing answers to our security questions.

If anything, the LinkedIn issue has highlighted that a simple password is now a redundant, unsuitable security method. Social media sites need to start working more closely with security and fraud specialists to build an invisible layer of security so users can log onto their accounts in a more secure way, without having to take five long minutes to do so.

One way in which we can do this is by moving towards voice biometrics for authentication. A voice print, being a dynamic biometric is difficult for an imposter to replicate and therefore plays an important role in a multi-layered approach to authentication, but a voice print can also be screened in real-time against a known database of fraudsters’ voice prints.

It would be great to hear your views on this issue.

 

3664

Comments: (3)

John Fitzgerald
John Fitzgerald - AIB - Dublin 20 June, 2012, 08:47Be the first to give this comment the thumbs up 0 likes

Wouldn't want to be using voice recognition in any kind of public place. It wouldn't feel secure to me. And surely it's trivial to steal with decent recording equipment? It might not scale, like in the LinkedIn issue, but it could be directed and personal.

Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune 20 June, 2012, 16:25Be the first to give this comment the thumbs up 0 likes

Although I've been exposed to voice-based authentication for 6-7 years, I recognize that it could've become reliable enough by now to enter the mainstream. It'd be interesting to see some empirical data of VBA's true-negative and false-positive rates on the basis of live implementations or field trials.

Pat Carroll
Pat Carroll - ValidSoft - London 20 June, 2012, 17:16Be the first to give this comment the thumbs up 0 likes

@John: Thank you for sharing your views John. Voice biometrics is these days a proven security technology to provide strong authentication with very sophisticated capabilities. A very strong authentication can be achieved where voice biometrics is implemented as part of a layered security approach. There are different approaches that can incorporate Voice Biometrics such as: text dependent; text independent and conversational. You could, for example, be asked to repeat a random “one-off” PIN. This would accomplish three individual checks:

  1. Replay attack since this is a random number and useless to record (although recorded voice can be detected in other ways also, including checks for digitally generated attacks);
  2. The digits spoken must reflect the number requested;
  3. Voice biometrics authenticates the voice.

Yet all as simple and intuitive as a voice call.

Pat Carroll

Pat Carroll

Founder/Executive Chairman

ValidSoft

Member since

17 Mar 2011

Location

London

Blog posts

79

Comments

40

More from Pat

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.


See all