How ‘Voice Cloning’ Will Disrupt Customer Verification

Fraudsters can now clone a customer's -- or colleague's -- voice based on as little as three seconds of audio, according to Sterling Bank . Voice generation is just one of several proliferating AI-powered threats to banks' existing client verification protocols. Banks need to harden their defenses now. The good news? The right tools exist and may be less complex and expensive to implement than you think.

Everyone knows that artificial intelligence (AI) is transforming our world at an unprecedented pace, and the financial industry is feeling its impact in profound ways. While we marvel at AI’s remarkable potential to streamline processes and enhance customer experiences, we’re also grappling with its darker side. There is a looming threat from voice generated AI that will impact every financial institution. Voice generated AI is now shockingly sophisticated and closer to widespread reality than we think. It’s time to modernize our client verification tools.

The stark reality is that many financial institutions, especially community financials, are ill-equipped to address this new wave of AI-powered threats. They’re relying on outdated verification methods, like easily guessable personal questions or knowledge-based authentication, that are no match for today’s tech-savvy fraudsters. This information is often readily available online, gleaned through social engineering and social media accounts, or even known to family members, rendering these techniques alarmingly ineffective.

AI Voice Generation Is Closer to Reality Than You Think

The rapid advancements in AI-driven voice generation are sending shockwaves through the financial services industry. Ethan Mollick, a noted AI speaker, professor at University of Pennsylvania studying innovation and AI, and New York Times best seller with his book Co-Intelligence focusing on practical AI, has been testing and showcasing early capabilities of upcoming AI developments. The results are both astonishing and alarming. Every professional in financial services should listen to these demonstrations firsthand and grasp the gravity of the situation.

Through early access to future ChatGPT tools, on his blog One Useful Thing he demonstrates how powerful AI voice generation already is. Mollick’s examples highlight three key points that should keep everyone up at night:

1. Emotional mimicry: AI can convincingly replicate human emotions and seamlessly transition between them. This ability to feign empathy, excitement, or frustration adds a layer of deception that can easily fool even the most discerning listener.

2. Real-time responsiveness: The speed at which AI responds is virtually indistinguishable from a human conversation. Mollick’s demonstration shows how effortlessly he can interrupt and engage with AI, creating an illusion of natural interaction that’s incredibly difficult to detect.

3. Public accessibility: The most unsettling aspect is that this technology is beginning to be deployed publicly.

The implications for financial services are profound. Imagine a fraudster using a near-perfect voice imitation to bypass security protocols, authorize transactions, or extract sensitive information. The threat is real, and Mollick’s examples show us how close we are to reckoning with this new threat.

Client Verification Needs to Improve Today

Financial institutions must urgently adapt verification methods to counter this emerging threat. The era of relying solely on voice recognition or static knowledge-based authentication, like pass codes or challenge questions, is over. We need to embrace dynamic, multi-layered verification that leverages modern tools such as one time passcodes through text or email verification. These solutions are already well deployed in nearly all mobile app and online account. Yet banks and credit unions, who are held to the highest standards for security, have been lagging in adoption.

The urgency for change is clear, but implementing modern verification solutions is not without its challenges. Seth Ollila, founder and partner of Novotta, has been working with clients on this issue. He points out a crucial obstacle: “Many community financials don’t have the technical resources or experience to deploy this type of solution and are unaware of how easy it can be.” He identifies the following perceived roadblocks he sees holding back progress:

1. Cost and complexity: While modern verification tools can save money by reducing fraud, the perceived upfront deployment cost and perceived complexity can be daunting for smaller institutions with limited budgets and IT staff. Finding a solution that’s “right sized” for their needs is essential.

The reality is these tools are relatively simple to implement and deploy.

2. Established processes: Many financials are hesitant to abandon familiar processes, especially those deeply integrated over years or decades, such as passcodes or phrases. Clients have come to expect this type of security measure. The fear of disrupting established workflows and potentially losing valuable historical data is a significant barrier to change.

The reality is that modern software can easily pull data from your core, allowing financial institutions to use pre-existing passcode or phrase information while transitioning and deploying modern one time passcodes.

3. Data security: Entrusting sensitive client data to a third-party solution raises legitimate concerns about maintaining control and ensuring the highest level of security. Institutions are understandably hesitant to move data outside their own network, where they perceive it to be more vulnerable.

The reality is that in these solutions, the data can remain on the financial institution’s network and no personally identifiable information is transmitted through these solutions.

These concerns are valid, but they shouldn’t prevent progress. Affordable and scalable solutions are increasingly offered by providers, providing flexible, cloud-based options that cater to the needs and budgets of any sized bank or credit union. Plus, modern tools can often be seamlessly integrated with existing core systems, minimizing disruption and preserving valuable historical data. Reputable providers also prioritize robust security measures, employing encryption, multi-factor authentication, and other safeguards to protect sensitive information. The message is clear — modernizing client verification is not only possible but essential.

Ollila and his team, drawing from their deep experience in community banking, developed an approach that directly addresses the concerns holding back modernization. “It’s important for financial institutions to recognize the need to modernize client verification to protect their financial institution and customers.” Seth emphasizes. “We can build a solution that sits on their network, and because this legacy information is generally in their core through extract files, we can pull this information into a solution while maintaining everything on your network.”

These approaches leverage data already housed within the financial institution’s network while eliminating the risk of exposing sensitive information externally.

“The benefit is that financials can transition to a modern solution without giving up legacy verification approaches.” Seth explains. “We’re simply embedding the legacy verification into a more secure on network solution to help with the transition.”

Many financial institutions will find value in building a strategy that offers a bridge between the old and the new, allowing for greater security without sacrificing familiarity or disrupting established workflows. It’s a practical and reassuring approach that empowers these institutions to embrace modern verification without compromising their data or their peace of mind.

Dig deeper into AI stories:

Overcoming Cost Concerns

A common hesitation for financial institutions is the perceived cost of building and maintaining a modern verification solution. The reality is often far less daunting than anticipated.

While pricing varies between vendors, a standalone solution can be a relatively light development and implementation. This keeps upfront costs manageable. Many providers adopt a “pay as you go” pricing model for text and email verification attempts. This aligns costs with actual usage, making it an affordable option even for smaller institutions. The cost per text or email verification is typically very low, especially when compared to the potential financial and reputational damage caused by a successful fraud attempt.

To gain a clearer picture of potential costs, financial institutions can work with their chosen partner to analyze call volumes, transaction data, and in-branch activity. This provides a realistic estimate of ongoing expenses under this model.

It’s Time to Address the Upcoming Realities of AI

The key takeaway is that modern verification solutions are necessary, and easier to implement and more reasonably priced than most would think. Given the potential cost of fraud compared to the low implementation cost, moving forward is an easy decision. The looming threat of AI-powered fraud demands immediate action.

Financial institutions must be actively engaged in discussions to prepare for the upcoming threat, that is closer than many realize. Failing to initiate these conversations today could leave you scrambling to catch up when fraud inevitably strikes, impacting your reputation, client trust, and financial stability. Don’t wait for a crisis to force your hand. Many modern verification solutions are readily available, easy to deploy, and meet the stringent security requirements of the financial industry.

The time to act is now, take proactive steps to safeguard your institution and your customers from the evolving threat of AI-driven fraud. Your future success of your institution depends on it.

This article was originally published on . All content © 2024 by The Financial Brand and may not be reproduced by any means without permission.