featuring short-duration speech. A typical mobile payment deployment, for example, would use a simple text-dependent model comprising a prompted short phrase or random number.
Voice biometrics is also the strongest form of authentication available, because it addresses multiple fraud vectors with a single check. These vectors include call redirect (also known as SIM swap fraud), device takeover, and, most importantly, voice blacklist checking, the ability to compare a voiceprint in real time with a known database of fraudsters' voiceprints. In addition, voice-based transaction verification can be used to overcome sophisticated fraud vectors such as man-in-the-middle and man-in-the-browser attacks.
Location checking can also be performed in conjunction. This can range from country-level analysis down to a 50-meter radius, which is essential for mobile-present transactions at the ATM or point of sale. Likewise, device recognition, another layer of invisible authentication, can be performed in real time, providing contextual information into the voice biometrics engine or, alternatively, operating as a standalone authentication layer.
The problem of security then shifts to user enrollment and authentication, verification, validation, and transmission. The technology is available today to solve these core issues, so the ball is in the payment industry's court.
On the matter of industry cooperation, regulation, and oversight, I am delighted to report that the first annual meeting of the Digital Asset Transfer Authority (DATA) was held April 9 in Washington, DC.
The DATA annual meeting provides an opportunity for digital asset companies and related organizations to chart the year ahead in digital currency, among other areas. Sessions and workshops focus on issues pertinent to the digital asset industry, including development of best practices, standards and regulatory issues, economic development opportunities, industry leadership, and international considerations. DATA has partnered with the International Finance Corporation (IFC) and the Council on Foreign Relations (CFR) to provide in-depth examination and discussion of critical issues affecting the digital asset industry. At the meeting, some of the foremost minds in virtual currencies gathered to discuss many of the issues I mentioned earlier.
I'm looking forward to reporting on the practical developments this unique opportunity will generate and to sharing such plans with InformationWeek readers in the weeks and months ahead.
As enterprises work on mobile commerce and mobility in general, remember this: Convenience without security is like swimming naked. And as Warren Buffet once said, "It's only when the tide goes out that you find out who is swimming naked." It is possible to combine the highest levels of security with the ultimate in user convenience and do it in a way that is, for the most part, invisible.
What do Uber, Bank of America, and Walgreens have to do with your mobile app strategy? Find out in the new Maximizing Mobility issue of InformationWeek Tech Digest.