The chances are that in the last few weeks you’ve had the displeasure of being on the phone to your bank or credit card provider.
After battling the dimwit automated service, shouting “YES” progressively louder to the point of exasperation, you’re put through to someone asking to verify your identity. You can’t remember the passphrase you made up on the spot three years ago, but are starting to feel that, presently, a safeword might be more appropriate.
You’re put on hold for five minutes with crackly music that would drive an elevator mad, then connected to the security team. They say that you need your passphrase, at which point you hang up – inhale – call back, and embark on the whole Kafkaesque ordeal again, tears dribbling down your cheeks.
No more! Thanks to Pindrop, the brainchild of chief executive Vijay Balasubramaniyan, the process can be far less tortuous – while, importantly, far more secure.
The firm makes verification software for call centres – which is more exciting than it sounds.
Balasubramaniyan says that call centre fraud is a $14bn problem worldwide, and growing.
Pindrop has recently expanded to London. The problem in the UK is worse than almost anywhere else on the planet, through a bizarre knock-on effect of its early adoption of chip and pin cards.
“One of the biggest modes of fraud for banks is counterfeiting cards,” Balasubramaniyan says. “But in the UK, once you had additional security measures like chip and pin, which uses hardcore cryptography, it became harder to counterfeit cards.
“So what happened is a lot of the fraud moved to ‘card not present channels’. And the voice channel is the easiest for these criminals.”
Where Pindrop helps is by cross analysing a staggering amount of call data, and searching for intrinsic characteristics. For example, the white noise of call from a digital (mobile) phone makes a different sound to an analogue (landline) model. One is bits and bytes, the other is mechanical. Both are different to voice over internet protocol (VOIP) such as Skype.
A phone calls from the UK will be on a different frequency to a poorer state, because we have superior infrastructure to a developing nation.
Every phone also has a distinct noise within itself, he says – certain characteristics that distinguish it from someone trying to steal your identity that can be quantified and analysed.
“When we look at a call, we’re able to say: it is supposed to be coming from X in London, but the audio is telling me it’s a Skype call being spoofed from a UK number in Nigeria. We can immediately determine that something weird is happening.”
At this point, the call center operatives receive a traffic light signal – red being a sign that it’s a fraudster. The call is not immediately hung up – instead it’s diverted to an agent more adept at handling fraud.
Meanwhile, the voice of the scammer is recorded to be used as training data, so that if the voice profile comes up again, it will be easier to identify the repeat culprit.
When the pin dropped
The idea for the product itself came following a 3am call, courtesy of Balasubramaniyan’s US-based credit card provider, while he was in India. He’d purchased a suit earlier the day before and paid for alterations, ready to pick up the next day. At 3am, the card firm called him to say there had been suspicious activity on his account, and could he verify it was him.
“I’d made a bunch of transactions, I didn’t know which one it was. I said ‘tell me the transaction’. They said ‘I need to verify who you are – tell us your social security number’. Some random call from New York is asking for my social security number at three in the morning! I was trying to find out who they were, they were trying to find out who I was – it was a stupid cat and mouse game, so I cancelled the transaction.”
Subsequently, the order for his suit was cancelled, so he never received it.
The issue with legacy systems is a reliance on pin numbers, passcodes and, most importantly, humans – which, as with any software, are always the weakest link.
In constrast, Pindrop uses some very clever data to verify who you are using your voice, your device, your location, and your behaviour – a technology trademarked as “phoneprinting.”
All very well for a business perhaps, but it makes for better service for the end consumer too.
“You need to ensure that, while you catch malicious players, you still treat good customers well. Right now, because firms are so paranoid about fraud, they keep asking harder and harder questions. You call your bank and you’re asked some absurd question you don’t know the answer to. And 30 per cent of legitimate customers get turned down because of these questions.”
By making the service more tailored to the individual calling the service, it eradicates much of the painful process we’re all used to, saving the business time, and making the customer happy.
It comes as no surprise, then, that Google Capital led a $75m investment round in Pindrop last year.
“This is the beginning,” says Balasubramaniyan. “The reason Google has invested is because we have much broader aspirations. We want to get that same enterprise grade voice security to things like the Google Home or Amazon Echo. A lot of people have now set up their Echo with their home locks and their burglar alarms – imagine someone walks in and says ‘Alexa, shut off the burglar alarm’ – is it you? It is a big problem, and one we are going to help to solve.”