Several vendors are recasting security applications in ways that they say will give their ideas more appeal to bankers that passed on them in the past.
The security technology market received a big boost from a Federal Financial Institutions Examination Council mandate requiring financial companies to implement stronger authentication measures for online transactions by the start of last year. During the run-up to that deadline, bankers evaluated numerous methods of safeguarding deposits, including biometrics and one-time password tokens, but most institutions chose to implement less costly measures that operated behind the scenes.
Vendors have continued to work on some of their ideas, and now they say their efforts to tweak the way some are delivered or to offer them to slightly different markets — not to mention fraudsters' ongoing efforts to beat tools widely used today — will earn them a second look from bankers.
Vasco Data Security International Inc. says it hopes the emergence of mobile banking will make its password-generating software more appealing. The software typically runs now on keychain tokens, but Vasco is talking to mobile banking vendors about incorporating it into their software.
"We haven't really had an alternative to offer" in the past, said Adam Dolby, Vasco's director of strategic alliances. "It's either 'Here's this plastic thing you can throw on your keychain' or no."
Putting the Oakbrook Terrace, Ill., company's software on a phone is "a logical extension of mobile banking," he said.
The success of this pairing in the United States will be "contingent upon how widely adopted mobile is in general" for banking, Mr. Dolby said.
There has been more interest to date from banks outside the United States in linking mobile phones and password tokens, he said, but some U.S. banks have deployed the system with a handful of executives who did not want to carry around a keychain fob.
Another technology being cast in a new way is voice recognition.
Long been pitched as an authentication tool for call centers, the the application has faced concerns about privacy and accuracy, according to Tony Rajakumar, the founder and chief executive of the startup Victrio Inc.
"I was always thinking about why voiceprinting never took off, and the problem was there was no real business case," he said. Recasting it as a fraud detection tool "would have a lot more impact" in helping banks cut fraud losses.
The key difference with the Mountain View, Calif., company's technology is that suspected fraudsters — not all customers — are the ones whose voiceprints are catalogued, he said. Call centers will send their calls through Victrio's system, which will keep recordings of calls flagged for various security concerns. Subsequent calls will be compared to the database to create a risk score, based on the likelihood that a caller's voice belongs to a known fraudster.
"What we do is we zoom in on the most likely fraudsters," he said. The fact that multiple banks can use the database is helpful, because criminals often "take an identity and milk it as much as they can" at as many companies as possible.
Victrio, which was founded in May, is in discussions with "one major credit card issuer" but has no financial services customers. It tested the technology with an e-commerce company that Mr. Rajakumar said might deploy the system next year, but he would not name either potential customer.
Since the system focuses on locking out fraudsters instead of recognizing legitimate customers, there is no need to persuade customers to enroll, he said — a step that would likely prove a hurdle for any banks considering voice biometrics to authenticate users.
Nice Systems Ltd.'s Actimize is also trying to recast voice technology to help banks cut fraud losses, but the Israeli company's New York unit is using technology that was not originally intended for fraud detection.
Before buying Actimize last year, Nice developed a system for detecting emotion in voice on marketing calls. The system can alert call center employees when a customer's emotional state requires the call to be passed to someone else — a more experienced service representative, for example.
Amir Orad, an executive vice president and the chief marketing officer of Actimize, said the typical bank customer has a different emotional state than fraudsters do when interacting with the call center. By adapting the Nice technology to pick up on these deviations, Actimize can determine whether the caller's emotional state is a risk factor for fraud, he said.
The system is meant to be used with other transaction monitoring systems, he said, and it can pick up on words and phrases that are typical of fraudulent transactions but atypical for legitimate customer interactions.
Actimize has no bank customers using the emotion-detection system for fraud detection, but Nice has some that are using the marketing version; Mr. Orad said he could not name them.
The Actimize system is meant to overcome the training hurdles of call centers, which typically have high levels of stress and turnover, he said. "It's almost impossible to train" the employees "to be good detectives … [when] all we're interested in is a high-quality, short phone call."
Avivah Litan, a vice president and research director at the market research company Gartner Inc., said there is an audience for recast voice recognition technology.
"There have definitely been card issuers very seriously interested in this technology," she said. "I'm pretty bullish about voice for the future. It's really the friendliest biometric out there, and I'm also bullish about telephony for security," including Vasco's password-generating application.
The benefit of the Actimize and Victrio system is that neither informs customers that they are being screened, so it harder for fraudsters to overcome the technology, Ms. Litan said. "It's better for everyone if you're not publicly telling people you're recording their voice."
The main issue the vendors face is the budget constraints brought on by the financial crisis, she said. "Nothing's cheap. Everything has resources attached to it."
