Additional key findings include:
- Voice fraud continues to serve as a major threat, with rates climbing more than 350 percent from 2014 to 2018
- The 2018 fraud rate is 1 in 685, remaining at the top of a five-year peak
- Insurance voice fraud has increased by 248 percent as fraudsters chase policies that exceed $500,000
- In 2018, 446 million records were exposed from more than 1,200 data breaches
- The industries facing the highest fraud risks include insurance (1 in 7,500 fraudulent calls), retail (1 in 325 fraudulent calls), banking (1 in 755 fraudulent calls), card issuers (1 in 740 fraudulent calls), brokerages (1 in 1,742 fraudulent calls), and credit unions (1 in 1,339 fraudulent calls)
“Cybersecurity crimes are increasing each and every day as fraudsters and the technologies they use become more sophisticated,” said Vijay Balasubramanian, CEO and cofounder of Pindrop. “As we examine the biggest threats and trends impacting the insurance, financial, and retail sectors and prepare to battle emerging technologies, we urge enterprises to assess their fraud and authentication strategies to ensure they are prepared to safeguard their customers’ assets.”
Fraud casualties will continue to rise as bad actors make fewer attempts but exploit companies for bigger losses through more sophisticated and targeted tactics, the report notes. The report details emerging fraud threats, the birth of the conversational economy, and why voice authenticated customer experience is the next revenue battleground for enterprises.
Emerging Threats in Deepfakes and Synthetic Voices
Deepfake made headlines in 2019 as fraudsters found ways to improve this technology for both entertaining and malicious purposes. The impact ranged from involuntary pornography featuring Scarlett Johansson to harmless content such as Steve Buscemi’s face swapped on to Jennifer Lawrence’s body. Deepfakes have entered the political arena, with both federal and state government officials passing legislation to combat this technology.
In the report, Pindrop highlights how synthetic voice attacks will soon become the next form of data breaches. In the near future, we will see fraudsters call into contact centers utilizing synthetic voices to test companies on whether or not they have the technology in place to detect them, particularly targeting the banking sector. The attacks are dependent on deep learning and Generative Adversarial Networks (GANs), a deep neural net architecture comprised of two neural nets, pitting one against the other, says the report. GANs can learn to mimic any distribution of data—augmenting images with animation, or video with sound. These technologies use machine learning to generate audio from scratch, analyzing waveforms from a database of human speech and re-creating them at a rate of 24,000 samples per second. The end result includes voices with subletities such as lip smacks and accents, making it easier for bad actors to commit breaches.
The Birth of the Conversational Economy
According to the report, companies are aggressively deploying voice technology while consumer adoption continues to climb as people embrace digital assistants and voice activity. In the near future, it says, phones, apps, smart devices, cars, banks, and offices will identify consumers by their voice, regardless of the platform or brand. This is referred to as the conversational economy. Businesses that successfully insert themselves in the conversational economy will yield significant rewards. "IT leaders anticipate voice technology will enable cost savings, increase customer satisfaction, and become a competitive advantage. However, fraudsters also see economic opportunity within the conversational economy. With $14 billion lost annually to fraud, companies will need to overcome challenges with voice such as securing it, allaying privacy concerns, and equipping call centers and customer service representatives with the right solutions to detect and prevent fraud," according to the report.
According to the report, the rise of the conversational economy and the demand for a more personalized customer experience means authentication must be prioritized as a key technology for companies. Traditional knowledge-based authentication questions, such as “what’s your first car make,” are no longer an effective form of authenticating customers, the report says. Major data breaches have leaked nearly everyone’s personal data, including the responses to these questions. The report recommends that enterprises implement an omnichannel authentication experience where customers authenticate once and gain access to their account across several devices, offering a truly frictionless experience.