Intrigued by an article I saw of Bill Gates’s reading list from a few years ago, I picked up a hard copy of Moonwalking with Einstein by Joshua Foer. The book is about memory and how the ancients created a memory palace with vidid images (hence Einstein moonwalking in modern times) in their mind as a way to remember information and where humanity is with memory in modern times. Joshua tells a great story and I believe everyone will take away something useful. One provocative thought he raises is that perhaps we are getting even worse at memory because we no longer bother with any sort of memory training.
This concept stirred a thought in me about our RandomPIN™ interaction that normally requires a person to speak back five digits. We strongly recommend five digits because we have found five digits to be the best trade-off between enough speech and how much a person can retain. For applications that combine a screen with the audio capture, such as online education with the user looking at a web browser, the person simply reads from the screen while speaking into a phone. With a screen present, you could easily use 10 digits without risking forgetfulness. Five is a non-issue.
However, there are some applications that must rely solely on voice prompts such as “please speak three five eight two four.” That in turn means the person must listen and repeat those digits. Contact center applications tend to be this way. And what we find is that a segment of the population simply cannot correctly remember five digits, especially if they feel under pressure, resulting in more retries and frustration. They speak the correct digits out of order or lose track of one or more. If this is a suspected problem with your user base, one way to handle this issue is drop from five digits to four digits. However, this impacts robustness of the verification and may result in more impostors getting through. So what do you do if you want to keep your accuracy high due to financial risk while not requiring five digits?
Our recommendation is simple: Implement two four-digit verifications. Four digits are comfortable for people’s brains. Plus, they take little time. The inconvenience of two four-digit verifications is slight compared to a single utterance and in fact may be better because the pressure on the brain to remember is lower.
One of the best use case examples for this approach is a pensioner who calls in quarterly for proof-of-life. Someone using voice bio regularly becomes used to five digits, essentially like memory training. But a pensioner calling in only occasionally will not be skilled. Capturing two four-digit strings becomes a means to improve security for a financially important transaction while also reducing risk of a user experience problem.