Stop Biometric Voice Fingerprinting

How to Stop Bank, Credit Card, and Corporate Biometric Voice Fingerprinting Banks, Credit Card Providers, and other companies and institutions are recording and analyzing your voice to create a voiceprint of your voice!

While this form of biometric authentication and indentification, knows as "digital voiceprinting" may be useful for those who don't want to remember PIN codes and passwords, if the voiceprint data is stolen or compromised, any accounts with other banks/companies w ould no longer be safe, since while you can change a PIN or account number, your voice and voiceprint remain the same for life. What controls do you have over this information once you "provide" it? How do you know what your bank or other corpor ation whom you provide the voiceprint to is doing with it? How can you stop your voiceprint biometric information from being used?

Back to Wireless Notes Main

Voiceprint Authentication and Biometric Fingerprint chart 
differentiating between only recording customer calls and utilizing 
biometric voice fingerprinting to permanently store and utilize a 
caller's voice

Have you ever called your bank, credit card company, financial institution, or other company or corporation, and heard a recorded message like:

Thank you for calling ABC Credit Card Company. This call may be recorded and your voice may be used for indentification or security purposes.

(For example, Chase Bank places a similar announcement/warning when you call their main customer service and Interactive Voice Response (IVR) number of (800) 935-9935.)

By doing so, the called bank or company is providing you, the caller, with notice that they will not only record the call (which previously was fine as it could later be used for quality control and to ensure that Customer Service Representatives (CSRs) p erform their duties with courtesy and in a tone and manner consistent with their duties), but also that they will now sample your voice and store a "voiceprint&quit; of your voice which they will maintain in their records (and possibly sell or distribute to others).

While this allows the bank or company to readily identify you and not require a PIN code or password, the use of biometric authentication, including voiceprinting, means that once you are voiceprinted, you can't take it back. While some people may not min d this, it presents problems when:

Some states, like Illinois, have enacted reasonable, consumer-oriented biometric data laws, which require companies which obtain, store, and used your biometric information to obtain written consent from you before doing so. Failure to do so can result in fines of $1000 per instance, and it is not necessary to show that you have actually lost money as a result, just that a given company has violated the Illinois biometric information/BIGP law.

Other states have also enacted or in the process of enacting similar laws; New York State is modeling a law similar to that of Illinois, where companies may be fined merely for obtaining biometric information without consent, without having to sh ow that there was some immediate monetary loss done as a result.

We encourage readers to support state and Federal efforts to curtail the use of biometric identification and to impose fine and penalty regimes similar to that of Illinois, which forces banks, credit card copanies, and other businesses to obtain permissio n to use biometric information in writing prior to use.

Moreover, until such time that there is a nationwide set of rules pertaining to biometric and voiceprint use, we often send the following letter to credit card providers, banks, and so on, to not only let them know that we don't wish to have any biometric /voiceprinting technology, but to also set up an agreement that if they do employ such methods of biometric identification, that they are agreeing to pay us for each time they do!

In effect, we are setting up a contract where they are notified by our letter that if they use/sell any biometrics in the future, they understand that it is primarily for their benefit and not ours, and as such, they agree to and we intend to have them pa y for the benefit which they receive in exchange for such use.

Would this stand up in court? Well, we're not lawyers and it never has reached that point. What the letter does do is put the executive, legal, and higher corporate offices on notice that they may have some legal exposure, and quickly gets their attention so that in more cases than not the use, retention, and distribution/sale of your biometric information will stop.

A sample letter of one which was sent to American Express is included below.

April 9th, 2021

American Express 
Office of Executive Relations
3 World Trade Financial Center
New York, NY

Re: American Express Card 3000-123456-78901

I have recently been made aware from a phone call to American Express at (800) 492-3344 via your automated telephone system greeting that my and/or
our Cardmember group's voice(s) would be recorded and/or used for "security purposes". 

It has become clear to us that banks and other similarly situated institutions have opted to implement and utilize "voiceprint" and other similar 
or related biometric technologies (at times with no notice or warning to customer/callers), often doing so without offering customers any method 
to control access to said biometrics or any means to seek redress for unauthorized use thereof. While we are unsure if the (vague) recorded 
message presented at the outset of the call indicates that American Express employs such technologies, we explicitly decline to participate in any 
such biometric analysis or identification methodologies. 

Moreover, while we have no general objection to recorded telephone calls, as said recordings may be later used with the aforementioned biometric 
methodologies, we are now forced to also decline having our voice calls recorded as well. 

While 20 years ago we would never have thought twice about having our calls recorded, and in fact favor doing so to provide an incentive to 
ensure that telephone representatives provide a consistent level of support services, as we can no longer be sure that such recordings will be 
run (at some indeterminate point in the future) through biometric voice analysis software/systems, we must decline having our calls recorded, 
regardless of whether biometric analysis is currently being employed by American Express.

As such, American Express may:

1.	Provide a telephone number which we may call which is not recorded and does not employ any biometric monitoring, or,

2.	Contact us as needed, without recording the call and without any biometric monitoring, or, 

3.	Provide a writing clearly indicating that American Express does not employ biometric voice-printing, analysis, or any other form of 
         biometric monitoring on customer telephone interactions (either when called by customers or when calling to customers), and warrants that 
         it will not do so in the future on live calls or with any recorded conversations.

4.	Communicate with us only in writing via postal mail or other non-biometric means. 

We hereby explicitly instruct American Express, its affiliates, and agents to delete and destroy any and all biometric information and/or 
recordings of myself and/or any Cardmember associated with our aforementioned account/Cardmember group, and prohibit the use, retransmission, 
dissemination or sale of said recordings and/or biometric information within American Express or any other outside entity or person.

Please note that should American Express employ any biometric voice-printing or similar technologies on future calls or recordings, such actions 
will serve to indicate an acceptance of my individual or our Cardmember group's collective offer(s) to provide my/our voice recordings and/or 
voice-prints to American Express for a fee of $1000 per call per person, and to be invoiced per calendar month when one or more such calls 
take place, with a $35 late fee per month if payment is not received within 30 days of American Express being invoiced for said call(s), and with 
the maximum interest rate applied as allowed by the State of Connecticut until such payment(s) is(are) satisfied. 

Very Truly Yours,

John Doe

Note also that they can still track you via most e-mail (that is, e-mails which support attachments and URLs, which nearly all mailers do; a plain-text mailer offers sumewhat more security but less utility and ease of use), SMS messaging, mobile phone app lications, or web access, but consent is somewhat more implied with these modalities, as compared to them calling you/you caling them and with a nebulous message commence voiceprinting you during the call. Additionally, you can get a new phone, delete app lications, use more secure browsers, or change your e-mail address or e-mail program, but you can not ever change your voice, so the use of voiceprinting is a more serious privacy concern since once given (and lost) it can never be regained.

Back to Wireless Notes Main

Copyright 2021 /