User interface language: English | Español

Date November 2017 Marks available 8 Reference code 17N.1.SL.TZ0.1
Level SL Paper 1 Time zone no time zone
Command term To what extent Question number 1 Adapted from N/A

Question

Voice biometrics technology in banking

CBR Bank is introducing voice biometrics technology that will authenticate customers when they telephone the bank. It will replace the current system, in which customers have to use passwords and/or security questions.

As part of the registration process, the customer has to say the phrase, “My voice is my password” three times. This provides a voice print that will be used to verify the customer’s identity in future telephone calls to the bank.

In addition to their voice, identify two ways how a customer can be recognized by CBR Bank’s biometrics technology.

[2]
a.i.

Identify the steps used by the voice biometrics technology to authenticate a customer calling CBR Bank.

[4]
a.ii.

CBR Bank holds a large amount of information on its customers. Some customers are concerned about the security, privacy and anonymity of their data.

For each of the concerns above, explain one policy that CBR Bank could use to address the concerns of its customers.

[6]
b.

The chief executive officer (CEO) of CBR Bank, Alice McEwan, said in a recent interview, “CBR Bank will be replacing all passwords, PINs and personal verification questions for our online banking and mobile banking with voice biometrics recognition.”

To what extent are the changes proposed by Alice beneficial for both CBR Bank’s customers and CBR Bank’s IT support?

[8]
c.

Markscheme

Answers may include:


Do not accept “eye recognition” – this is too vague. Iris or retina is required for marks.

Award [1] for identifying each form of biometric identification up to a maximum of [2].

a.i.

Answers may include:


Award [1] for identifying each of the steps used to authenticate a customer calling CBR Bank up to a maximum of [4].

a.ii.

Answers may include:

Security:

Privacy:

Anonymity:

 

N.B.: The response requires an explanation of a policy and not a discussion of the problems themselves. There must be a policy for each kind of concern: security, privacy and anonymity and reason(s).

Award [1] for identifying a policy that CBR Bank could use to address the security, privacy and anonymity concerns of its customers and [1] for a development of the policy identified up to a maximum of [2].

Mark as [2] + [2] + [2].

b.

Answers may include:

For customers:

Advantages of replacing passwords with biometric voice recognition:

Disadvantages of replacing passwords with biometric voice recognition:

 

For IT support:

Advantages of replacing passwords with biometric voice recognition:

Disadvantages of replacing passwords with biometric voice recognition:

 

In part (c) of this question it is expected there will be a balance between the terminology related to digital systems and the terminology related to social and ethical impacts.

Keywords: security, authentication, stakeholder, reliability, data, security, change, identity, power, systems, values, ethics, accountability, transparency, access, inclusion


Refer to SL/ HL paper 1, part c markbands when awarding marks. These can be found under the "Your tests" tab > supplemental materials > Digital society markbands and guidance document.

c.

Examiners report

[N/A]
a.i.
[N/A]
a.ii.
[N/A]
b.
[N/A]
c.

Syllabus sections

Topic 2: Concepts » 2.1 Change
Show 58 related questions
Topic 4: Contexts » 4.1 Cultural
Topic 3: Content » 3.1 Data
Topic 2: Concepts » 2.2 Expression
Topic 2: Concepts » 2.3 Identity
Topic 2: Concepts » 2.4 Power
Topic 3: Content » 3.4 Networks and the internet
Topic 4: Contexts » 4.6 Political
Topic 2: Concepts » 2.6 Systems
Topic 2: Concepts » 2.7 Values and ethics
Topic 2: Concepts
Topic 3: Content
Topic 4: Contexts

View options