Contact centers, like any other enterprise access point, are at risk of fraudulent activity. Biometrics and other security technology can protect your business and customers from bad actors.
Companies make substantial investments in technology to optimize their contact centers and improve how they serve customers. Contact center agents have more resources than ever — tools they need to resolve customer issues quickly and effectively on the first call. Despite the investment and preparation, these investments may have inadvertently created a vulnerability because those in the illicit business of fraud also know the tools contact center agents have at their disposal.
Here’s what contact centers are up against
Contact and call centers have always presented threat vectors for fraudsters who use social engineering to gain access to personal information they can use to breach secure systems and steal identities.
On average, contact centers field more than 100 billion calls every month. Estimates are that 1 out of every 1,700 calls is an intent to commit fraud. That’s nearly 590,000 fraud attempts per day. These calls are over half a million efforts to engage in account takeover (ATO) fraud, card not present (CNP) fraud, or just good old identity theft.
It’s all made possible by contact center agents who are ready and willing to solve customer issues with a wealth of personal information at their fingertips.
Fraudsters react to security measures as they are put in place
Taking measures against fraud is nothing new to organizations. But, with new advances in security technology come innovations from criminals. When one avenue for attacked is closed, they find another. It’s an expensive game of whack-a-mole, and it is no fun at all.
The advent of “chip” cards, which are very difficult to counterfeit, lead to a stratospheric rise in attempts at CNP fraud. Both in Europe (where these cards were first released) and after their eventual distributing in the US, criminals quickly shifted gears when thwarted by the new security measure.
But fraudsters are always looking for the next big score. Many have moved on from mere credit card fraud to gathering stolen personal data and credentials and attempting to take over legitimate accounts. Using untraceable Voice Over Internet Protocol (VoIP) telephone lines, criminals use the stolen information to trick contact center agents into transferring control of the victim’s account, successfully executing an account takeover.
Contact center authentication practices are no longer up to the job
It has become clear that a standard question-based authentication process using personal information is inadequate in deterring today’s bad actors. There’s too much personal information publicly available through social media and online public records — for example, property records that used to take a visit to city hall to obtain.
It’s become way too easy to impersonate a legitimate user who “forgot their secret answer,” and, many times, contact server agents are just too eager to assist and, in the process, aid in the commission of a crime.
A new form of identification is needed, one that can’t be stolen or falsified.
AI and biometrics to shut the door
Customers don’t want to deal with ever-more intense questioning when calling to address a service issue. The third degree leaves a bad taste in their mouths and is no fun for the agents charged with giving it. However, the fact is that companies need to know that they are speaking with the actual person whose information is on the agent’s display.
The new first line of defense is employing the growing power of AI and machine learning is to analyze contact center interactions in real-time to identify and flag patterns of fraudulent behavior. Giving agents notification that they may be dealing with a caller attempting to commit fraud, and offering alternatives to address the situation, provides the resources to help them avoid becoming unwitting accomplices for the criminal on the other end of the call.
Voice biometrics technology, which can identify a person through their unique voiceprint, is an even more powerful tool. These systems can authenticate a caller as they speak in the ordinary course of a call. By freeing the call center agent from the burden of authentication, voice print identification removes friction from the customer service process while ensuring the caller is who they say they are in an innocuous, non-invasive way.
Voiceprints can identify a customer across any channel — in-store, online, anywhere. As a bonus, voiceprints can also identify known perpetrators flagged from previous attempts at fraud and stop then in their tracks.
Let CloudHesive help you secure your contact center threat vector
Security in any environment is a moving target. As security measures are modified, bad actors change their methods to exploit newfound areas of vulnerability. But working with a partner like CloudHesive can help you stay several steps ahead, with security technology that takes advantage of the newest thinking and the latest technologies. Learn more by getting in touch with CloudHesive at 800-860-2040 or through our online contact form.