Posts Tagged ‘phone fraud’

Can banks prevent social engineers from lying?

Posted on: February 13th, 2013 by art

In a world where security technologies work around the clock to stop cyber threats, sometimes the most deceptive and under-appreciated bank crimes can stem from the ancient act of lying.

The opening minutes of the new film, “Identity Thief,” shows just how easy it can be to con someone into providing their private personal and financial details over the telephone. While it might seem unlikely that it could happen to you or your company, the scene illustrates how anyone answering the telephone, even a top accountant for a financial services firm, can be at risk.

We’ve spoke volumes about the various types of lies that criminals rely on to defraud banks. With most financial institutions fully invested in sophisticated hardware to detect and stop fraud over the Internet, the challenge of recognizing when someone is lying over the telephone can be a risk hard to deal with.

In the article, “Social engineering: Clear and present danger,” skilled liars are taking advantage of information shared over online social networking websites to socially engineer their way into the corporate world. One of the ways banking institutions have tried to combat social engineering is to strengthen security policies that make their employees and customers more aware of the dangers they potentially face, said Jason Hong, CTO at Wombat Security.

“The underlying strategy and rationale for social engineering attacks is to circumvent all of the security measures in place by tricking people. For this reason, it’s critical for organizations to train people to be aware of the tactics that bad guys use, so that they can identify them and know how to react in given situations.”

The problem with relying on individuals to identify a lier over the phone is through knowledge-based authentication (KBA), which are essentially challenge questions. The shortcomings of using personally identifiable information (PII) to detect criminals is that they can bypass them quit easily.

But what if you didn’t have to rely on intuition or defeatable security questions to detect when somebody is lying? Would if you could spot a social engineer before he starts to lie?

Without relying on KBA or your call center agents from having to determine whether someone is who they say they are, the TRUSTID® Physical Caller Authentication solution uses network-based forensic technology to automatically validate the caller’s phone location before bank employees pick up. By invisibly identifying whether a banking customer is real or not, financial institutions can eliminate the phone conversation a criminal depends on to socially engineering a bank.

Proactive Caller ID validation can help banks determine level of risk

Posted on: June 27th, 2012 by art

When someone applies for a bank card, whether it’s a credit, debit or ATM card, they receive the physical card in the mail. At that point, according to a 2009 Portland State University survey, more than 80% of people activate their cards by calling a toll-free (800) number.

With a large percentage of people still relying on the telephone to activate bank cards, it’s not surprising that criminals, too, would use the telephone to perpetrate any number of fraud attacks against banks.

Today, social engineering scams conducted over the telephone such as “vishing” (voice phishing), pretexting and fraudulent card activation pose serious threats to financial institutions and banking customers. These highly sophisticated, yet rather low-tech fraud techniques, are primarily aimed at obtaining private information to fraudulently gain access to legitimate bank accounts with the end goal of wiping them out without the bank knowing it.

Unless financial institutions can validate the Caller ID or ANI, telephone-based schemes that combine Caller ID spoofing with clever social engineering will continue to bypass anti-fraud tools like knowledge-based authentication (KBA) that depend on personally identifiable information (PII) to detect and stop bank fraud.

A security tool that is re-establishing the Caller ID and ANI as trusted sources for identifying fraud is the TrustID® network-based Physical Caller Authentication solution. Using TrustID’s API to transmit the Caller ID credentials before the call is answered, real-time forensics determines within seconds if the call can be trusted without relying on any type of PII or having to put customers through a cumbersome phone-based interrogation process.

By instantly identifying the physical location of the landline or mobile phone before the call is picked up, TrustID allows financial institutions to determine the level of risk of incoming bank calls to proactively stop everything from tricky social engineering scams to fraudulent bank card activation.

Is out-of-band verification counterproductive to your compliance and security efforts?

Posted on: June 27th, 2012 by art

As financial institutions scramble to implement authentication solutions to comply with the FFIEC’s Guidance, many banks and credit unions admit they are still confused about the type of tools that are needed to meet the new authentication regulations, as well as better protect their customers and private company information against the latest fraud techniques.

While banks are still figuring out what solutions to deploy to improve their ability to detect and stop fraud, BankInfoSecurity’s 2012 Faces of Fraud survey has revealed some of the top anti-fraud investments for banks and credit unions this year. They include:

 

  • Improved out-of-band verification
  • Enhanced controls over account activities
  • More internal and external audits
  • Improved vendor management practices
  • More anti-money-laundering tools
  • Enhanced dual authorization through difference access devices
  • Improved tracking of high-risk customers and members

While challenge questions have long been used by financial institutions to authenticate customers over the telephone channel, in today’s fraud landscape knowledge-based authentication (KBA) may actually cause more harm than good. In particular, out-of-band verification (mentioned above) can be counterproductive in several ways, including:

 

  • Harmful to customer goodwill: Putting banking customers through cumbersome telephone interrogations is not only frustrating to customers, it creates an unpleasant experience that can cause harm to the customers’ trust and goodwill. A quick, non-intrusive tool that authenticates customers over the telephone channel can improve the overall customer experience and help mend the profitable bank-customer relationship.
  • Increase operating expenses: Labor/employee costs is one of the most expensive areas of any large operation. Yet, banks continue to invest in KBA authentication solutions that increase average call handle times. Instead of pouring more money into solutions that lengthen call times, financial institutions should deploy authentication tools that help drive down average call handle times to save operating costs.
  • Doesn’t stop criminals: Even the most advanced challenge questions can be no match for highly sophisticated social engineering schemes. Armed with stolen personal information, criminals can convince call center agents into divulging private account information. Authentication solutions that don’t rely solely on knowledge-based information to verify customers don’t operate under the false trust that can be orchestrated by clever crooks.

The last thing banks want to do is disrupt or hinder their efforts to comply with FFIEC guidelines and safeguard all of their customer channels. But that might be exactly what they’re doing when they rely solely on KBA solutions to identify customers over the phone.

When it comes to meeting the FFIEC authentication guidelines and proactively identifying customers over the telephone channel, the TrustID® network-based Physical Caller Authentication tool uses Caller ID and ANI as trusted sources to automatically verify customers pre-answered. This eliminates annoying challenge questions that criminals prepare for to defeat KBA-only defenses, improves customer trust and the overall customer experience, and drives down average call handle times to avoid unnecessary operating costs that continue to chip away at financial institution’s operating budgets.

Ignoring the telephone channel leaves bank reps susceptible to social engineering

Posted on: May 29th, 2012 by art

Ignoring emerging social engineering threats and hoping your bank is not targeted by criminals is an unrealistic and ineffective way to stop attacks in today’s threat landscape. That’s the consensus of Symantec’s new Internet Security Report.

In the BankInfoSecurity article, “Social Engineering: Mitigating Risks,” Liam O Murchu, the manager of operations at Symantec Security Response, said lax security procedures, failing to address known security gaps, and not keeping up with fraud trends can make organizations susceptible to the latest incarnation of attacks launched by today’s crafty social engineers.

O Murchu said in recent years it’s become more difficult for criminals to launch silent attacks that don’t tip off the infected user, so they’ve been changing their ways. Today, they are designing schemes to exploit the weaknesses of the user instead of the weakness of the system. Since there’s no product that controls human behavior, we’re starting to see more social engineering attacks that are effectively convincing users into fall into their trap.

“At the end of the day, the user is definitely a vulnerable point in the chain and we need to have the technology that can aid them in making better decisions and protect them.” 

O Murchu added that organizations that have lax security procedures in place or have either overlooked or ignored some aspect of security are the most likely to be hit by social engineering attacks.

One area that has been overlooked has been the telephone channel. Not for a lack of usage, but primarily because of the perceived notion that most of today’s criminals are focused on the Internet to carry out their dirty deeds. While more Internet savvy criminals, combined with the proliferation of easy-to-use malware toolkits, have put pressure on financial institutions’ IT security teams to deploy solutions to stop online attacks, ignoring the telephone channel can leave banks vulnerable to social engineering.

While education can certainly help bank call center agents become more aware of new and evolving criminal tactics, each time they pick up the phone they are still exposed to methods aimed at convincing them to divulge personal or account information.

The TrustID® network-based Physical Caller Authentication tool prevents bank representatives from finding themselves in this situation by automatically verifying the physical location of the telephone before it is answered. Using Caller ID and ANI as validated sources to instantly authenticate legitimate customers and identify fraudulent ones before criminals can talk with bank representatives, TrustID adds a critical layer of defense against Caller ID spoofing and social engineering schemes aimed at defraud today’s banking institutions.

Linking call center service with customer retention and the bottom line

Posted on: May 23rd, 2012 by art

Every bank knows the role customer service plays in the profitable bank-customer relationship. Providing a great customer experience is essential to customer retention and building a stronger brand reputation that can help increase the bottom line. But if call center service remains one of the most frequent and important touch points for banking customers, why does it fall to the wayside when it comes to corporate priorities and investments?

I’ve written a ton about the changing face of customer service in the financial services industry, but recent events have made these scribblings more relevant than ever. Just this week I came across the article, “Why Most Call Center Service is So Bad,” in which Colin Taylor of the Taylor Research Group brings up some meaningful and pertinent points, including:

“The second form of neglect is neglecting to understand that a call center is a primary communications channel between the organization and its customers. In fact for many organizations it is the primary communications channel and the only meaningful one that facilitates a two way discussion, a dialogue. Failing to recognize this fact leads organizations to undervalue the contribution the call center and broader customer service and technical support plays in sustaining the business. Not only can a call center generate revenue through orders, up-sell and extensions, but the call center also protects revenue already promised through solving issues and fixing problems, many of which were not caused or created by the call center. As my colleague John Cockerill says, ‘There are only two kinds of calls; Value, where we gain revenue and Fault, where we fix a problem someone else created.’ By neglecting to understand the role played by the call center in maximizing lifetime value and customer retention these organizations treat the call center as an after- thought.”

Colin’s writing style is direct, perhaps even a bit blunt. However, he brings up some extremely valid points about how the expectation of poor service has unfortunately become engrained in our society. And he cites some pretty credible data to back up his words:

 

  • 86% of consumers quit doing business with a company because of a bad customer experience, according to Harris Interactive.
  • American Express found that 32% of Customer Service Experiences generally “Miss Expectations.”
  • AMEX also found that 61% of Americans report that quality customer service is more important to them in today’s economic environment, and will spend an average of 9% more when they believe a company provides excellent service.
  • More than 70% of senior call center executives revealed their companies fail to meet their customers’ expectations, according to Bain.
  • Companies give bad customer service because they see that it is far cheaper to pay for a corporate rally and “mission review” teams than to overhaul their tactical processes.

Numbers like these should serve as a wake-up call for banks. Instead of refocusing on new growth areas, financial institutions ought to sit up and take a good look how they are servicing their customers. Done right, they can sustain existing customers while also attracting new ones.

While I’ve said this before, I believe we are on the cusp of a major transformation in the financial services industry; an era where the success of the entire enterprise is dependent on the customer experience and its ability to service its customers’ needs. Over the next several years, we will start to see a market shift where financial institutions are no longer able to define their own brands. Instead, the consumer will define them through the influence and power that social media and other tools have given them. Banks that understand this shift, and alter their business processes to improve the customer experience and ensure consumer safety, will gain a competitive advantage that will significantly improve top and bottom-line performance for their shareholders.

How a customer feels during and after phone interactions can be a significant differentiator for banks today because too many have lost sight of how to provide quality customer service over the telephone. The good news is not all is lost. When you understand that reconciling the needs of the customer with the needs of the enterprise is paramount to the mutually trusting relationship between customers and their banks, you realize they can co-exist.

One way to do this is by eliminating interrogation at the onset of every call and giving the customer more perceived control over the bank-customer relationship. The TrustID® undetectable, network-based Physical Caller Authentication tool helps financial institutions achieve this on two levels – by re-establishing Caller ID and ANI as a valid credential for customer authentication and improving customer service in the telephone channel.

The bottom line is banking customers want to be trusted and respected, and demand both safety and convenience. By paving the way for banks to transform the customer experience, TrustID is proving that customer service and the bottom line don’t have to be at odds, particularly when it comes to one of the financial services industry’s primary communications channel — the call center.

Criminals Still Turning to the Telephone to Perpetrate Bank Fraud

Posted on: May 15th, 2012 by art

When it comes to bank fraud, criminals may be leveraging technology to outsmart the latest online security tools, but they haven’t forgotten about the telephone. In fact, some studies suggest that crooks are finding more ways to use the phone to commit bank fraud.

In the UK Cards Association report, the payment card information resource found that telephone banking fraud losses increased 32% in 2011, from £12.7 million in 2010 to £16.7 million last year. In my experiences, these numbers are particularly relevant because the UK fraud experience is similar to that in the US, outside of counterfeit fraud where the UK has chip and PIN built into the cards.

To defraud financial institutions and banking customers, criminals need to collect personal security details. This data is seen by thieves as the keys to the vault, and they will do anything they can to get their hands on the information they need to access bank accounts.

Aside from mining social media websites like Facebook to gather data and build personal profiles on unsuspecting victims, criminals are turning to the telephone to dupe customers into divulging their personal information. Spoofing their Caller ID, crooks socially engineer customers by pretending to be bank representatives asking them to provide their account details such as passwords. This is the identity theft portion of the crime. Once they’ve collected enough details on a person, the next step is identity fraud.

There are many ways criminals can perpetrate identity fraud, both online and over the telephone channel. With banks offering more ways than ever for customers to bank online, in recent years financial institutions have invested heavily in security tools to protect online channels. While this has helped reduce online banking fraud losses (which fell 24% in the UK from 2010 to 2011), banking institutions need to consider solutions that help banks identify and stop fraud over low-tech channels, as well.

The TrustID® network-based Physical Caller Authentication is one solution that stops criminals that are spoofing their Caller ID from social engineering call center agents. By automatically validating the physical location of the incoming call before the phone is answered, TrustID instantly lets bank representatives know when the Caller ID or ANI is spoofed. This level of real-time telephone forensics allows financial institutions to determine whether the call is from a legitimate customer or a criminal who has manipulated their Caller ID to commit fraud. Doing so helps banks on several levels — from reducing telephone fraud losses and call center operating costs by eliminating the time to handle bad calls to achieving regulatory compliance through multi-factor authentication required by the new FFIEC Authentication Guidance.

Can banks be found negligent for not meeting FFIEC guidelines?

Posted on: May 8th, 2012 by art

Over the past year, a lot of attention has been placed on the FFIEC Authentication Guidance, and the recommendations for safeguarding confidential company and customer information.

In many ways, security guidelines tend to supersede actual legislation because they provide specific direction on what steps financial institutions need to make to protect their critical assets from fraud. But now there’s new cause for concern if banks don’t adhere to the FFIEC guidance: Class action lawsuits.

In the BankInfoSecurity article, “FFIEC: Impact on Consumer Accounts,” Joseph Burton, information security legal expert with Duane Morris LLP, warns that if banks and credit unions don’t expand their security beyond commercial accounts to also include retail accounts, they could expose themselves to legal woes by consumers whose online accounts are breached or hijacked by phishing or other social engineering techniques.

Burton said many banks typically don’t worry about reasonable security and negligence on the retail side because the Electronic Funds Transfer Act (Regulation E) protects consumers against paying for unauthorized transactions. But while Regulation E doesn’t address a bank’s liability on consumer accounts, the FFIEC’s Authentication Guidance does.

“The FFIEC was a godsend to plaintiffs in that regard — a guidance, a near-regulation — that if you have banks not following it, you’ve got the perfect storm to declare them negligent… You’re dead today if you don’t take the FFIEC guidance on both levels.”

According to Burton, the FFIEC makes no distinction between education for commercial versus retail accounts. This would mean that banks focusing only on enhancing authentication techniques to protect customers and members hit by corporate account takeovers can potentially be found negligent if they ignore security for consumer or retail accounts.

In 2009, the case Shames-Yeakel vs. Citizens Financial Bank found the bank liable under a theory of negligence because it was responsible for protecting the account, as well as the account holder, from identity fraud. Because the compromised account was a commercial account being used for personal payments, the court did not consider Regulation E.

With the line between commercial-use and consumer-use becoming more and more blurred, Burton added that financial institutions that lack layers of security and multifactor authentication on both the commercial and retail side could potentially be found negligent if they are hit with a lawsuit.

“Shames-Yeakel is a case very similar to one that consumer accounts would be involved in. I see potential liability, based on negligence, and the bank’s failure in that case to follow the FFIEC guidelines. That, to me, is evidence of negligence.”

Closely following the guidance to the letter of the law for both commercial and retail accounts is the best way to meet the FFIEC’s multifactor authentication best practices for identifying customers and protect themselves from legal woes that stem from breached retail accounts that could lead to class action suits.

With today’s innovative criminals perpetrating ACH fraud against commercial and consumer accounts across all banking channels, financial institutions need to deploy authentication solutions that enable them to proactively identify criminal activity on all fronts, including the telephone channel. The TrustID® network-based Physical Caller Authentication tool is a front-line defense that identifies and stops criminals before they cross enemy lines.

By automatically validating the Caller ID and ANI before the incoming call is answered by a bank’s contact center agent, TrustID allows financial institutions to stop criminals before they can attempt to socially engineer bank representatives over the phone. Combined with other traditional methods of authentication to identify customers, TrustID provides banks and businesses with an extra layer of defense to protect banking accounts and meet the FFIEC’s guidelines for true multifactor authentication.

Fraud survey shows banks concerned about FFIEC compliance, best security investments

Posted on: April 17th, 2012 by art

The new FFIEC security guidelines may be raising fraud awareness and motivating banks to invest in anti-fraud technologies, but results from the 2012 Faces of Fraud survey highlight ongoing confusion around compliance and concerns around the right investments and resources to reduce fraud risks.

In the article, “Fraud Survey: Banks Get Bigger Budgets,” 58% of the banks and credit unions surveyed said they will see increased investments in fraud resources of 10-20% in 2012. However, only 11% said they have conformed to the updated guidance, with half saying they don’t confirm now and 29% unknown of their current state of conformance with the FFIEC recommendations.

Other key survey findings included:

  • 61% of respondents plan to enhance fraud detection and monitoring systems within the next 12 months. Improving staff training (49%) and enhancing customer and member education efforts (43%) rounded out the top three planned investments.
  • 84% of financial institutions said credit and debit fraud was their top threat, with only 41% saying their organization was not prepared to prevent and detect fraud.
  • Half of the respondents ranked Phishing and Vishing (Socially Engineered Schemes) as the third highest threat, with only 28% believing they could detect and prevent such attacks.

While the updated FFIEC guidance has played a central role in driving financial institutions to consider security investments, Gartner analyst, Avivah Litan, said the survey results tell just how much banks are struggling to figure out the best investments and security technologies that will allow them to comply with authentication guidelines and enhance their ability to detect cross-channel fraud.

“The survey results reflect the confusion among most banks as to what’s expected of them when it comes to practical technical solutions. Many banks are wondering if they need to switch their modus operandi for challenge questions, to follow the explicit guidance in the FFIEC update about using the more elaborate and expensive challenge questions from public data aggregators.”

The problem with challenge questions used in more traditional knowledge-based authentication (KBA) solutions is today’s more tech-savvy criminals that are prepared with the right personal identifiable information (PII) can defeat such methods. This is why the FFIEC’s updated recommendations include a multi-factor authentication strategy for detecting fraud threats over all banking channels, including the telephone channel.

Despite many banks using both passwords and KBA techniques to identify customers, these two methods only satisfy one authentication criteria (“Something you know” [e.g., password PIN number, PII]), as defined by the new FFIEC authentication guidelines. A security solution such as the TrustID® network-based Physical Caller Authentication tool, which doesn’t rely on non-predictive PII to identify banking customers over the telephone, fulfills a separate authentication criteria (“Something you have” [e.g., ID or ATM card, security token, telephone]).

Using both methods to identify customers helps financial institutions conform to updated authentication recommendations and provides a necessary multi-layered defense against more dangerous forms of fraud that many fraud experts recommend for protecting all banking channels.

Financial fraud experts recommending a layered security approach

Posted on: April 3rd, 2012 by art

Ever since criminals discovered how to use stolen personal information to apply for credit or socially engineer their way into another person’s bank account, security experts have warned against relying on knowledge-based authentication (KBA) to identify customers.

In the blog, “New credit card data breach revealed,” Gartner fraud analyst, Avivah Litan, said in light of the recently disclosed VISA and MasterCard data breach, businesses need to expand their security defenses beyond traditional KBA methods that are constantly being bypassed by determined crooks.

“A layered approach is always best, since you have to assume the bad guys will get through one or two or even three layers.”

Litan recommends against using knowledge-based authentication and other types of personally identifiable information (PII) methods on administrative accounts, and I couldn’t agree more.

Taking a layered approach to prevent fraud is essential to fighting today’s savvy criminals, who actually take advantage of the reliance and trust that companies put into KBA and PII solutions to defend their customers’ data and confidential company information. The problem is, once a thief has successfully beaten KBA, they’re in without further questions. This is why a multi-layered security defense is so important.

It’s cases like the VISA and MasterCard data breach and the Paul Allen debit card breach, where the Microsoft founder’s bank account details were stolen via a call center dupe, that have security experts like Litan pushing for a layered security approach that spans across all customer channels.

An authentication solution that doesn’t rely on the customer’s personal information can be a valuable tool for identifying customers over the telephone channel. With the TrustID® network-based Physical Caller Authentication solution, financial institutions can automatically validate customers calling into their contact center before the phone is answered. By re-establishing the Caller ID and ANI as a trusted resource for identifying customers over the phone, TrustID eliminates the conversation criminals depend on to socially engineer bank telephone agents, and provides an additional layer of authentication that banks need in today’s dangerous fraud landscape.

Despite heavy security investments, identity theft and fraud continue to proliferate

Posted on: March 27th, 2012 by art

The Federal Trade Commission recently published its annual 2011 report on consumer complaints. The report, “Consumer Sentinel Network Data Book,” lays out in extensive detail the types and frequencies of reported complaints to the FTC from consumers. Here are a few pertinent points from the report:

 

  • The CSN received over 1.8 million complaints during calendar year 2011
  • Identity theft was the number one complaint category in the CSN for calendar year
  • A total of 990,242 in 2011 complaints were fraud-related
  • For military consumers, identity theft was the number one complaint category
  • Government documents/benefits fraud (27%) was the most common form of reported identity theft, followed by credit card fraud (14%), phone or utilities fraud (13%), and bank fraud (9%). Other significant categories of identity theft reported by victims were employment fraud (8%) and loan fraud (3%).

Personally, I think it is very telling that the top two complaints are identity theft and fraud. These two categories are inherently related, connected at the hip, if you will, because criminals essentially steal identities to commit fraud.

The second important takeaway for me was that despite all of the heavy investment banks and other institutions are making to safeguard customer information, particularly in the online channels, identity theft and fraud continue to proliferate. This is quite alarming.

Over the past several months, I’ve written a number of blogs that talk about the need to bake cyber security and risk management into all customer channels, including ATMs, Internet and the telephone.

One of the reasons telephone fraud and social engineering have picked up in recent years is the fact that criminals now have the ability to access or change an address or account data that is necessary to perpetrate larger and more profitable online crimes. Once a criminal controls a customer’s information – primarily through the telephone channel – criminals use the newly acquired personally identifiable information (PII) to commit crimes through the online channel.

Financial Institutions that ignore the telephone channel as a primary source for fraud and don’t address the same security and authentication requirements as the online channel, will continue to put themselves at risk as the CSN report painfully articulates.

The fact is, if you want to automate business processes, enhance customer communications, and take advantage of new technologies, you have to “bake” cyber security and risk management across all customer channels.

Deploying an effective, non-intrusive identity authentication tool like the TrustID® network-based Physical Caller Authentication enables financial institutions to convert ANI and Caller ID into a powerful physical security and customer authentication tool that can be used to close the security gap that too many bank call centers still operate with today.

An identity authentication solution that helps banking institutions protect the telephone channel by making the phone number a valid “Something you have” authentication credential, is an essential piece of the FFIEC’s multi-factor authentication paradigm for identifying customers. By automatically validating the physical location of the caller before the phone is answered, financial institutions proactively identify fraudulent calls and address good customer inquiries faster, all without putting them through burdensome telephone interrogations that are required by other knowledge-based authentication (KBA) solutions.

  • REQUEST INDUSTRY BRIEFING PAPERS
  • VIEW DEMO
  • USE CASE
  • ANI SPOOFING TOOL

  • CISO Text

             

    Authentication without caller involvement materially improves the customer experience, especially for ‘premier accounts.’ TRUSTID will greatly assist with not only customer service, but also with board level compliance issues.

    – CISO, top 10 global bank

  • CISO 2 Text

             

    As less customer PII is made available to our contact  center advocates for identity validation, our enterprise risk of a costly data  breach is dramatically decreased.

              – CSO, global financial company

    Offshore agents are highly vulnerable to fraud schemes  and social engineering. TRUSTID’s solution enables informed routing decisions,  optimizing agent cost reduction programs.

             - CISO, top 10 global bank           

  • VP Quote text

         

    Since  it is now commonly sold by criminals, personal information for identity authentication is no longer the single solution to identity resolution. The  value of knowing reliably that a customer is calling from their phone is far better security than knowing the last four digits of someone’s SSN.

    - VP of Card Fraud, large international bank