The “false trust” created by criminals to socially engineer banks has turned Caller ID and ANI into unvalidated claims that are no longer trustworthy for identity authentication. This is the simple, straightforward message that TrustID has been delivering for some time, despite industry naysayers who incorrectly claim ANI cannot be spoofed.
The reason why we’ve been so persistent in getting the word out is because far too many banks we talk to continue to use these unvalidated claims as trusted sources for identifying customers in the telephone channel. Trusting Caller ID and ANI without properly validating the authenticity of the calls gives criminals a leg-up on defeating existing telephone authentication processes, significantly increasing the security risks of banks’ proprietary data and customer accounts.
As long as fraud teams continue believing the “lies” that criminals depend on to defraud banks and their customers, they will remain vulnerable to illegally spoofed calls. This is why financial institutions need to make it a priority to implement new identity authentication tools like the TrustID® Telephone FirewallTM solution, which validates the Caller ID and ANI with the physical location of the caller before the actual call is answered, without impacting the customer experience or tipping off criminals that an authentication check has been performed.
The fact that Caller ID and ANI can quickly and easily be spoofed by anyone using readily available free technology, banks and financial institutions need to take steps to restore Caller ID and ANI as validated credentials for identifying customers. The answer to stopping the growing number of social engineering and telephone fraud schemes against banks is as simple as the message we’ve been conveying all along: If banks don’t take the necessary steps to restore trust in the phone channel, the security and integrity of their critical business data is only as good as the lies they believe.