When call centers rely on a single form of authentication to identify customers over the telephone channel, they’re putting all their eggs in one basket. When relying on a single source to verify callers, banks are increasing their chances of not getting it right. This is why the FFIEC highly recommends that financial institutions use multiple factors of authentication to screen inbound calls.
The recent article, “Expert: Time to stop relying on PII for authentication,” suggests that there’s plenty of evidence that criminals know more about ourselves than we do. This means that using traditional means of customer identification like knowledge-based authentication (KBA), which rely on somebody’s personal information, just doesn’t cut it anymore. While this method may assure banks that the person on the other end of the line knows a thing or two about the customer, it doesn’t validate that they are who they say they are.
Vidhya Ranganathan, Accellion’s SVP of product security, said using multiple authentication methods by adding different types of mechanisms is critical for securing customer channels. This definitely applies to call centers.
Call volumes in today’s contact center environments are growing faster than banks can scale their security measures. To keep up, businesses need authentication services that instantly validate each call without rely on sensitive customer data. Traditionally, this hasn’t been done with KBA methods because they’re based on personally identifiable information (PII). Today, a tool like the TRUSTID® Physical Caller Authentication solution can automatically provide the information businesses need to quickly determine if a call is legitimate or spoofed, without the need to interrogate customers over the phone.
As a lead or complementary authentication tool that identifies the location of the device being used to make the call, TRUSTID provides an extra layer of protection that doesn’t require personal information or interrupts the customer service process. By quickly and invisibly verifying the call while it is still ringing, businesses know within seconds — and before the call is picked up — if it’s good or if it presents a risk to their customers and telephone environment.
This allows risk and security teams to make proactive decisions around each call coming into their contact center. And the best part is, call center agents don’t have to waste valuable time interrogating customers. Instead, they can get straight to providing good customers the excellent service they want and deserve.
In a landscape where it’s quite possible criminals know more about customers than the actual customers do, it’s critical to have authentication processes in place that give security teams the device intelligence needed to take immediate action before crooks even know they’ve been discovered.