Financial institutions have long relied on IVR (interactive voice response) systems and contact center agents to authenticate and route callers to the appropriate operator or voice option. While these methods have served call centers well through the years, their reliability and efficiency have waned over time.
Much of this is due to more sophisticated social engineering schemes, which have gained significant ground on traditional ways of authenticating customers. Today’s bank criminals have figured out how to exploit knowledge-based authentication (KBA) solutions to the point that they are no longer effective, or should be relied upon, for identifying customers over the telephone. Combine that with the amount of time it takes customers to make their way through extensive call center menus or answer lengthy challenge questions, and you’ve got an unreliable, cumbersome system that can have a negative impact on the overall banking experience.
Relying on outdated or ineffective methods to authenticate and service customers over the phone is counterproductive. So much so that it can actually put a bank’s confidential information at risk. Once crooks figure out how to successfully spoof their Caller IDs or socially engineer call center agents, they’ll continue to do so until they are stopped or exposed.
Today’s banks can no longer afford to operate with the assumption that the same ole KBA tools they’ve employed for years can accurately identify every incoming call. Times have changed, and so have criminal tactics. Using authentication methods that were once effective in identifying callers against today’s fraud landscape can potentially set a bank up for repeat criminal activity.
Trusting authentication methods that rely on easily accessible personally identifiable information (PII) can lead to what we at TRUSTID call, “believing the lies.” By this I mean if the tools a bank has entrusted to authenticate customers and detect fraud are fooled, their call center representatives will be fooled, as well.
Trusting that obsolete PII-based authentication tools will continue to accurately identify customers could lead banks right into the traps of what crooks want them to believe — lies designed to defeat our authentication and detection solutions. Using the same authentication strategies to stop more sophisticated fraud schemes will only lead us down a path that will put our customers and confidential business information at greater risk.
Moving forward, as phone crimes change, so must our methods of quickly and effectively identifying banking customers. It’s the only way banks are going to enhance the security of our banking channels and improve the way we service customers.