How pre-answered caller authentication helps prevent telephone bank fraud

Posted on: February 20th, 2013 by Art Barger

Prevention vs. clean up. It’s a security question all financial institutions should ask themselves.

When it comes to providing a trusted customer environment, banks are typically better at resolving problems stemming from non-predictive authentication and fraud than preventing them. That’s because they continue to allow criminals to get their foot in the door.

What I mean by this is when banking customers place a call into a contact center, the very act of answering the telephone sets the stage for criminals to start their elaborate social engineering schemes. And once the dialog starts, anything goes.

Javelin’s director of security, Phil Blank, has long said when it comes to safeguarding customer environments, the biggest challenge is prevention. Done right, however, it can also have the biggest payback for both the bank and customer.

The typical scenario for customer calls looks something like this. A call center agent picks up the phone then proceeds to ask the caller their customer ID and social security number. Based on the level of information the customer is requesting, the bank representative may ask a number of challenge questions. At this point, they’ve already taken up a minute or more of the customer’s valuable time using knowledge-based authentication (KBA) methods that, quite frankly, can no longer assure that the person on the other end of the line is who they say they are.

In today’s many banking channels, criminals armed with the right personal and financial details they’ve collected over the Internet can convincingly impersonate an actual banking customer. In the telephone channel, for example, the very moment they’re able to talk with a call center agent, they have the upper hand.

Whether the caller is a valid banking customer or an impersonator, telephone interrogations impact banks and their customers in several ways, including:

  • Employee costs: Every second a bank has to validate and serve their customers counts. If a bank’s contact center agents still rely on KBA for customer identification, they’re likely overspending in many areas for identity authentication, including employee training, security systems and other internal processes.
  • Bank-customer relationship: Burdening customers with lengthy interrogations tests the goodwill of customers and impacts the overall customer experience. This can put a heavy toll on the profitable bank-customer relationship that’s important to any bank’s overall success.
  • Non-predictive authentication: Because personally identifiable information (PII) is used to socially engineer banks, it is not predictive for positively identifying customers calling into a contact center. Therefore, financial institutions should not rely solely on PII for identity authentication.

The TRUSTID® Physical Caller Authentication solution helps banking institutions solve these problems by validating all customer calls before they are answered. Using real-time telephone network forensics to proactively validate the physical location of the landline or mobile device calling the contact center, banks can determine the risk of each inbound call before it is picked up. This insight allows banks to eliminate the time spent authenticating bad calls and serve good customers faster and more seamless. As a result, preventing high-risk callers from reaching bank representatives builds a safer banking environment and strengthens the bank-customer relationship without having to worry about the time, resources and costs associated with cleaning up fraud after it has already happened.