How soon does your telephone security identify risk?

Posted on: March 09th, 2016 by Art Barger

Early, invisible call analysis is something all contact centers should aspire to.

And why not? The sooner you can validate callers in the authentication process, you increase your chances at stopping fraud and creating a more satisfying customer experience for good callers.

Put another way, the faster you can identify information about an inbound call — whether it’s determining the true phone number or device location — the quicker a bank can take action that enables them to block fraudulent calls before they get routed to the appropriate IVR or operator without any unnecessary interruptions.

Today, proactive risk analysis is essential for reducing telephone fraud and improving your overall customer experience. As banks continue to strengthen security in their mobile and online channels, criminals are continuing to target vulnerabilities within the contact center.

We know that fraudsters will always put their efforts into channels they perceive as the weakest link in the security process. In the telephone channel, that usually means people.

In the recent article, “To Case the Join, Press 1: Crooks Refocus on Bank Call Centers,” Gary McAlum, chief security officer at USAA, said authentication solutions that don’t protect customers across the enterprise, particularly the call center, can expect attacks aimed at tricking reps into believing they are someone else.

“Fraudsters will always use the weakest plank in the door. If you’re using strong authentication security but someone can call into a call center and social-engineer through the call center representative to reset their account, then that’s the weak point in the network. It has to be an end-to-end holistic approach.”

Advanced social engineering scams rely on a few shortcomings in traditional customer authentication tools like knowledge-based authentication (KBA). Because these methods depend on sensitive customer information to identify callers over the phone, criminals use Caller ID spoofing tools to trick banks into thinking a particular customer is on the other end of the line.

If that gets crooks past a call center’s initial line of defense, the next step is to correctly answer a bunch of KBA security questions. This is easier than ever in the age of the Internet. Fraudsters can build profiles by gathering personal and financial data from social media websites to convince agents they are legitimate customers. This, of course, can lead to all types of identity fraud including account takeovers.

The bottom line is, identifying callers on the telephone is no longer cost-effective or predictive for customer validation. Once a fraudster is on the line, they have the upper hand. The key to stopping social engineering scams requires banks to identify spoofed calls much earlier in the authentication process.

Innovative caller authentication solutions like the TRUSTID® Physical Caller Authentication don’t allow spoofed calls to sneak through because they are spotted early in the process. By invisibly verifying the physical location of the calling device while the phone is ringing, TRUSTID provides banks with a real-time risk credential. This proactive call analysis allows contact centers to block spoofed calls from entering the telephone system in the first place, and mitigates the risk of your call center agents from being socially engineered.

While keeping crooks out is paramount to improving call center security, identifying calls early in the process also allows good customers to talk to bank agents faster. And when reps don’t have to put callers through lengthy telephone interrogations, your customers’ problems are resolved quicker, creating a more satisfying banking experience.

you may also enjoy