Telephone fraud may appear to start the moment your phone rings, but at that point the perpetrator has likely taken several steps before attempting to play his cards against your call center defenses. That’s because telephone fraud actually begins the moment someone’s identity is stolen online or in a data breach.
One of the challenges in curbing phone fraud in 2017 will come down to how successful businesses can defend their enterprises against malware and other scams that lead to identity theft. Unfortunately, the forecast for such attacks doesn’t look good.
Despite new technologies that help organizations mitigate fraud across all customer channels, the article, “Fraud trends for 2017, and how to stop them,” predicts fraud will continue to persist and possibly increase in 2017. As we head into a new year, now’s the time banks and businesses need to once again reassess their authentication processes to make sure all their customer environments are adequately protected against such attacks.
For financial institutions, fraud risk is sort of a two-way street. There’s the criminals who target victims, and there’s the banks that use a variety of authentication tools to determine the level of risk calls pose to a telephone system.
Criminals use several types of scams to undermine their defenses — from spoofed Caller IDs to impostors posing as real customers armed with personal details to correctly answer security questions. On the flip side, a contact center can employ any number of detection tools — from biometrics and knowledge-based methods to automated identification solutions — to spot fraud or other unusual behavior. When it’s all said and done, your authentication process has the biggest impact on detecting fraud and other social engineering scams. If this process falls short of checking multiple factors to verify customers, an impostor can get through and on the line with a call center agent.
Verifying customers over the phone puts your bank reps and your customer data in a vulnerable position. At this point, agents can do nothing but take the customer’s word for it. If your business is solely relying on challenge questions to identify unvalidated calls, then you’ve failed to comply with the FFIEC‘s multi-factor authentication recommendations, which puts both your bank and customers at risk.
While other organizations’ data breaches may be outside of your control, creating a highly efficient and secure contact center is essential to reducing your risk. When considering authentication solutions for detecting fraud, a tool like the TRUSTID® Physical Caller Authentication doesn’t rely on personal information to identify customers over the phone channel. Instead, it automatically identifies the physical location of the calling device in real time to verify callers while the phone is still ringing. This level of pre-call validation helps financial institutions fulfill multi-factor authentication requirements that will be needed to defend their enterprises against potential threats in 2017.