The hidden threat of call centers

Posted on: February 02nd, 2017 by Art Barger

The primary function of the contact center is to serve the needs of customers by answering questions and resolving issues relating to their bank accounts. To improve customer confidence and satisfaction, it’s essential to also create a safe and secure environment for customers to bank remotely.

While we focus largely on protecting our enterprise from external threats, one area that’s often overlooked is how close we keep an eye on internal activities. Aside from self-serve channels that enable customers to make changes to their accounts and request financial transactions, call center agents authorize many banking activities. 

As far as our employees go, trust is sort of built in to our working relationship. After all, we hire them, train them, and interact with them each day. This daily collaboration creates a professional bond of trust between contact center managers and telephone agents.

We monitor and record calls to hold our agents accountable for delivering and maintaining a high level of service to our customers, but the access we give them to sensitive customer information should never be taken for granted.

The recent lessons we’ve learned from Wells Fargo and other internal security breaches is that threats from within can be as harmful and fiscally damaging as the external threats we focus on every day.

In the article, “Bank call center employee used caller information to steal from accounts,” a temporary call center employee at First Niagara Bank used personal information he had access to to steal more than $15,000 from accounts of nine banking customers. Using personal data he collected at work, the employee then transferred funds from the victims’ accounts to his own personal account.

Much like the Wells Fargo scandal that resulted in over 5,000 employees being fired for creating more than two million fake customer credit card and deposit accounts, had First Niagara complied with the FFIEC’s recommended guidelines on multi-factor authentication across all customer channels including internal activities, the transactions would have required at least two factors of authentication from each banking customer before the money could be transferred. This would have essentially blocked the fraudulent activity from happening.

Both the Wells Fargo and First Niagara cases highlight the growing need for financial institutions to employ multi-factor authentication for identifying customers across the enterprise. A cross-examination of a customer’s credentials that validates something the caller has with something they know and/or something they are, needs to be a requirement before any banking transaction takes place.

While the focus is still on providing exceptional customer service across all banking channels, more than ever the security of your contact center relies on having the appropriate authentication tools in place to identify and stop threats from the outside, as well as those coming from within.