ANI and Caller ID: A Trojan Horse for our Time
Blame phone spoofing. The telephone equivalent of a fake drivers license, spoofing allows criminals to falsify the calling party number, a key factor of authentication.
Conventional Defenses No Longer Work
In response to spoofing, call centers rely heavily on Knowledge Based Authentication (KBA), or identity-interrogation, to verify customers’ identities: birth date, last four digits of social security number, mother’s maiden name, etc.
Unfortunately, this information isn’t really private any more. It’s available online for illegal purchase, or through the tactics detailed below. Armed with this personal information, and disguised with a spoofed caller ID, criminals easily impersonate customers and commit fraud at major enterprises.
Today, large call centers waste millions of seconds –and dollars- on identity-interrogation protocol that unnecessarily prolongs each call, frustrating customers, and empowering criminals.
Four Ways Criminals Overcome Identity-Interrogation
- Voice Phishing
Criminals call your customers while impersonating your enterprise, even on Caller ID. Claiming to verify some seemingly innocent information, these criminals often successfully extract personal information such as: date of birth, last four digits of social security number, billing zip code, and account number. Precisely what they need to circumvent your enterprise’s identity-interrogation protocols.
- Social Engineering Attacks
Armed with a spoofed caller ID, an earnest voice, and quick wit, criminals will call into your enterprise posing as a business partner or authority. Because they appear to be calling from a trusted source, and play the part well, they regularly trick trained employees. Whether they make account changes or acquire balance information, their success brings them another step closer to penetrating your defenses.
- Line Takeover
Knowing that banks use outbound return calling to authenticate large financial transactions, criminals will trick phone companies into temporarily diverting a victim’s phone number. Aided by this compliance, and armed with the victim’s personal information, criminals can then persuade call center agents to conduct large transfers.
- Fraudulent Card Activation
Your bank sends a new debit card to one of your customers. But criminals get to the mailbox first. Armed with personal information –bought online, or acquired through the above tactics- the criminal calls with a spoofed caller ID to activate the card. Their next stop, a spending spree on your customer’s account.
TRUSTID Protects Your Business And Your Customers
Our patented solution alerts your agents to suspicious callers automatically. As a result, agent time wasted on these calls, and the risk of divulging customers’ personal information, decreases substantially.
Download Our Industry Briefing Papers To Learn More