Since the COVID pandemic first struck, fraud in contact centres has soared. A combination of disruption caused by remote working and economic instability from the pandemic has made contact centres the perfect target for fraudsters everywhere. Figures included in our recent eBook show 57% of organisations have encountered fraud attacks in their contact centres since the start of the pandemic, and 53% say this has impacted their bottom line.
Despite this, only a third of organisations surveyed say they have a handle on telephony fraud. This means there’s a desperate need for contact centres to find a new approach to protecting customers and their bottom line from fraud. But how?
To answer that question, we first need to understand why contact centre fraud is so prevalent in the first place.
The challenge of KBAs
Traditionally, contact centres have relied on knowledge based authentication questions (KBA), usually prompted by live agents, to assess which customers are genuine. In fact, our research suggests as many as 95% of contact centre callers are authenticated through live agents.
Knowledge-based authentication is time-consuming, expensive and remarkably ineffective at keeping fraudsters out. It’s clear that a different approach is needed.
Passive authentication: A different approach
In the last few years, organisations have begun to realise the pitfalls of KBA-based authentication, and are beginning to develop alternative methods, such as passive authentication. The goal is to unveil ‘passive’ forms of authentication that don’t rely on the customer answering questions. One of these tactics is to use customers’ mobile phone numbers.
This approach, known as CLI identification, is designed to reduce the time taken for authentication and increase the accuracy of the verification process. If an organisation has a customers’ phone number on record, and the caller’s number matches it, they can say within a reasonable degree of certainty that the customer is who they say they are.
This is a promising step forward for contact centres, but it’s not a silver bullet. The existence of withheld and spoofed numbers in the UK make it difficult to be completely sure a number is legitimate. At the same time, differing global privacy regulations mean an organisation’s ability to correctly identify phone numbers varies from country to country.
While not a complete solution, however, CLI identification does play a vital role in achieving and strengthening authentication. But to be truly secure, you can’t just rely on a single method.
Layered security
To keep customers and contact centres truly safe, a multi-pronged strategy is needed. Put simply, there’s no single solution that can apply to every contact centre around the world. Though efforts are being made to build this, we’re far from having a universal authentication standard.
In the meantime, therefore, contact centres need to invest in multiple technologies and approaches, building a layered approach to contact centre security that works for every customer. But what does that involve?
- With CLI identification, you match a customers’ phone number to the details you have on record, so unknown or non-matching numbers can be flagged.
- Speech recognition lets you authenticate customers who have called previously, by identifying how closely the voice matches that which you have on record.
- With the right technology, behavioural analysis can then be used to identify potentially fraudulent caller behaviour, such as a new location or evidence that the call came from a bot.
- Knowledge-based authentication questions can be used alongside these more passive approaches to help identify fraudulent activity.
Alone, none of these technologies or approaches can keep you safe 100% of the time. Used together, however, you can ensure your customers and contact centres are safe from attack.
To find out more about the steps you need to take to authenticate your contact centre, read our recent eBook : “Smartnumbers guide to customer authentication around the world.”