17th February 2022

Building a global standard for contact centre fraud prevention

By Grant White

If you’re a global organisation with contact centres spread around the world, fraud prevention can be tricky. That’s because different countries have different regulations and standards when it comes to gathering customer data and managing fraud. In short, that means it’s difficult to come up with a fraud prevention solution to encompass all your contact centres. 

The lack of continuity is a challenge, because it has a real impact on what controls are available and what solutions you can implement in each region. Balancing the priorities of fraud prevention against the need for a smooth customer experience is tough enough without having to alter the way you enable that from country to country. 

What organisations need is a single authentication standard that can be easily and successfully applied to all their global contact centres. But what are the challenges at hand, and what solutions are already available? Here’s where things stand today.

What are the regulation standards around the world?

With fraud prevention, a key challenge is the difficulty in verifying customers’ phone numbers around the world. Differing customer protections mean that, often, organisations simply can’t use phone numbers alone to authenticate customers. 

Here’s a look at some of the most important regulations:

  • United Kingdom
    In the UK, organisations are regulated by the Privacy & Electronic Communications Regulations (PECR), which states that service providers must allow callers to withhold numbers if they wish. 
  • European Union
    In the European Union, the General Data Protection Regulation (GDPR) states that individuals have the ‘right to be forgotten’, meaning customers can request that their phone numbers’ aren’t kept on file. 
  • Australia
    In Australia, the AUSTEL regulatory body grants customers the ability to opt out of disclosing their phone number on either a per call or permanent basis. 
  • United States
    In the United States, consumer protections are generally less stringent than elsewhere in the world. In many instances, companies are allowed to see the network number of a call that has been withheld or spoofed.

In most countries, customers’ privacy is seen as a fundamental right. And legislation, like the EU’s GDPR, is strengthening customer privacy standards. This means organisations looking to get a handle on fraud prevention have to find alternatives to relying on customers’ phone numbers.

Now, a new approach is needed that can tighten up fraud prevention without infringing on the various conflicting data protection laws around the world. But how close are we to finding one?

Building a global standard: Where are we today?

One of the most promising standards for universal caller identification is being developed in the US – a system referred to as STIR/SHAKEN. These acronyms stand for Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information using toKENS (SHAKEN). 

The system works by allowing a single authority to maintain and assess a database of all customer phone numbers within a jurisdiction. They would then digitally validate a customers’ phone number and provide the service provider with a digital certificate, or token, to provide the customers’ validity. In essence, this would allow organisations to prove that a customers’ number is genuine and not spoofed.  

Though this method shows some promise, it’s far from a universal solution. The big challenge is that it requires a central database of phone numbers to be created and a body to oversee these. While some progress has been made towards achieving this in the US, it looks unlikely that a similar system will be created in the UK, until at least the end of 2022. And that’s before you start to consider every other relevant jurisdiction around the world. 

As well as that, significant improvements would be needed in telephony infrastructure in order to guarantee the system would work in all cases, particularly when it comes to rural areas. It’s clear that we need a more watertight solution. 

A solution that works wherever you are

When it comes to customer authentication and fraud prevention, what’s needed is a single platform  that works no matter where your customers or contact centres are around the world. That’s where Smartnumbers comes in. 

To find out more, check out our brand new eBook: Smartnumbers Guide to Customer Authentication Around the World