20th January 2022
Have your bank’s defences locked down? Think again.

Here’s how to stop fraud in its tracks.

By Grant White

Fraudsters are always on the lookout for any type of vulnerability in your bank’s protection. 

And when your defence strategy is only as strong as its weakest link, ensuring your customers and contact centre are safe is no simple task. 

Fraudsters rapidly adapt and create new ways to overcome security measures, meaning no one technique, technology or solution is enough to stop them in their tracks. 

Here’s a look at some of the most common fraud defences and the ways that they can be exploited:

1. Customer authentication via Interactive Voice Response

The first layer of defence usually starts with the IVR, where banks associate a customer’s telephone number with their bank account.

However, as this method relies solely on calling line identification (CLI) and fraudsters can easily spoof or mask their identity this control alone is not sufficient to prevent attacks.

2. Knowledge-based authentication (KBA)

Authentication can be achieved by asking callers questions that only the account holder should know. This may include security questions such as the name of the street they grew up on or the name of their elementary school.

Yet, fraudsters use data harvesting to collate potential answers — for instance, through 1-minute quizzes on social media sites. Fraudsters even use social engineering tactics to emotionally manipulate a contact centre agent – perhaps by threatening an agent’s job or making up a family emergency – pressuring them to reveal the information they need to access a bank account.

3. Voice biometrics

Voice biometrics uses the unique  sound and pattern of a caller’s voice to authenticate them.

Whilst adding a much needed extra layer of defence, voice biometrics are still susceptible to fraudsters because it’s possible to spoof voice-printing. For instance, if a fraudster gains enough recorded sound from their target and through the use of a sufficiently good audio editing software program, they can use audio deep fakes to fool the AI into believing the audio’s veracity.

4. Contact centre agent training 

With all the technology in the world, your bank is still vulnerable to human error.

While contact centre agents are taught to spot when they may become a victim of social engineering it can be at odds with a pressure to put customers first and focus on customer service. So in situations where a skilled scammer targets an agent, it can be difficult for them to resist the pressure and inadvertently disclose sensitive information. 

This is why your contact centre agents not only need rigorous and regular training to help them spot social engineering attempts, they also need the right tools to confidently side-step any fraudulent endeavours.

These are key methods to have in your fraud prevention arsenal. But as you can see each tactic has a vulnerability. By layering the defences together it is possible to prevent a fraudster from illegitimately accessing customer accounts. Download our latest whitepaper, “Dealing with fraud in banking call centres”, to discover how using a layered approach – partnered with a secret weapon – can create the formidable defence you need against fraudsters.