Fraudsters use a variety of sophisticated techniques to exploit vulnerabilities in contact centres and gain access to either customer accounts or vital security information to enable them to commit fraud. More on this in our blog, How do they do it? Three key fraudster tactics.
Organisations must ensure they have the right defences in place to protect their customers. Given the variety and complexity of the tactics that fraudsters use, there is no single solution for preventing contact centre fraud. Instead, fraud and ops teams should be thinking about a layered approach to security including the following methods:
1. Customer authentication via IVR
This works by linking a customer’s telephone number with their account to allow automated caller checking via the IVR. Each time a customer calls the contact centre, the number used is matched to the account details held as a means to verify who is calling. This method of authentication is not immune to masking or spoofing by fraudsters, so on its own, it will not be sufficient to deter or prevent attacks. But it is a good start.
2. Knowledge based authentication (KBA) methods
Another layer of protection can be applied by asking the caller for information that only the account holder should know. This is known as knowledge based authentication and includes security questions, such as the name of your first pet or mother’s maiden name. But it is important to remember that scammers have become very adept at stealing this data, using techniques such as quizzes on social media to identify possible answers; and they often apply social engineering techniques to convince contact centre agents to bypass these controls.
3. Voice biometrics
Like fingerprints, our voices have a unique pattern and voice biometric tools can be used to validate a customer’s identity. Voice biometrics add another layer of defence, but like other methods, they are not immune from being manipulated by scammers. Techniques such as mimicry, voice synthesis and even DeepFakes can fool voice biometric authentication systems.
4. Training for customer service representatives (CSR)
Each CSR can be provided with training to help them spot social engineering attempts and arm them with the confidence and responses to avoid breaching security controls. This training is important not least because contact centre agents’ instincts are to ‘put the customer first’ and provide the best customer service, and it can sometimes be difficult for them to resist the pressure when they are being targeted by a skilled scammer.
5. Smartnumbers Protect – front line defence
The above solutions mitigate attacks once the call has entered the contact centre environment. But what if an additional layer could be implemented before calls enter the IVR system or are put through to a call centre agent? This is where technologies such as Smartnumbers Protect can help. By analysing calls before they are answered, the fraud risk associated with those calls can be identified and calls routed appropriately. Suspicious calls can then be sent for further investigation, while the authentication of legitimate calls can be streamlined and levels of customer service improved.
By heading fraudsters off at the pass, using technology which is difficult for fraudsters to manipulate, Smartnumbers adds a much-needed first line of defence and bolsters other fraud prevention techniques, without impacting customer experience.
For further details on Smartnumbers Protect, read the brochure.
For more stories like this, and to keep up to date with Smartnumbers’ news, webinars and events, subscribe to our newsletter.
