Fighting Fraud in the Contact Centre

Ossi Dobzinski of NICE shares insights on fighting fraud where it matters most; the contact centre.

A Catch-22

Over the years, companies have invested heavily in technologies to fight the fraud that occurs over digital channels, fine-tuning capabilities and protection for the web, mobile, and chat.

Meanwhile, contact centres and their live agents – although they can be manipulated more easily due to the human factor – have been left to work with outdated or obsolete technologies.

Therefore, it’s no surprise that contact centres have become the weakest link, with over 70% of account takeovers today involving a live agent at the contact centre, as fraudsters continue to strike there again and again, but remain undetected.

Why is that? According to AITE’s recent report, much of the fraud enabled at the contact centre then circles around to result in cross-channel fraud.

Fraud loss is typically allocated to where the final act was performed, so the contact centre loss is understated, and investment goes into other channels… bringing us right back to where we started. It is the ultimate Catch-22.

Businesses are becoming aware of this gap and realize they need to solve the problem. Let’s look closer at the fraudster’s journey to better understand it.

The Fraudster’s Journey

An account takeover is a delicate operation. First, the fraudster must obtain sufficient personal identifiable information, or PII. They may use social media or the Dark Web to obtain the required information to pass authentication.

They may even phish information using emails manipulations to colleagues and friends. When they have the PIIs, often they will validate them with a live agent or through the IVR – which is relatively low-risk action that doesn’t result in account take-over yet.

Once validated, the fraudster will then make a high-risk move, for example, changing the account’s home address, email, or phone number. After such changes are in place, the fraudster can take over the account completely and undetected, paying for products or services, transferring funds, and more.

Now the significance of that interaction with the live agent is clear. It is a golden opportunity to manipulate the agent, using them as a tool on the inside to change account information and essentially transfer control. It allows the account takeover to be finalized, sending fraudulent activities into motion.

A Trail of Clues

Unwittingly along the way, fraudsters leave crumbs of evidence, links to their identity. Their voices include behavioural and physiological characteristics. Call metadata provides the phone number and location of where the calls were made.

Call frequency, the number of accounts they’ve tried to take over, their methods for authenticating, and the actions they try to take on the accounts – all can be crucial.

Yet the fraud solutions on the market today are limited in working with these clues in three critical ways.

1. Disconnected Dots

Current technologies are limited to identification on a specific call or account. But each individual point, on its own, is not very significant. A single trace, a single account, a single call – each will only lead to limited results, perhaps merely flagging a suspicious interaction, or an account that may be at risk.

The right technology needs to bring all these points together from various sources, to sketch out the relevant pattern, connecting the dots in a meaningful way.

2. An Unmanageable Workload

Current technologies may solve some parts of the problem, but can also create overload. In their attempt to let the good guys in and keep the bad guys out, most solutions use a system of authentication.

Some even use multiple methods of authentication. Yet these result in a scattered muddle of information, an untenable amount of calls to analyse, and no clear indication of who the fraudsters actually are.

For example, at a typical contact centre today, their authentication solution might flag as much as 2.5% of the interactions as moderate or high risk. If the contact centre gets half a million calls per week, that leaves the fraud team with 12.5K suspected calls to analyse.

Making sense of such numbers on a weekly basis is infeasible – and it’s unlikely that a fraud team will be able to take various suspicious interactions or even a particular account being targeted and turn that into actually finding and stopping a real, live fraudster. A more advanced technology is needed to funnel the vast amount of information.

3. The Big Blind Spot

Finally, current fraud solutions focus on identifying fraudsters that fail authentication for various reasons. But what about the fraudsters who pass authentication? For every one fraudster that fails authentication there are plenty of others who succeed.

Those that remain undetected are the hardest to trace and are the most dangerous to organizations. They will keep calling the contact centre undetected and will continue to perform account takeovers because they have cracked the system.

The successful fraud solution will use the right tools and analysis to connect the dots. Looking at clues from multiple calls, delivering manageable data that fraud teams can realistically investigate, and shoring up any blind spots.

This blog post has been re-published by kind permission of NICE – View the Original Article

For more information about NICE - visit the NICE Website

Call Centre Helper is not responsible for the content of these guest blog posts. The opinions expressed in this article are those of the author, and do not necessarily reflect those of Call Centre Helper.