Is It Time for Real-Time Call Centre Fraud Prevention?

Amiram Pinto of NICE discusses how your contact centre may be vulnerable to fraudsters and how your organization can protect itself.

You’ve invested in both technology and personnel to optimize call centre services and increase customer satisfaction. In fact, your agents are more service oriented than ever, using all the tools at their disposal to resolve issues quickly and efficiently on the first call.

Fraudsters know this. That is why call centres are a prime target for fraudulent activity.

Criminals use social engineering methods to dupe helpful agents who are focused on resolving customer issues efficiently and not on filtering out fraudulent callers.

Statistics show that contact centres worldwide field more than 100 billion calls every month, and one in 1,700 calls is a fraud attempt. Today’s businesses are fighting three main types of call centre fraud:

1. Account Takeover (ATO)

By impersonating a legitimate customer, fraudsters convince call centre agents to change contact details or PIN numbers to an account.

Before calling, criminals scour social media sites for personal information such as birth date, mother’s maiden name, etc. They sound convincing enough to trick the agent into making the necessary changes.

We need to be prepared for this, especially when we consider that 60% of ATO involves the contact centre.

2. Card Not Present (CNP) Fraud

Stolen credit cards are used to buy things over the phone and most of the time, the order is processed and shipped before the legitimate card holder discovers the fraud.

Billions are lost every year in this type of identity theft.

3. Identity Theft

Personal protection services such as LifeLock, ReliaShield, and Experian, to name just a few, are testimony to the pervasive problem of identity theft.

Information obtained in data breaches, intercepted from unsecured WiFi connections, or stolen from personal devices, is used by criminals to fool agents in the call centre.

Since the info is legit, it can take a long time to discover identify theft activity. In the meantime, the financial damage can be devastating.

Call Centre Fraud Prevention – Has It Changed?

Enterprises have been fighting fraud for years. With new technology advances, has the fraud problem changed significantly? The answer is definitely YES! Because fraudsters don’t quit.  They adapt. As soon as one attack vector is shut down, they find another way to get in.

For example, when EMV technology made it harder for fraudsters to counterfeit physical credit cards, they turned to the call centre to make purchases over the phone. And it started the minute the chip-based cards were issued.

Europay, MasterCard, and Visa reported that in 2015, one in every 2,000 calls was fraudulent. By 2016, fraudulent calls increased to one in 937!

Since then, criminals have graduated from leveraging stolen credit cards to leveraging stolen credentials and personal data to take over legitimate accounts.

With stolen credentials, criminals turn to the call centre (often using untraceable VoIP software) to perpetrate their ATO schemes.

According to Javelin Strategy & Research, in 2016, victims spent 20.7 million hours resolving ATOs.

The impact on customer trust and brand image can be staggering, not to mention the billions of dollars collectively lost by victims and companies.

What’s an Enterprise to Do?

The standard authentication process that uses knowledge-based security questions does not work well enough to stop today’s fraudsters.

With loads of personal data on social media and other online sources, criminals can easily tap into this readily available information to get past the authentication hurdle.

Moreover, in self-service channels, users are frequently frustrated by security questions and denied access because they don’t remember if they spelled their answer with or without capital letters/spaces/etc.

When authentication data is not shared across channels, it only adds to the frustration.

So, customers call for help, which often requires them to change their credentials. Agents are used to these change requests and eager to assist, rather than seeing them as a fraud attempt.

How can call centres verify that the callers are truly who they say they are? By using unique identifiers that can’t be stolen or counterfeited. This is where biometric authentication methods such as voice biometrics come into play.

Leveraging Technology

Even though most people are aware of identity theft and fraud, customers do not want to undergo excessive interrogation before they can accomplish the simplest transactions in their own account.

Likewise, call centre agents want to focus on taking care of customer needs and providing good customer experiences, not on screening for fraud.

Yet it is absolutely essential for companies to verify that the person they are talking to is indeed the person they want to be talking to.

That is why smart enterprises are harnessing technology to assure foolproof authentication and to flag the signals of fraudulent behaviour.

Advances in artificial intelligence, machine learning, voice biometrics, and omnichannel management have come together in modern platforms to enable real-time authentication and fraud detection with astonishing accuracy.

Call Centre Fraud Prevention Is Better With Voice Biometrics

Your voice cannot be stolen. Your voiceprint is uniquely yours.

Voice biometrics technology, which identifies a person by their unique vocal attributes, can be used to authenticate a caller in real time, without any effort from the caller. Voice biometrics offer compelling advantages over agent training and data-based security questions.

First, voice biometrics add a layer of security that’s hard to compromise since every person’s voiceprint is unique and impossible to forge. Fraudsters tend to take the easiest route to the money, not the hardest.

Second, the same voiceprint can be used to authenticate a customer across any channel. As enterprises transition to omnichannel customer service, voice biometrics can help to assure seamless customer journeys.

Third, voice biometrics automate the process and take agents out of the authentication loop so they are no longer privy to personal information or access credentials.

While none of us like to consider the risk of internal fraud, it is a common component of data breaches. It also frees up the agent to focus on giving good service rather than checking for fraud.

Last but hardly least, voice biometrics pull double duty for call centre fraud prevention. Just as a voiceprint uniquely identifies a legitimate user, it can do the same for a fraudster.

When fraudsters are caught, so is their recorded voice. These voiceprints can then be used to detect any future attempt by the same criminal and block it.

Statistics show that 70% of call centre frauds are committed by repeat performers, so this detection capability is key, just like the previous three features.