2019 Authentication Survey Reveals Changing Nature of Fraudster Attacks and Call Center Responses
The introduction of EMV chips has made credit card fraud more difficult to execute. Many fraudsters have adjusted their “business models” by shifting to account takeovers as their crime of choice.
Historically, protecting accounts from fraudsters has been addressed using identity interrogation to try to isolate real customers from criminal impersonators. The proliferation of personal information on social media and ongoing hacks of customer data has made this defense virtually useless; criminals often know the answers to personal questions better than the real customers.
Despite the rising threat from criminals and the negative impact that identity interrogation creates for customers and call center operations, call center stakeholders are optimistic that the conflict between fraud fighting and customer experience will be resolved.
The 2019 State of Call Center Authentication survey reveals that new authentication technology is the source of this optimism. The survey provides insight on technology needs and other important questions around today’s call center threat landscape.
Here’s a glimpse of some of the key findings from our second annual survey:
Channels of attack vary significantly between financial services and other industries. While 51% of financial services respondents see the phone channel as the top threat for account takeover attacks, the call center was identified as the primary channel of attack by only 23% of non-financial organizations. For them, the website was the top threat, at 51%. This illustrates that the fraud fighting effort and impacts on the customer experience are fundamentally different between financial institutions and other organizations.
“Much more” criminal activity has come through virtualized calls (40%) compared to spoofed calls (32%) over the past year. Attackers are shifting from using spoofing to using virtual call services such as Skype or Google Project Fi that are routed through a carrier for delivery. These are legitimate calls that can be placed from many devices from anywhere in the world. This anonymity makes them the perfect choice for criminals. And because they are legitimate calls, they easily bypass older technology built to find spoofed calls. Modern authentication solutions must identify 100% of virtual calls in order to be effective.
While dissatisfaction with authentication is strong today, respondents are very optimistic about the future. Almost half (46%) of respondents are unhappy with their current authentication method. With a growing number of threats facing today’s contact centers, the number of call center leaders who are “very” or “somewhat” dissatisfied with their current authentication method rose 50% over the previous year. In contrast, 76% of respondents believe it will eventually be able to prevent account takeovers without obstructing their customer experiences. Closing this gap will depend on adopting new authentication technologies, such as pre-answered caller authentication that allows contact centers to automatically and accurately authenticate callers without requiring lengthy and disruptive identity-interrogations over the telephone.
Over half (54%) of respondents want authentication to complete before the call is answered. Just one year ago, the timing preference for completing authentication was equally divided between pre-answer and during use of an IVR. The surge in pre-answer preference likely reflects growing understanding of the value of phones as ownership factors for authentication. Validating calls before they are picked up by IVR or a call center agent eliminates the need to authenticate a customer while on the phone. That increases automation, improves IVR containment, and reduces agent time spent on authentication.
Multifactor authentication (MFA) gains strength. A comparison of survey results from 2018 to 2019 shows that the market is figuring out how to use two or more authentication approaches to identify callers. The number of respondents who did not know their MFA approach dropped from 36% to 27%. The fastest-growing approach is to replace knowledge-based authentication with two entirely new technologies. This preference, which represents use of voice-bio and phone ownership factor authentication, increased from just 8% in 2018 to 17% in 2019. This jump likely reflects growing understanding that both voice-bio and phone ownership factor authentication technologies are solid and are now being deployed together in a layered authentication approach.
Want to learn more? Download our 2019 State of Call Center Authentication survey today. Read our insights and expert analysis of what these findings mean and what contact centers are doing to help curb increasing threats in 2019.