The benefits of reducing KBA dependency
Many contact centers have become complacent in the way they verify customers over the telephone channel. The problem with getting too comfortable with how you identify callers is it can put your customers at risk.
While banks know that relying on conventional knowledge-based authentication (KBA) can leave customer accounts vulnerable to social engineering attacks, many continue to take that risk anyway. According to the 2018 State of Call Center Authentication study, KBA remains a preferred authentication method for many financial institutions despite nearly 40 percent of call center professionals admitting they doubt KBA’s accuracy.
I know change can be difficult, and slow for many industries. Once processes are put in place and prove effective, over time technology upgrades cost time, money, and require a lot of planning and investment to implement. But the fact is, changes are necessary to evolve your contact center.
At one point, KBA was the de facto standard for caller authentication. Asking customers a series of personal questions was enough to confirm that the caller was who they claimed to be. But the free flow of personal information over the internet changed all that. Fraudsters became experts at gathering other people's personal data from social networking sites to create user profiles that they could sell or use to socially engineer call centers. After that, the KBA security questions that only customers could answer became susceptible to criminals with enough information in hand to correctly answer the once fool-proof challenge questions.
With telephone-interrogations no longer as effective as they once were, some even say they pose a bigger threat because of how they impact the customer experience. By taking up more of the customer’s and telephone agent’s time to authenticate callers, contact centers are paying more for longer calls that are negatively impacting how their customers feel about their brand.
The impact of KBA dependency goes well beyond not being able to secure your customer channel; it touches everything from your operational workflow and costs to your bank-customer relationship and overall business profits.
Today, the problem with becoming complacent with caller authentication is it puts your customers and business information at risk. Implementing other methods to create a multi-factor authentication solution that doesn’t rely on KBA alone is more important than ever for protecting your customers from social engineering scams and effectively identifying callers over the telephone channel.