Telephone channel weakest link in bank authentication
With new call center scams plaguing financial institutions, today's banks are challenged with investing in authentication technologies that effectively stop fraud over the telephone channel without disrupting the customer experience.
In the article, “New Wave of Call Center Fraud,” a bank in Georgia experienced a series of spoofed Skype calls to its contact center requesting information on legitimate accounts. Fortunately, the suspicious calls were recognized before any damage was done. The attempts, however, reinforce how criminals are continuing to try new things to takeover digital banking accounts.
While financial institutions see fraud across all banking channels, Gartner fraud expert, Avivah Litan, said the call center remains particularly vulnerable to innovative social engineering attacks.
"Most of it is related to cross-channel fraud, i.e. fraud committed via the call center and Internet. The telephony channel is the weakest link in the chain, when it comes to bank authentication of customers."
To recognize and prevent different forms of telephone fraud, banks relying solely on Caller ID or knowledge-based authentication (KBA) solutions to identify customers need a way to recognize callers beyond the Caller ID displayed on the phone or what they’re told over the phone. Today, this information can be too easily manipulated using inexpensive spoofing tools and social engineering techniques.
Waiting to authenticate customers post-call is a losing proposition for both your bank and your valued customers because it interrupts the customer experience, which can damage your relationship. Even worse, it actually gives thieves an upper hand in the fight against fraud.
When evaluating authentication solutions, financial institutions need to consider out-of-band verification processes that can validate callers pre-answer. This means before the call even gets routed in your phone system -- before your call center agents pick up the phone -- you know which inbound calls are trustworthy, and which are not.
Using real-time telephone network forensics, the TRUSTID® Physical Caller Authentication solution automatically identifies calls in seconds, instantly providing bank reps the risk of the call before it’s answered. No matter what new tricks crooks have up their sleeves, whether they’re launching their scams from landlines, mobile phones or Skype, TRUSTID invisibly determines the risk of the call to prevent fraud and improve the customer experience using a quick and effective authentication process that doesn’t require volatile personally identifiable information (PII).