5 Consumer Authentication Predictions for 2020
Call centers have largely operated on knowledge-based authentication (KBA), using information known about a customer to validate a contact. Given the amount of information available online and in social media – as well as through data breaches – fraudsters have been able to access and exploit a trove of personally identifiable information (PII). As multi-factor authentication (MFA) has emerged as a favored method of authentication, all eyes will be on how organizations will maintain privacy while protecting customer relationships in 2020, and Neustar has five predictions or the coming year:
1. An awakening in the call center will be spurred by the threat of weaponized PII.
In Neustar’s 2019 State of Call Center Authentication Survey, only 17% of participating financial services, healthcare, telecommunications and technology firms planned to replace KBA with an MFA approach using ownership and voice-biometrics. Expect a spike in followers in 2020. Growing outrage from consumers toward organizations failing to protect their data and privacy should spur those organizations to action as they realize their overreliance KBA will leave them behind.
Looking ahead, organizations will begin taking steps to prevent their customers’ stolen data from being used against them. Healthcare institutions, for instance, rely too much on unvalidated phone numbers to identify member information; risking access to sensitive healthcare information. Many healthcare organizations should increase caller verification in 2020 to ensure their processes are efficient and information remains protected.
2. Callers will continue to demand less friction in the phone channel.
Real-time authentication solutions are clearly needed across all channels, but a laser focus will be on the phone channel. Consumers expect an efficient interaction and are no longer willing to wait unnecessarily: 60% believe waiting on hold for just one minute is too long. This growing impatience with the voice channel reinforces the need for immediate, pre-answer authentication solutions for the best customer experience, while also ensuring accurate account verification and fraud flagging.
3. Expect an increase in health care organization hacks.
In the first half of 2019, nearly 32 million patient records were breached, double the total for all of 2018. We expect health data breaches to increase, not necessarily for the purpose of health or insurance fraud, but more so due to the high price a health record can command on the dark web. A health care record’s rich, personally identifiable information is a gold mine for perpetrators of financial fraud.
4. T-minus 4 years remaining: The final countdown for KBA.
KBA will dramatically decrease as a standard authentication method, given its negative consumer perceptions, inefficiency and lack of security. Instead, B2C companies will move to multi-factor or strong customer authentication that assesses offline and online customer data, as well as their device, IP networks and location. We stand by our prediction that identity interrogation in the call center will be fully eliminated by 2024.
5. A consumer-led privacy revolt will bring about the end of identity interrogation.
With data protection and privacy issues constantly in the news, consumers are conveying a growing sense of urgency around the use and misuse of their personal information. New regulations, such as the European Union’s General Data Protection Regulation and the California Consumer Privacy Act, address individuals’ desire to control their own data and decide which information is shared with whom. Unfortunately, vast quantities of personally identifying information are already out in the wild.
Just as consumers forced the hand of regulators with robocalls, finally compelling the Federal Communications Commission to act, a grassroots consumer revolt against KBA — and the weaponization of PII that it promotes — may begin brewing in 2020. The revolt could culminate in consumers refusing to do business with companies that don’t adopt more accurate and secure methods of authentication.