We’ve all been asked frustrating security questions when trying to access our accounts. Questions like, the first name of your third grade teacher, the most memorable day of your life, or your favorite movie. This can be challenging for authentication. As human beings, these security questions are transient. The answers may change depending on your mood or where you are in life. For example, as you grow older, your most memorable day will most likely change fundamentally. This type of question and answer based verification is known as knowledge based authentication or ‘KBA’ and is the premise for access used by many contact centers.
Historically contact centers have relied on KBA or asking customers “secret” questions to access their accounts. Many of these questions, like your social security number or date of birth, have been proven to be vulnerable and are no longer considered secret questions. Think about how many people display their birthday on social media networks, then think about how many of those individuals make their profiles public. If one of those individuals uses their birthdate to authenticate their account, the account is compromised from the start.
What about authentication that uses a soft or hard security token relayed through a personal device? This type of authentication process, while popular, has a huge blind spot. It operates under the assumption that the transport mechanisms have not been compromised and the account owner is the one authenticating. Is it a known and trusted device? Maybe, but it doesn’t matter if it’s the wrong person on the other end of the call; To address these gaps, ValidSoft calls for the use of guaranteed identity assurance. If you cannot guarantee identity, you cannot guarantee account security.
Contact centers are prime targets for bad actors and fraudulent activity because of the amount of personal information they store and the flagrant flaws in KBA: they are the weakest link in terms of security. Gaining unauthorized access to an account is not only about the access, it’s also about gaining information to perpetrate fraud on other channels. Contact centers are unique in that information – like payment data, credit card information, and personally identifiable information – are all accessible from the same place.
In security, the human element is always the greatest variable. We have the ability to empathize, make decisions, and deviate from a set script. Fraudsters are experts at social engineering; deception to manipulate others into divulging confidential information for use in fraudulent purposes.
Imagine a bad actor gains access to your account and asks the contact center representative to read back the card number and address and names of other authorized parties on file – that’s a lot of data to steal in just a few minutes. At a fundamental level, authentication methods involving humans as part of your defense weakens your overall security model.
Identity Authentication best practices to catch bad actors
78 percent of firms see solving IVR fraud as a top contact center initiative. At this point, you might be asking, “how do I catch bad actors and stop them from accessing unauthorized data?” ValidSoft believes in making voice authentication the universal means of proving identity and has successfully deployed its voice biometric technology in world-leading contact centers with impressive results.
Daniel Thornhill, Senior Vice President of ValidSoft, spoke of three best practice recommendations to help improve authentication access, fraud detection and improve your security posture.
1. Authenticate the Individual
You need a real-time voice authentication model that guarantees a caller’s identity using their voice, not relying on tokens or personal trivia.
2. Deliver Guaranteed Identity Consistently Across All Channels
Customers connect to their accounts in different ways using apps, smart speakers, contact centers, websites, mobile phones, and desktop computers giving a variety of options for a fraudster. Say a bad operator makes it through the security model in a contact center. If they did that, they’re smart enough to try accessing other accounts through additional channels. They’ll look for the lowest common denominator, or the channel with the lowest level of security.
Delivering consistency across all channels improves your chances of successfully securing your data and preventing an account takeover. Our voice authentication technology is unique in that we guarantee identity and it can be applied across all channels. It’s faster, easier to use, and improves customer experience.
3. Layer Your Security
At Validsoft we understand the need for a multi-layered multi-factor approach to strong authentication and security. Voice authentication provides that unique extra layer of security that is unique, mathematically strong, precise and helps ensure that if one component of security is compromised, there are more opportunities to protect your accounts against additional fraud attempts. Using multi-factor authentication gives bad actors more opportunity to fail and helps protect your account from data breaches.
How you can use ValidSoft’s voice identity solution to prevent fraud in contact centers
Our voice biometrics technology guarantees the real-time identity of people using their voice. We capture voice prints that measure the distortion their physiology creates on sound, essentially identifying an individual based on their physical makeup by extracting information from their voices. Your physiology and your voiceprint are unique and cannot be replicated – even with a voice recorder. Our voice recognition software can detect audio distortions made by voice recorders, this is a crucial part of fraud prevention.
In addition to increasing the security and privacy posture of contact centers, ValidSoft also helps reduce the overall operating costs. Taking the average authentication handling time from 30, 60 or even 90 seconds down to as little as 3 seconds is a game changer. The time you save in authenticating a caller’s identity can be reapplied back to the customer’s call helping to improve the customer’s call in experience leading to higher customer retention.
Interested in learning how Validsoft can help improve security, reduce costs, and increase customer satisfaction in your contact center? Test drive the software in a free, no obligation demo by filling out this short form.
Like this article? Watch the full webinar here.