5 Steps to Improve Contact Center Security and Fraud Prevention
Today’s customers want, expect, and deserve an outstanding experience every time they engage with a brand. This is especially true when it comes to the contact center, as people continue to seek out a human voice when they communicate with a company – particularly if there’s something they’re unhappy about. Reaching out, they expect brands to deliver a fast, friendly, and seamless pathway to resolution. However, with the ever-present threat of a data breach and instances of identity fraud increasing, ensuring a top-notch service is becoming more and more difficult without compromising the customer experience.
Why Rethink Contact Center Security?
Criminals are increasingly targeting the contact center. Research compiled in our Contact Center Security & Fraud Prevention special report confirms a 17% annual increase in contact center fraud.
The fact of the matter is that, due to an overreliance upon antiquated and notoriously ineffective security tactics like knowledge-based authentication (KBA), contact centers are vulnerable. Fraudsters can often spoof their way through a set of security questions – and if they strike out attempting to defraud a phone agent, they can always try their luck in live chat or messaging.
To compensate, brands are forcing customers to answer additional personal identification questions each time they call – but this only serves to slow down the process and frustrate the experience for the customer. As Barry Cooper, Enterprise Group President at NICE, puts it: “To make it harder for fraudsters to overcome this authentication method, more questions are added for better security. However, more questions also mean that the customer feels like he is being interrogated, and the authentication process takes longer. Customers do not have patience; they demand quick and seamless service.”
And there is a further knock-on effect – while agents are wasting time interrogating customers, they are unable to devote appropriate attention to the actual issue at hand. This increases costs, slows down resolution times and decreases resolution rates – all without making any meaningful security improvements and forcing customers to endure ever-more frustrating experiences.
Meanwhile, the omnichannel revolution has opened up not only more opportunities for fraudsters to acquire customer data, but also new ways to use the data they collect. For example, a criminal can convince a phone agent to change an actual customer’s account email address to their own. Once the change has been completed, they can then simply use a web “reset password” form to take over the customer’s account and exploit the data it contains.
Such occurrences are by no means uncommon. Even big and famously customer-centric brands succumb to security breaches – and it’s damaging consumer trust and loyalty across the board. “Everybody can see in the news what’s going on when there’s a data breach or when people misuse data and creates some of the weirdness that goes on in different industries,” explains Brad Lemons, Sr. Vice President at Nationwide. “That’s when consumers lose trust in what companies are doing with their information.”
5 Steps to Success
Beyond being simply ineffective, traditional and inherently problematic contact center security measures are also inefficient. They subject customers to slow, repetitive, and intrusive lines of questioning, and demand agents waste considerable time interrogating rather than connecting with customers.
Thankfully, there are options for escaping this bleak scenario. By following five critical steps, brands can build a contact center security strategy that successfully prevents fraud and creates more customer and agent satisfaction.
1. Adopt Real-Time Voice Biometrics
Modern voice biometrics technology addresses issues of security and customer convenience in one fell swoop. By matching the caller’s voice to the existing “voiceprint” on record, it allows organizations to quickly and securely perform the authentication while eliminating effort and frustration for both customers and agents.
Leading providers of this real-time authentication (RTA) technology have now also conquered two historical concerns about it – namely, the difficulty in collecting voiceprints, and the fear of fraudsters using an audio recording to trick the system. With regards to the former challenge, organizations can leverage historical call data to passively create customer voiceprints. As for spoofing, solutions now exist that can accurately distinguish between live and audio playback.
What’s more, since voice biometrics technology leverages automation, it can be deployed across self-service environments – including IVRs and mobile applications – as well as the call center.
“RTA automatically verifies the caller’s claimed identity within the first few seconds of a call with an agent, an IVR, or mobile app interaction by comparing the caller's voice to his voiceprint on file,” explains Cooper. “This eliminates the need for manual authentication (like KBA), shortening the average handling time of a call by 40-60 seconds and improving the operational efficiency. It improves the customer and agent experience dramatically.”
2. Leverage and Expand a Fraudster Watchlist
Even organizations that are able to accurately identify callers at the initial point of contact often fail to tie their authentication tactic into a broader fraud prevention strategy. Voice recognition technology can be further used to address this issue by leveraging customer voice data acquired during calls to create a “watchlist” of potential fraudsters. The technology then analyzes callers’ voices against this watchlist, stopping fraudsters in their tracks.
“In parallel [to the authentication process], RTA detects if the caller is a known fraudster by comparing his voice to a watchlist of fraudster voices,” explains Cooper. “Automatic notification about the authentication and fraud detection result is sent to the agent in real time, along with guidance on the next steps. The entire process takes only a few seconds and is completely passive and seamless to both the caller and the agent. RTA automatically scans millions of interactions to find fraudsters that were able to penetrate the defenses and were not detected, and adds their voices to the watchlist so they will be blocked before they commit fraud.”
3. Unify Security Across Channels
Due to the omnichannel revolution, it’s essential that security is unified across channels. As Cooper explains: “In an omnichannel world, where customers use several channels in their journey, it is important to protect all the channels, because fraudsters use several channels in their fraud scheme. In fact, although 60% of all fraud involves the voice channel, fraudsters usually execute their end game and takeover a person's account using the self-service channels like web. Therefore, it is important to take an omnichannel approach when preventing fraud.”
Alongside RTA solutions and the fraudster watchlist, further security measures such as behavioral analytics and phone number verification must be deployed to identify suspicious activity within the context of each specific channel. Furthermore, potential “fraudster journeys” must be mapped. For example, the organization must consider how a fraudster who switched a customer’s email address over the phone will use it to commit further fraud.
4. Coach Agents on Security
As effective as fraud prevention technology is, agents still have a vital role to play in keeping customer data safe. As such, it’s crucial agents are educated to recognize various social engineering tactics that fraudsters deploy, and they must also be provided with scenarios in which they are trained to deliver a “hard no” to certain requests or callers.
In addition, training needs to be provided familiarizing agents with RTA technology, so they know how to interpret alerts and properly interact with legitimate and illegitimate callers.
5. Implement Fraud and Security Metric
In order to ensure these new security measures are addressing weaknesses in combatting fraud and ensuring fast and frictionless customer experiences, organizations must implement a variety of “fraud and security metrics” to monitor their effectiveness and prove ROI. These performance indicators will keep track of how much fraud is taking place and how much it is costing the business, while simultaneously holding the security technology accountable for “contact center metrics”, such as agent productivity, average handle time (AHT) and customer effort.
“RTA improves operational efficiency by shortening the AHT, allowing agents to handle more calls,” says Cooper. “At the same time, using RTA in the self-service channels like IVR provides the highest security, enabling organizations to shift more calls to the self-service channels and reduce the number of calls that go to an agent.”
Customer Contact Week Nashville 2020
Contact center security and fraud prevention is set to be a hot topic at CCW Nashville 2020, taking place in January at the JW Marriott, Nashville.
Download the agenda today for more insights and information.