August 31, 2021
By Pavel Jiřík in Blog
The number of cases and attempts at fraud is on the rise in all customer interaction channels. This threat concerns all industries, be they financial services, government agencies, telecommunications companies, airlines, or one of many others. But experts agree that contact centers are perhaps the most vulnerable channel and the easiest target for cybercriminals.
That’s why the people responsible for managing contact centers should be aware of this kind of risk. In this article, we want to shed some light on different contact center frauds. We will first discuss the 4 main types and then discuss solutions that can help companies deal with these challenges.
Identity theft is one of the most common types of contact center fraud. To commit this type of crime, fraudsters use information intercepted from unsecured WiFi connections, stolen from mobile phones, obtained through data breaches, or willingly shared by their victims. Cybercriminals reach out to contact centers with this information and use it to fool agents into causing financial damage to their victims. And since the information used by scammers is legitimate, it may take a long time to discover identity theft.
Another popular contact center fraud attempt is account takeover. Fraudsters impersonate a legitimate customer to achieve any kind of monetary gain. To do so, they may try to try to convince contact center agents to change the customer’s login data, PIN number, or contact details. To get ready for such an attack, cybercriminals conduct research to find out their victim’s personal information such as date and place of birth, mother’s maiden name, or details that could be useful to crack an authentication process.
3. Card-Not-Present (CNP) Fraud
This type of contact center fraud can occur if a cybercriminal gains access to someone’s credit card. The moment they steal the card, they start buying things over the phone or subscribe to different services, bypassing the visual check while pretending to be the owner of the credit card. Usually, the purchased goods are dispatched, or stolen money transferred before the legitimate cardholder reports the fraud. Card-not-present fraud results in billions lost every year in this type of contact center scam.
IVR Mining is an abbreviation of the term interactive voice response mining. For this type of fraud, cybercriminals take advantage of the automated IVR Systems used by many contact centers. IVR systems are usually reliant on knowledge-based authentication (KBA) processes that use a list of predefined questions to authenticate a person and grant them access to their account.
They usually go through a series of questions on a trial-and-error basis trying to get their way through the system. IVR systems are automated, which means they can’t always detect fraudulent activity, and it’s possible for cybercriminals to contact them multiple times until access to the victim’s account is gained.
Scammers also automate their tasks. For example, they use automated outbound dialing systems that reach out to contact centers many times trying different KBA responses. It then saves correct responses until it collects all of the necessary KBA information to access the victim’s account.
Each of these types of contact center fraud poses a huge risk for both consumers and contact centers. Clearly, strengthening these vulnerabilities requires increased control and investment in processes that users do not “always” like. It should especially apply if companies and organizations embrace digital transformation. But even at the most digitized companies, a discrepancy occurs: consumers are happy because the contact center protects their data but at the same time they can get frustrated because the protection makes it more difficult for them to open accounts and contact agents.
Ultimately, when it comes to digital transformation, offering a seamless customer experience is critical. So the companies that can balance this and manage to stop fraud will be the ones that come out on top.
To strike a balance between the customer experience and the need for security, industry leaders are increasingly often using voice biometrics as an essential strategy for authenticating and verifying identity in numerous security applications. Gartner, for example, recommends that contact centers implement fraud prevention technology to improve customer authentication and reduce call duration for legitimate customers while identifying high-risk calls through in-depth analysis.
To this end, it is critical to integrate voice biometrics in order to detect fraudulent calls, the transition between accounts, and identify confirmed fraudulent voiceprints. Fortunately, biometrics can play a key role in contact centers and across multiple communication channels through authentication and fraud prevention.
It starts with the voice. When the purported account holder calls the contact center, a biometric system compares their voice to the stored voiceprint to confirm that the caller is who they claim to be. There is no need to provide further information or answer verification questions, so the process is quick and secure. This allows agents to provide contact center service with confidence and deliver a fully personalized customer experience.
A voice match is usually found among the stored voiceprints for the vast majority of callers. The small number of those whose voice doesn't match their voiceprint will have to undergo additional authentications. In most cases, they are not fraudsters but people who the account holders have granted permission to conduct transactions on their behalf. Such people could be spouses, secretaries, caregivers, or accountants. But unfortunately, in a large number of cases, the caller is in fact an unauthorized person trying to defraud the account holder and the institution.
While some vendors of voice biometric technology emphasize authentication, others focus on fraud prevention. But, in reality, combating fraud requires a dual-pronged authentication and fraud prevention strategy in order to improve the customer experience and reduce the effort required by legitimate customers while preventing fraudulent access.
And since fraudsters are not limited to a single interaction channel and are increasingly targeting contact centers, companies must implement customer identification and fraud prevention measures across all communication channels (e.g., web self-service, mobile apps, and contact centers).
Furthermore, these omnichannel measures should make use of biometric and non-biometric modalities. For example, if a caller fails a voice verification test then the contact center cannot simply refuse to serve them, as this would result in hundreds of thousands of angry customers. Instead, the contact center can carry out a series of biometric and non-biometric checks to continue with the caller's request while still also reducing or eliminating the risk of fraud.
With a robust platform for contact center fraud identification and prevention, government agencies, financial services firms, and other companies can gain significant advantages.
Properly implemented fraud prevention processes and systems should reduce (or nearly eliminate) any disruptive issues in contact centers and quicken the service they provide. This improvement in security and customer experience (through faster service) translates into higher satisfaction and increased loyalty. Furthermore, clients prefer voice biometrics for its simplicity, transparency, and effectiveness.
Implementation of a voice biometric authentication system leads to a reduction in fraud rates. So organizations using voice biometrics can avoid or significantly minimize the risk of their consumers and themselves being victims of identity theft, card not present fraud, account takeovers, or IVR mining. This directly relates to the amount of money contact centers can save by preventing or mitigating fraud.
Integrated solutions for fraud identification and prevention can significantly improve contact center performance - from increased use of self-service options to reductions in average call duration and high-risk call handling times. All of this directly improves the company’s bottom line.
By eliminating the need to “interrogate” (and potentially irritate) customers, contact center agents will see how voice biometrics simplifies their jobs and improves their satisfaction, reducing absenteeism and turnover. As a result, agents can spend more time helping customers and less time dealing with security issues.
Now more than ever, fraud identification and prevention are the foundations of proactive customer interaction strategies for almost any organization that interacts with clients. It is also clear that organizations can no longer view their channels as separate silos. Omnichannel communications require omnichannel security initiatives and strategies.
Furthermore, these strategies, which encompass identification and fraud prevention, must bridge biometric and non-biometric layered defenses to create a satisfying, fraud-free, and seamless customer experience across voice and digital channels.
As passwords and question-based authentication methods are becoming increasingly vulnerable and prone to cyberattacks, biometrics and other fraud prevention strategies that span different communication channels (e.g., web self-service and mobile apps) are becoming increasingly important.