How Emerging Technology Fights Fraud in the Call Center
- 11 January, 2013 21:05
As companies have gotten better at detecting and preventing online fraud in recent years, would-be criminals have redirected their efforts to the corporate call center.
Financial services companies and retailers, for example, are reporting a rise in call center fraud, says Shirley Inscoe, a senior analyst with Aite Group, covering fraud and data security, in large part because "fraudsters tend to take the path of least resistance."
"Some enterprises will want to move their call centers closer and tighten controls and limit what's outsourced. But others are looking for third-parties who can provide the kind of security services they can't."
"Criminals are channel-agnostic," says Ori Bach, direction of solution management for call center provider NICE Systems and the call center is currently the weakest link in the enterprise. "It's a remote channel with a large human factor. As fraudster's have gotten less successful online, they've either moved solely to contact center attacks or to cross-channel attacks--starting in the call center and migrating to another channel using a credential they've attained."
Armed with data easily gleaned from social media--an account holder's first pet or the name of his high school mascot--a fraudster can whiz past the typical call center authentication process.
A criminal capable of Caller ID or Automatic Number Identification may not even have to answer a personal question to get the keys to the kingdom. Both Microsoft co-founder Paul Allen's debit card and bank account details were stolen and Wired reporter Mat Honan's identity was compromised using call center fraud tactics.
Call center agents, after all, are presumably focused on making the customer happy, which makes them especially gullible to fraud attempts, says Inscoe. The key to fighting the escalating battle against such fraud may not be human intervention but emerging technologies.
"It's a technology arms race," says Bach of NICE Systems. "And today's call center industry needs to have next generation tools."
One such tool is a voice biometrics engine, capable of identifying an individual "voiceprint" based on traits as vocal tract length, mouth size and shape of nasal passage--physical characteristics even the savviest criminal should find difficult to impersonate. "Many banks are intrigued [by voice biometrics] as a possible solution to better authenticate their customers," says Inscoe. "Some focus on all customers while other advocate screening calls against a hot file of voice prints of callers who committed fraud previously."
NICE Systems recently began using voice biometrics incorporating 50 traits on all calls in conjunction with interaction analytics that can alert an agent to fraud patterns in word choice or caller tone.
A real-time guidance engine takes the agent through the appropriate steps under various potential fraud scenarios. "Our agents are not security professionals, so when a high-risk alert is generated they are instructed to transfer the call to our security professionals," Bach explains.
There's little doubt that a determined criminal will find a way to game these systems over time. "It is something we constantly work on and there is no logical conclusion," says Bach. "It's been endless cycle of new fraud and anti-fraud technologies for the past ten years. Fraudsters are very innovative."
And while the increased vulnerability of the call center could impact the call center outsourcing and offshoring business (NICE Systems is based in Israel but operates call centers around the world for companies including JPMorgan Chase, American Express, and Air France), Bach says the effect has been mixed. "Some enterprises will want to move their call centers closer and tighten controls and limit what's outsourced," Bach says. "But others are looking for third-parties who can provide the kind of security services they can't."
The biggest challenge, however, is keeping fraud prevention efforts in the background and maintaining good customer service focus on the front end. "Most customers are legitimate customers so this needs to be managed very carefully," Bach says.
Bach says there's a lesson to be learned from aggressive measures taken over the past ten years in the area of airport security. "If you overtrain and add too much security and technology, you introduce a level of suspicion to the interaction which may not be necessary," Bach says. "We want to keep providing positive interactions with legitimate customers while identifying that small number of fraudsters that represent a huge amount of risk. It's the proverbial needle in the haystack."
Read more about outsourcing in CIO's Outsourcing Drilldown.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
- Top 10 Reasons to Automate Your IT Processes
- Alcatel-Lucent Enterprise Optimizing Cloud Infrastructure with Citrix CloudBridge
- Next-Generation Managed Print and Document Services: Closing Print Infrastructure Gaps and Optimising Business Process Workflows
- When IT Hits The Road - Goodyear Singapore Tires
- CSO Spotlight: Security-as-a-Service Gaining Popularity
Why IT projects really fail
Queensland government to provide 200 services online by 2015
Call Centers Suffer From Big Data Overload
CIO 100: Carsales wins top gong for innovation
How to secure passwords and other critical numbers
Meeting Business Data Protection
When it comes to data back-up and recovery, the rules have changed. Virtualization has enabled IT organisations to become more efficient, but also more complex. This whitepaper addresses these new realities, and provides a comprehensive solution for virtual and physical environments, backup of applications and data, disaster recovery and replication of complete systems or applications, and for ensuring high availability of mission-critical services.
Complexity Ate My Budget
It’s high time we tamed the monster we created! Against a backdrop of sustained and uncontrollable data growth, most of today’s operational problems revolve around backup and recovery. Understanding the hidden costs and implications for data protection strategies is critical, but the complexity of the nebulous and amorphous cloud can make everything hazy. This white paper breaks it down to different dimensions of virtualisation and how to deliver the productivity and flexibility it promises.
Casestudy: Managing an Antivirus Service and Improve the Customer Experience
Anittel Group has provided managed technology and connectivity services to organisations for more than 15 years, expanding to become one of the world’s largest full-service, IT and telecommunications companies. Previously, Anittel deployed an in-built antivirus solution as part of its managed service offering, which addressed a number of its customers’ needs, except for individual malware infections, which occurred as often as a several times a week. In this case study, find out what they did to solve this problem.