Biometrics: Eliminating telephone banking fraud

By Tom Harwood | 21 March 2017

Tom Harwood, Co-Founder and Chief Product Officer at Aeriandi discusses the use of voice biometrics within contact centre operations, how this can help combat fraud, and how the technology has wider potential for customer experience.

Recent research from Get Safe Online and the National Fraud Intelligence Bureau (NFIB) found that more than a quarter (28%) of people had been contacted on the phone by fraudsters trying to trick them into giving away personal information. Fraudsters often begin by trying to get victims to confirm personal information they have already identified online. A report from fraud prevention service Cifas found that 86% of identity fraud is internet-enabled, where fraudsters get victim's personal information from poor personal security practices on social media sites. Twitter, LinkedIn and Facebook are treasure troves of personal information that, if left unsecure, can be easily accessed by anyone with a laptop and an Internet connection.

Web based security measures have evolved much faster than those for voice. Security measures such as multi-factor authentication and behavioural monitoring have been actively deterring criminals from targeting customer accounts online. The same cannot be said, however, for phone-based contact areas.  Despite an increased focus on call centre security processes in recent years, the contact centre still represents a vulnerable area for many businesses. 

The interactive and personal nature of customer calls to a contact centre makes them a target for fraudsters. If a fraudster can gather just a small amount of personal information on a victim from social media sites, they can manipulate a call centre agent into either feeding back additional personal information, or even allowing them access to a customer’s account. Often, an agent’s key objective is to provide quality customer service. This focus on customer experience, however, has the potential to overshadow the responsibility to ensure a caller is genuine. 

Call centres need protection

Direct contact with a company representative remains the pinnacle of an excellent customer service offering. Many businesses present their availability on the phone as a selling point. While web-based self-service capability can be a convenient way for customers to manage their own accounts, often there is still a need to seek advice from a trained company representative.   

On a traditional customer service phone call, account holders can expect to provide date of birth, address, and possibly a security question or password to confirm their identities.  Once authenticated, they gain total access to the account.

This is the same process for anyone who calls up to access an account with the correct details, even if those details have been stolen. The central issue is simple knowledge-based security answers are no longer secure. Your mother’s maiden name, your secondary school, your pet’s name, even your best friend’s name may be readily available on the internet to a fraudster willing to do some digging.

And if these details can be found, telephone fraud becomes a low risk, low cost (and high reward) way for criminals to exploit vulnerabilities.  It is easy to carry out from any location and is often untraceable.  Even basic security measures such as caller ID and Automatic Number Identification (ANI) can also be easily fooled using simple spoofing technology. The chances of being caught are often extremely low.

According to the Pindrop Labs 2016 Call Centre Fraud Report, the average contact centre agent will be dealing with a fraudster approximately once every 2,000 calls. As a result, identifying and handling them is not normally a core competency for agents, who are often targeted on customer satisfaction levels, speed and efficiency. Many will have no experience in the recognition or handling of fraud. 

Empowering operatives with biometric capability

While training call centre agents to identify fraudsters can go some way towards minimising the risk, businesses are finding more success by empowering agents with new technology-based solutions. Voice biometrics protect contact centre agents by allowing them to focus on their core service skills and not on signs of fraud.

Most fraudulent call efforts are repeat attempts by the same group of organised criminals. This has allowed authorities to compile a database of fraudsters from around the world and match them to their unique voice signatures. When a call is initiated, voice biometrics technology will compare the caller’s voice against this database and quickly identify if it is a fraudster on the phone. The call centre agent is notified and they can quickly quarantine the perpetrator from any sensitive information. The entire process happens in the background of the call completely unbeknownst to the caller. Only when an issue is raised with caller authenticity is anyone alerted.

Voice biometrics technology identifies a unique voice signature, like a fingerprint or a retina. Although someone can mimic the sound and accent of another, no two voices are the same. Each person’s voice is unique because of the physical characteristics of the mouth, throat and nasal passages. While human ears are limited, even the smallest of changes in the pitch and rhythm of speech can be identified by biometric analysis.

Add biometrics to the toolbox

Like any security measure, voice biometrics works best when combined with a range of other security processes. Intelligent fraud detection needs to be utilised so that criminals who may not yet have been flagged on the global database can still be identified. Intelligent fraud detection notifies the call centre agent of the call’s overall risk score. It does this by scoring all calls against a number of key risk factors such as audio characteristics, geolocation, number reputation and frequency of calls. Within the first 30 seconds, the agent will receive the risk score and a set of custom instructions on how to further authenticate the call.

Combining several different technology-based fraud detection systems, instead of relying on outdated security questions for authentication, creates the widest possible protection for customers and their data.

Wider biometric potential

Voice biometric technology can also be used as a tool to improve customer experience and cut call-handling times. Instead of databases of known fraudsters, businesses are beginning to create their own database of genuine customer voice signatures. When a customer calls in, they can instantly be identified without having to answer identity-based questions. This reduces call times, saves cost and provides a more streamlined experience for customers.

Despite an increase in internet-enabled fraud, online security has seen significant security improvements in recent years. Telephone security, however, still lags dangerously behind. Until these vulnerabilities are addressed, call centre operatives will continue to be prime targets for professional fraudsters. The introduction of an effective voice biometrics system, ideally alongside additional measures such as intelligent fraud detection, is currently the most likely option for success. It will bolster any business’s telephone identity and verification security, whilst simultaneously improving the customer journey. It may not solve the issue completely, but it’s certainly a step in the right direction.

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development