In a world where we have a plethora of passwords to a multitude of websites and apps, it is hardly surprising that people either re-use the same password for different sites or write them down in a book or digital form. In the case of the former, this plays directly into the hands of fraudsters who use phishing techniques and social engineering to gain this information. Once they have this information, they are then able to access multiple accounts, and by researching freely available information on the Internet they are able to ascertain many of the knowledge-based authentication information (KBA)that is used to verify your identity and access people’s accounts. This will inevitably allow them to reset passwords, change addresses and thus perpetrate their fraud. The problem with today’s “security” measures is that it relies, fundamentally on what you know, most if not all of which is, as previously mentioned, freely available in a digital online world. With the data breaches recently seen in the press and the proliferation of this information on the dark web, fraudsters have a ready-made source of information on which to work. Add to the melting pot that Customer Service agents are, by their very nature, there to help; if you have your account number and two of the three pieces of key information required it is not unheard of for them to “help” you guess the last piece. All of these elements add up to a highly insecure process for authenticating users.
What then, is the answer? Move away from KBA and go, instead, to”who you are” methods of authentication. Passive Voice biometrics (NOT to be confused with voice recognition) authenticates users based on their voice pattern, not what they say, therefore doing away with annoying “what is your mother’s maiden name” etc style of questioning, which pervades all openings when dealing with contact centres, banks etc. Not only is this perceived level of security flawed, but furthermore, it has a detrimental effect on the customer experience, since most people who fail this type of authentication are legitimate customers.The fraudsters have done their homework (it’s their “job” after all) Fundamentally, when customers call an organisation, it is to perform some sort of transaction and the quicker this can be done, the better. Voice Biometrics speeds up the authentication process and thereby the transaction, increasing the customer experience.
For more information on this, please see the Forresters Report here
peterawilson41 