Dr Nikolay Gaubitch at Pindrop describes the critical balancing act between security and good user experience in contact centres
In an increasingly remote landscape, call centres have become an important channel for organisations to connect with their customers.
For call centre agents, the primary directive has always been to provide consistent levels of good customer experience. But they also have an additional mission: to be alert to any suspicious callers that may be committing fraud.
Not only does this apply extreme pressure to each call agent, but it also risks detracting from the overall customer experience.
Personalisation is a key driver in providing enhanced customer service. This focuses on building trust between the caller and the agent on the other end of the line.
However, as call centres grow the challenge is striking the right balance between customer experience and security, and this is getting increasingly hard to achieve as the tactics used by fraudsters in the telephony channel become more sophisticated.
Attacks on multiple fronts
Fraudsters often favour the telephone channel over other means of communication due to its sense of anonymity and the ability to apply effective social engineering tricks on call centre agents. They’re also getting more cunning and refined in their attempts to bypass call centre security measures.
It would be easy to identify a malicious caller if their behaviour gave indications of their dishonest nature, like stumbling over their words, or failing to provide key details which genuine callers would.
However, organised fraudsters are experts of deception. Using social engineering techniques and taking advantage of automated systems, criminals can manipulate call centre agents into verifying stolen information, having bypassed knowledge-based authentication (KBA) processes that centre on questions about personal details.
The ways fraudsters can manipulate call lines and steal information is dependent on what call centres permit their customers to do over the phone. So, the more actions allowed to take place on a call, the more a fraudster can exploit them.
Emergency situations are a key part of this – including lost cards, stolen finances and large transactions – as they are usually dealt with over the phone due to the urgency.
Adversaries are good at quickly getting a sense of whether the agent they’re speaking to will let them complete their task. As an example, fraudsters may target utility companies for this reason: they usually have fewer fraud detection measures in place than a bank as they have less to lose.
So, instead of going for the big, lucrative target head-on, criminals may take the detour via utility companies to gather information that can then be used to manipulate employees at the fraudster’s ultimate target.
The pandemic and the subsequent remote working environment have also led to an increase in call volumes, and hence, call waiting times. This has caused fraudsters to adapt their approaches. Spending all day on the phone and then having no success with the call agent once they finally get through does not provide the criminal with a good return on investment.
Instead, they often look to exploit automated systems such as interactive voice response (IVR). These are an important part of the phone channel, providing an automated option that can handle many straightforward requests and free-up human agents for more complicated cases.
Fraudsters are using the IVR more and more, mostly to confirm details they already have, or to phish for additional information. Criminals can also further their attempts by using AI to mine more sensitive information such as dates of birth or PIN numbers.
The balancing act
In addition to implementing enough security measures to combat the attempted fraud, call centres must still deliver quality customer experience. The choice is between allowing customers to action things over the phone, which may involve frustrating levels of security procedures like answering a multitude of security questions, or restricting customers from doing anything over the phone at all.
The difficulty is that call centres cannot treat every caller as a suspected fraudster. Whilst it may help reduce the amount of successful fraud attempts, they run the risk of annoying genuine customers if they are treated with suspicion.
If call centres allow actions to take place over the phone, then a certain level of authentication is required.
However, going through minutes of verification questions takes away from the seamless and pain-free customer service the agents are trying to deliver. If processes are too strict and slow, it could lead to customers choosing to take their business elsewhere to avoid the frustrating and tedious phone interactions. Not only would this lead to a financial decline but it would also be a hit to the company’s reputation.
So, what’s the solution?
The best form of protection
In order to meet fraudsters head on, without impacting the experiences of genuine callers, call centres must accept that there are some things that human workers cannot do alone.
It is extremely difficult for call agents to take calls and provide exceptional customer service, whilst also monitoring for signs of fraud across thousands of calls.
Instead, an anti-fraud solution that runs on artificial intelligence (AI) and machine learning (ML) technology can be installed to sit and listen to each call, familiarising itself with the voices of known fraudsters and building up a bank of data from the incoming calls.
This data will help strengthen the call centre’s defences, while also making the phone channel more personal and boosting customer experience.
These machines learn voices, and use this ability, as well as audio artefacts such as what device is being used to make the call, their location and background noises, to identify fraudsters.
Call centres can also use technology to authenticate users. This means the machine learns the voice of the customers and provides additional confidence that the agents are speaking to the right person.
Not only does this provide an extra layer of security by carrying out a job human workers cannot do alone, but it also allows agents to make each call more personal, thereby boosting the levels of customer service. For example, call centres can create policies based on the risk feedback provided by ML engines, using this knowledge to treat each call differently in line with its level of risk.
The purpose of this technology is to identify fraudsters without impacting the level of service for genuine callers. To remain non-intrusive on calls, the machines stay behind the scenes.
Callers find it reassuring to know that call centres have security measures in place, but it doesn’t mean they should be aware of or hindered by them whilst on a call. These anti-fraud and authentication solutions can help centres achieve the optimum balance between security and customer experience.
Further, these anti-fraud ML solutions free agents from the burden of constantly listening out for malicious callers, enabling them to focus on providing excellent customer service rather than having to double up as fraud detection experts.
A good anti-fraud detection solution will whittle down call volumes to the really high-risk cases, which can then be routed to the trained fraud detection specialists.
Relieving the pressure on call centre agents so they can purely focus on keeping the customers happy will contribute to the success of the business in the long run. It also means that centres do not have to restrict the actions allowed to take place on the calls, further boosting their delivery of seamless customer service.
As the world moves forward, maintaining a high level of remote communications, customer experience in the telephony channel is a vital part of call centre success.
Organisations looking to prioritise this area of business would be wise to consider the ways in which they can marry security and customer service together. By leaning on AI and ML technology, they will be able to deliver seamless and reliable customer support, while maintaining great confidence in their security.
Dr Nikolay Gaubitch is Director of Research at Pindrop
Main image courtesy of iStockPhoto.com