But like all other technologies, telephony is the target of criminals looking for a way to commit fraud and theft. While companies have long secured their digital channels, the same level of protection or regulation is rarely applied to the telephone channel. Therefore, fraudsters use call centers as an entry point to steal personal data in order to gain access to user accounts later.
Additionally, traditional authentication and security methods, such as challenge questions and passwords, are no longer effective against fraudsters who use advanced social engineering techniques and other data recovered from previous leaks. of data.
Companies are therefore looking to implement more modern and effective defenses in their call centers to protect themselves and their customers, and artificial intelligence (AI) coupled with machine learning (ML) could be the answer. key.
Why do criminals target the phone channel?
The perceived anonymity of the voice channel makes it immediately attractive to fraudsters. Unlike in the bygone days of meeting the manager of our bank, call center agents generally have no proximity to callers, allowing a fraudster to pose, quite easily, as a customer.
In addition, caller ID verification is usually done through knowledge-based authentication (KBA), a flawed system that is not suitable for today’s digital world. Knowledge-based authentication doesn’t actually confirm the identity of the caller, just that they know the answer to a handful of pre-established questions, like the name of their first pet or the maiden name of his mother. With over 200 million records stolen in 2021 alone, it’s never been easier for fraudsters to recover needed information.
Finally, the exploitation of telephony requires a lower level of technical expertise than cybercrime targeting online channels; the call center agents focus above all on providing a positive customer experience and handle dozens of calls a day. Their job is not to identify potential fraudsters.
All of these factors combine to make the phone channel an easier target for fraudsters looking to gain access to personal data and user accounts.
How is the voice channel operated?
In most cases, fraudsters seek to take control of a victim’s account in order to carry out fraudulent transactions. Financial accounts offer the most direct gains, but other profiles such as retail, insurance, and health can also be exploited for theft, fraud, and blackmail.
However, fraudsters generally do not seek to take over an account on their first pass, and the attack usually takes place in several stages. Organized fraudsters will make initial calls to gather information and verify the data they already have before taking action.
KBAs are often exploited in this way because criminals can use them to confirm that they have the correct answers, and they will often contact other services or organizations to cross-check information.
Experienced fraudsters are also equipped with social engineering techniques. They know which services to target and what types of fictional stories are most likely to succeed. Emergency provisions, such as those requiring cards to be canceled or PINs changed, are common targets, with fraudsters using the sense of urgency to play on human sympathy.
Interactive voice response (IVR) systems are another popular source of data – since the automated machine is incapable of being suspicious, criminals don’t even need to use social engineering. Most IVR services have few guarantees against exploitation and can be exploited repeatedly to obtain useful information.
How can AI support human activity?
Voice is thus a sustainable option in the face of more convenient but less personal means such as email or online chats. However, that same voice is a weakness that fraudsters seek to exploit.
That’s why, realizing that humans cannot accurately review tens of thousands of calls in real time, companies are increasingly turning to intelligence-powered anti-fraud technologies. artificial intelligence and machine learning to help them detect fraudulent callers.
Fraud detection can be done behind the scenes using AI-powered analytics that quickly assess the caller’s voice, behavior and metadata, and identify subtle signs indicating a potential fraudster. Even the best-prepared impostor can be unmasked by minute signs of which he is not even aware.
This same technology can also be used to provide an additional layer to caller authentication alongside KBAs, helping to determine caller identity quickly and transparently by creating unique multi-factor credentials based on the device, voice and behavior of the customer. The result is a faster, more personalized process that not only improves the customer experience but also saves callers time.
The process is highly precise and takes place in real time. This means it has virtually no impact on “genuine customers” and agents can provide the best possible customer service without having to guess who is on the other end of the line or treat their customer as a potential fraudster. .