To authenticate caller, dial one

Digital transformation Security
Call centre authentication
Despite the rise in popularity of digital customer engagement tools, research has indicated that call centers are alive and well. While Forrester suggests that they’re turned to primarily for escalation purposes, a special report published as late as last year indicated that over 70% of respondents – including young adults – preferred phone calls as their go-to channel for customer service. And it’s easy to see why: after face-to-face engagements, voice interactions are the next best way to get one-on-one attention.

How does this relate to the financial services sector, you might ask? Well, regardless of why calls get made, call centers have an important role to play in the omnichannel banking cycle if consumers are to be given true freedom of choice in how they interact with their banks. But, to stay that way, they must continue to deliver in several important areas including client security, business efficiency, and good customer service.

Because call centers are costly to run and operated (mostly!) by humans, that is easier said than done. Humans can unintentionally introduce friction and margin for error – but more on that later.
Due to mobile theft and the risk of SIM-swap fraud, phone numbers can no longer be used to reliably authenticate callers either. Voice biometrics as standalone authenticators are out of the question, too.

What, then, can be done to secure call center interactions without compromising on cost-effectiveness and the all-important human touch?

Identity, check!

App and browser security solutions comprising multi-factor authentication have become digital banking security staples. Solutions like Entersekt’s, which cryptographically bind customers’ digital identities to unique instances of their mobile apps or web browsers, are used with great success all over the world, enabling banking customers to transact digitally without fear, wherever they are and however they choose.

Without too much extra effort, the same principle could be applied to confirm the identifies of callers during call center interactions.

On the surface, all that would be required is an in-app call feature and for customers to log in to their apps to place a call instead of going the traditional mobile or fixed line route.

Behind the scenes, calls would be connected via VoIP and integrated with a call center’s PBX system. Before being connected to a call center agent, however, the PBX would pass a trust token through to the bank’s Entersekt-provided Secure Gateway for verification. Once verified, the bank – and the call center agent – would be assured of the authenticity of the device and therefore the caller.

As an optional security step, additional verification requiring biometrics or a PIN could be performed via the app, which would also take place before the agent took over.

If you are interested in authentication methods across digital channels, read our blog Omnichannel authentication: The power of control

A frictionless call centre authentication experience

Though similar options exist for customers calling from fixed line or mobile phones, a solution that uses in-app calling via VoIP represents by far the smoothest of customer engagements.

As mentioned earlier, humans can be the weakest link in security and fraud prevention processes and, according to Gartner, are often the cause of heightened scrutiny and suspicion of legitimate callers. For example, up to 30% of callers fail knowledge-based verification, which can cause frustration and lead to incorrect risk assessments. Automating the authentication process and having it take place at the start of a call solves the problem and allows call center agents to focus on the real matter at hand: helping their customers.

Savings, in time and money, are equally important considerations. No-one likes to waste time, least of all banking customers. Agents, too, have it in their best interests to keep calls brief to improve operational efficiency and reduce the average cost per call. The good news is that in most instances, up-front customer authentication can trim anything between 15 to 30 seconds off a call. In others, where identity checks would have proved more difficult as described above, the time saving could extend to over a minute.

Perhaps the only and most obvious obstacle in the way of success is the change required in customers’ behavior. To benefit from a frictionless call center authentication experience, they’d need to resist the urge to dial customer services from anywhere other than their banking apps. With everything to gain and nothing to lose, the challenge would be an exciting one for banks to tackle, though. The power of incentivization never fails… but that is a topic for another day.

Read more about Entersekt's omnichannel customer authentication solution including mobile and browser authentication.