The BBA is now integrated into UK Finance. Please go to www.ukfinance.org.uk for new content and updates from UK Finance.
Material published by BBA prior to 1st July 2017 is still available on this website.
From 1 July 2017, the finance and banking industry operating in the UK will be represented by a new trade association, UK Finance. It will represent around 300 firms in the UK providing credit, banking, markets and payment-related services. The new organisation will take on most of the activities previously carried out by the Asset Based Finance Association, the British Bankers’ Association, the Council of Mortgage Lenders, Financial Fraud Action UK, Payments UK and the UK Cards Association.x
Written by Matt Peachey, VP & GM EMEA, Pindrop
Call centre fraud within UK financial institutions is growing at an extremely alarming rate. In fact Pindrop’s State of Fraud report revealed that 1 in 700 calls to call centres is fraudulent and costs the call centre £0.51 per call.
Criminal groups are specifically targeting contact centres to gain access to customers’ funds and take over accounts as well as using them to gather, test and augment personal data to use in future fraud attacks or to sell on the black market. This rise in the number of attacks can be traced to a migration of fraudsters to the phone channel. Factors influencing this migration include the global increase in data breaches and stronger online, mobile, and especially physical security. This tighter security on other channels has meant that call centres are increasingly being seen as the weakest link into customer bank accounts. Financial organisations must do more to protect consumers against the threat posed by phone fraud.
Consumer behaviour is also having an adverse effect on the safety of data, propagating the rise in phone fraud. According to a survey carried out by Pindrop, 87 per cent of consumers are aware of the threat of phone fraud but are failing to take the most basic steps to protect their finances from fraudsters.
Breaches of customer accounts are also easier as a result of the social media age, with people freely giving away personal information. It has become much simpler for fraudsters to find out details that would have served as a good security question in the past. For example, a fraudster can use a person’s open social media profile to work out the traditional Knowledge-Based Authentication (KBA) questions – pet’s name, first school, mother’s maiden name, etc. Yet, according to our survey, less than one in five Brits switch on enhanced privacy settings.
The end of traditional authentication
Traditional authentication in call centres has been based on KBA. However, the advancement in technology means that those days are now over. This will be of particular concern to banks as the Pindrop survey also revealed that over half of respondents felt that no bank was fully secure, and 59 per cent said they would leave their bank if they thought another one more secure.
Walking the security and customer experience tightrope
But our survey also revealed that 52 per cent of people are frustrated by the number of security questions they have to answer before speaking to someone at a call centre. Customers’ biggest frustrations are, being put on hold, not being able to speak to a human, being transferred between various agents with automated switchboards also proving to be a frustration point. Therein lies the dilemma – organisations must maintain security without it becoming a frustrating experience for customers.
This tightrope of security and customer experience means that banks must invest in ways to provide the required level of authentication, without adding more hoops for customers to jump through.
Which tech can help you?
Financial organisations must listen to the fact that their customers are demanding exceptional service without compromising on security. The right authentication and fraud detection must be in place to avoid getting duped by fraudsters– without relying wholly on the customer to prove that they are who they say they are.
We’re seeing a whole host of technologies being developed to address this problem. Voice biometrics have risen to prominence recently with many financial institutions moving to this form of authentication. While this is a useful way to verify customers, it cannot detect fraud.
Fraudsters have many techniques which help them bypass this layer of security. One example of this is distortive or synthesised noises which can alter the sound of a voice, making it hard to verify and accurately define the user as fraudulent. Instead of relying on just one form of verification, financial organisations combating fraud need to ensure they have multiple layers of defence to provide comprehensive security.
Phoneprinting™ technology goes beyond verification to fill this gap. It can identify specific components about each call such as the location a call is coming from, the device, whether it’s a mobile or landline and whether the phone has been used to call the company before. With these components combined this can aid in detecting fraudulent activity before it becomes an issue and help ensure the customer experience remains high.