That call to your bank is being recorded for more than just “quality assurance purposes.”
Some banks are using voice biometrics and other technology to help determine who is calling and where a call is coming from.
The reason: call-in center fraud is surging. The internet used to be a treasure trove for scammers, but financial institutions caught on and increased security, causing fraudsters to shift gears.
“[Banks] closed and locked the door online, but they left the window open with the call centers,” said Vijay Balasubramaniyan, CEO of fraud detection company Pindrop Security. He added that $10 billion was lost due to call-in center fraud last year.
New credit card technology has also shifted criminals toward call-in centers, as chip-enabled cards are difficult to copy and replicate.
But call-in centers remain a point of vulnerability. Once unscrupulous callers trick their way past security and gain access to an account, they can do things like take out loans, transfer money or request new credit cards.
The scams
Criminals will contact a call-in center, claiming to be someone else. They sometimes appeal to the customer service representative’s emotions to get them to break protocol. For instance, they’ll claim to have lost their card while traveling and need immediate access to money.
In a rush to help, the service rep might slip up and bypass a security measure or be more lenient.
It’s easy for a criminal to spoof a phone number to match the one on a customer’s account even though the caller may be in a different country.
Fraudsters can call a company upwards of 20 times a day, pretending to be a different person or access the same account, according to Erica Thomson, sales specialist at data security company NICE Systems.
The anti-fraud technology
To help combat the fraud, some banks are using voice biometrics.
Just like your fingerprint, your voice has characteristics that make it unique.
NICE Systems can record call-in center conversations, verify the caller and then convert the voice into a voiceprint to serve as a comparison the next time that person (or someone claiming to be that person) calls.
NICE registers more than 120 different characteristics of a caller’s voice, explained Thomson. Some are physical: the length and thickness of a caller’s vocal cords, lung size and sinus shape. While other traits are personal: tone, pitch and pace, to name a few.
Data analytics company Verint Systems also analyzes callers’ voices to confirm identity and give a representative the OK to proceed with a call.
Using voice biometrics is still catching on the financial world. And the banks that are using the technology aren’t necessarily screening every call — they may target those related to transactions prone to fraud or certain types of clients.
Other security firms aren’t interested in a caller’s voice. They pay attention to a call’s frequency, delivery time of words, cell phone noise and where the call is actually coming from.
TrustID focuses on authenticating a caller’s location.
The company audits the route of a call to make sure it’s coming from a customer’s actual device.
“Before the automated system even says ‘hello and thanks for calling’ we can tokenize the call on whether it’s real or not,” said CEO Patrick Cox.
Pindrop also listens to a call — but not on what’s being said. Rather, it focuses on “phoneprinting” to verify the phone you’re calling from.
The company listens for 147 different features that help identify the uniqueness of a device and attaches it to a caller.
“Every phone device leaves behind a very unique audio signature when it makes a call,” said CEO Balasubramaniyan.