Voice 'fingerprints' may plug call-center security leaks

You've heard such stories. Mat Honan, a reporter for Wired magazine had almost his entire digital life erased when a fraudster used social media account information to trick Apple and Google into allowing him access to Honan's account information.
Paul Allen, the billionaire co-founder for Microsoft fell victim to identity theft when an AWOL U.S. Army solider called Citibank and changed the address of Allen's card from Seattle to Pittsburgh, which he then used on a $15,000 shopping spree.
The common theme between these two high-profile stories is the way fraudsters were able to penetrate the contact centers of these big companies and misrepresent themselves as legitimate customers.
TAKING NOTICE: For the first time, a small data breach draws a big fine ($50K)
MORE SECURITY: 12 must-watch security startups for 2013
Call center fraud has recently become the hack-de-jour for fraudsters, some industry experts say. Shirley Inscoe, a fraud analyst at Boston-based Aite Group, says many financial institutions have beefed up their online defenses, particularly in response to new guidelines that have been released by the Federal Financial Institutions Examination Council (FFIEC) about how best to comply with existing regulations.
There has not been as close scrutiny on call center security though. "Many banks have really shored up their defenses in the online channel in the last two to three years," she says. "As a result, now we're seeing fraudsters go to the call center, where there it's perceived to be an easier target with fewer defenses."
Not only have organizations focused their security efforts outside of the call center, but information fraudsters can use to launch attacks is much easier to obtain online. Knowledge-based authentication - "what's your mother's maiden name?" -- are far from private. Inscoe says she's heard of databases listing the maiden names of individuals. Even more dynamic questions such as what street did you used to live on or what high school did you attend are not fail-safe. "People post that information on Facebook," Inscoe says. Easier access to information combined with the call center being perceived as a weak link has left the contact center vulnerable, she says.
There are a variety of new tools being used in contact centers today and perhaps one of the most promising is voice biometrics. Today, NICE Systems, a provider of both contact center software and fraud prevention, released a voice biometrics product as part of its Contact Center Fraud Prevention product.
Like a fingerprint, each person's voice is unique, which can be used to identify known fraudsters, says Ori Bach, director of solution management for NICE. The voice biometrics system cross-references the callers against a list of known criminals. The system also analyzes the rate of calls coming into the contact center, talking patterns of callers and emotion. Fraudsters, for example, often yell at call center agents in an attempt to portray an angry customer, coercing the agent into agreeing to the fraudster's demands.

Source and read more:

0 yorum: