Fraudsters Know Your Mother’s Maiden Name

Paul StockfordJanuary 21, 2016

Thrilled about her recent promotion, Andrea rewarded herself with a trip to Italy. She enjoyed Rome’s marvelous museums and cathedrals but her real fascination was shopping. While visiting the famous shops on Via Cola di Rienzo, she received an alert on her smartphone.

It was from her bank warning that she just maxed out her credit card. No problem, she would use her online banking app to pay down the balance.

However, much to her alarm she discovered that over $1,000 had gone missing from her checking account. She called her bank and learned that someone who identified herself as Andrea placed an anguished call that she desperately needed a substantial sum wired to an account in Bulgaria. The request came in by phone. The caller had all the proper authentication information, even Andrea’s mother’s maiden name.

The fraudster convinced the customer service representative (CSR) and her supervisor that this was an emergency and the funds had to be wired immediately. Angry and distressed, Andrea reflected on the irony. Now she was the one stranded in a strange country with little money.

Unfortunately, Andrea’s situation is not uncommon. Finding it harder and harder to steal money through credit cards, fraudsters are finding open doors through contact centers. Customer service representatives, trained to be helpful and considerate, sometimes are not as vigilant about security as they should be. That being said, a fraudster may talk to 20 or more CSRs before finding one who can be duped.

Financial institutions rely on knowledge-based authentication (KBA). Examples include personal identification numbers (PINs), account numbers, first grade teachers, and your mother’s maiden name. Much of this information is accessible from websites or the black market. People often have 20 or more passcodes, and these are increasingly complex and hard to recall. If a call originates from a mobile phone, users may not have easy access to their passcodes.

A better approach is to use biometric authenticators. Fingerprints and retinal scans can be costly and impractical, but voice recognition works very well for both improving the customer experience and detecting potential fraud. The human voice is as unique as a fingerprint. Callers do not have to correctly answer layers of security questions—and fraudsters can’t outwit the technology.

From a customer relationship standpoint, voice recognition helps significantly reduce customer effort and demonstrates a spirit of trust rather than suspicion. From a cost savings standpoint, voice recognition helps reduce call duration.

As tools for fraud prevention, solutions such as Verint Identity Authentication and Verint Fraud Detection work by instantly comparing the caller’s voice to the voice prints of an extensive database of known fraud perpetrators. This comparison is done silently in the background of a call. The solution combines a new generation of passive voice biometrics with unique predictive analysis that can help accurately detect fraudsters and authenticate customers without caller interruption.

Voice recognition technology offers a powerful combination of reduced customer effort and fraud deterrence. We expect that adoption will rapidly increase, not just among financial institutions—but also insurance, e-commerce, utilities, and other security-sensitive businesses.