Contact centers are under significant pressure to manage calls efficiently, especially as volumes begin to rise. Customer authentication is obviously a big priority and is critical to ensuring the security of the contact center.
As a result, most call centers have to tread a fine line between managing the overall call experience, streamlining authentication processes, and making sure that average handling times remain competitive.
But, customer authentication is handled very differently if you’re using an IVR (interactive voice response) system as compared to working with live or virtual agents. But before we go further, let’s talk about what customer authentication and identification really is.
What is Customer Authentication?
Traditionally, customer authentication in call centers has involved asking the customer to provide personal information, such as their full name, date of birth, address, or answers to security questions based on personal history (like a mother’s maiden name).
However, this method can be time-consuming and is not foolproof, as such information can potentially be accessed or guessed by others. To address these challenges, many call centers are turning to more advanced and secure methods of authentication.
Technological advancements have led to the development of more sophisticated authentication tools. These include biometric verification methods, such as voice biometrics, where a customer’s unique voiceprint is used to verify their identity.
This method is not only more secure but also enhances customer experience by speeding up the authentication process. These are primarily employed in sensitive industries, such as banking, retail, healthcare, or telecommunications.
Other tools like two-factor authentication (2FA), where a customer is required to provide two different types of information for verification, and knowledge-based authentication (KBA) systems, which ask questions that only the genuine customer would know, are also widely used.
What is Customer Verification?
It’s important to understand that customer verification is different from authentication. Customer verification involves confirming specific details or information provided by the customer. For example, verifying a transaction, a change in service, or the accuracy of account information.
Verification serves as a double-check to ensure that the actions being taken or the information being provided is correct and authorized by the customer.
How customers are authenticated in IVR systems vs. authentication by agents
Interactive Voice Response (IVR) systems provide an automated way of authenticating customers before they are connected to a live agent. In IVR-based authentication, customers interact with a computerized system that guides them through a series of steps to verify their identity.
This process is typically initiated by the customer entering a personal identification number (PIN), account number, or other identifying information using the phone keypad or through voice commands.
The IVR system may also integrate more advanced authentication methods. For example, voice biometrics can be used to authenticate customers based on the unique characteristics of their voice. This method is not only secure but also user-friendly, as it requires minimal effort from the customer.
The IVR might also use two-factor authentication (2FA), where after entering a PIN or account number, the customer receives a code via SMS or email, which they must then enter into the IVR. IVR-based authentication is efficient as it reduces call handling times and frees up agents from performing routine authentication tasks.
However, it’s crucial that the IVR system is user-friendly and offers an option to quickly connect with a live agent if the customer has trouble with the automated process.
Modern IVR systems even use passive authentication methods, where they use voice biometrics to automatically authenticate a customer.
Authentication with a live agent
Agents typically begin the call by asking the customer to provide specific information to verify their identity.
This may include the customer’s name, date of birth, address, account number, or answers to predetermined security questions. In scenarios where more stringent security measures are required, agents might use knowledge-based authentication (KBA).
KBA involves asking questions that are supposedly known only to the customer, like previous transaction details or personal history questions. Agents may also use customer interaction history to ask questions related to previous service requests or account changes.
The human element in live agent authentication allows for more flexibility and problem-solving capabilities. If a customer struggles to remember a specific piece of information, the agent can use alternative questions or methods to authenticate them.
However, this method can be more time-consuming and is dependent on the skill and training of the agent to effectively and securely authenticate the customer.
Types of customer authentication
There are two main types of customer authentication methods in use today: Active and passive authentication.
Active Authentication
Active authentication involves the customer’s direct participation in the verification process. This method requires the customer to actively provide information or perform an action to prove their identity. A classic example of active authentication is the use of passwords or PINs.
This is time-consuming and takes longer, as the agent has to carefully verify the information before proceeding with the call.
Passive Authentication
Passive authentication, in contrast, verifies a customer’s identity without their active participation or often even their awareness.
This type of authentication happens in the background during a customer interaction and is designed to be non-intrusive. An example of passive authentication is voice biometrics used in contact centers.
When a customer calls in, the voice biometrics system analyzes their voice patterns (like pitch, tone, and speaking style) and compares them to a stored voiceprint. If the voice patterns match, the customer is authenticated without having to actively provide any specific information.
Pindrop makes it easy for contact centers to deploy passive voice authentication with the help of advanced voice biometrics.
Pindrop’s system passively authenticates customers by analyzing their unique voice characteristics during a phone call. This technology works in the background, seamlessly verifying a customer’s identity as they naturally speak with an agent.
The benefits of using biometric authentication
One of the most significant advantages of biometric authentication is its enhanced security. Biometric data is unique to each individual and extremely difficult to replicate or steal, unlike traditional authentication factors like passwords or security tokens, which can be forgotten, lost, guessed, or stolen.
For instance, voice biometrics in a contact center setting is based on the unique vocal characteristics of the user, making it a robust security measure against impersonation or fraud.
This level of security is particularly beneficial in industries where safeguarding sensitive information is paramount. Another key benefit is the convenience and speed it offers.
Biometric authentication typically requires a single action, like speaking or scanning a fingerprint, making the process much quicker and more user-friendly than traditional MFA methods, which often involve remembering and inputting passwords or codes.
This ease of use not only improves the customer experience but also enhances efficiency in scenarios like customer service calls, where quicker authentication can lead to reduced call times and increased overall throughput of customer queries.
More importantly, voice biometric systems are constantly learning and evolving, making them incredibly smart and reliant, especially in contact centers that receive a higher volume of calls.
How voice biometrics protects against call spoofing
One of the key strengths of voice biometrics in countering call spoofing lies in its immunity to manipulation of external identifiers like phone numbers.
Unlike Automatic Number Identification (ANI) validation, which relies on the phone number being transmitted correctly and can be spoofed, voice biometrics validates the caller based on their voiceprint – a unique identifier that cannot be easily altered or imitated.
This means that even if a fraudster successfully spoofs a phone number, they cannot mimic the voiceprint of the legitimate customer, making voice biometrics a powerful tool against identity theft and fraud.
In many contact centers however, voice biometric identification is used in tandem with ANI validation and matching. Think of it as adding another layer of security to ensure that the call originates from the customer’s account.
Even if a caller passes the ANI validation, they must still pass the voice biometric check. The system analyzes various aspects of the caller’s voice and compares them to a stored voiceprint. If the voiceprint doesn’t match, the call can be flagged for further investigation, even if the ANI was validated.
Customer Authentication: How Pindrop can help
Instead of just relying on standard authentication techniques, using Pindrop helps contact centers not only improve the speed of verification but also makes it more reliable.
Each individual’s voiceprint is as unique as a fingerprint, making it an extremely reliable form of authentication. When a customer calls in, the Pindrop system compares their voice against a stored voiceprint to verify their identity.
This process is highly secure and effectively minimizes the risk of fraudsters impersonating customers, as replicating someone’s voiceprint is exceedingly difficult.
With Pindrop, as soon as the customer speaks, their identity is verified passively and unobtrusively in the background.
This streamlined process leads to quicker call resolutions, enhancing customer satisfaction and enabling agents to focus more on addressing the customer’s needs rather than spending time on lengthy authentication procedures.
Pindrop is particularly effective in protecting against call spoofing and telephony fraud. By relying on voice biometrics, Pindrop ensures that even if a fraudster manages to spoof a caller ID, they cannot bypass the voice authentication.
And more importantly, Pindrop gives call center agents valuable insights and analytics based on voice interactions. This data can be used to improve customer service strategies, tailor services to individual needs, and better understand customer behaviors and preferences.