Close this search box.

Written by: Pindrop

Contact Center Fraud & Authentication Expert

Contact center authentication defends your business, but many leaders are struggling with choosing the best type of authentication solution for them. In addition, recent shifts to massive swarths of the workforce staying home have created new challenges in security, workforce optimization, and consumer behavior. 

Contact Center Authentication Provides First Line Defense

KBAs? multi-factor? Passive or active enrollment? Contact center authentication practices come in an array of configurations and options for deployment. But not all authentication solutions, products, or services were created equal. For example, Knowledge-Based Authentication has been proven ineffective and even declared dead – and active yet contact center leaders across industries continue to utilize this weak form of protection for their businesses. Effective and efficient authentication tools can lower operational costs, decrease hold times, and deepen customer affinity. Have you considered the tools you would need to optimize your authentication strategies?  

“Give me six hours to chop down a tree and I will spend the first four sharpening the axe.”

Abraham Lincoln

Pindrop has organized a collection of tools, assets, and other resources to aid contact center leaders in their race to optimize operational costs, improve customer experience,  and improve security measures, as organizations restructure and prepare for the road ahead. You can explore the tool kit on this page linearly or choose the section you need: 

  • What Is Caller Authentication?
  • Passive Vs. Active
  • multi-factor vs Knowledge-Based Authentication
  • Caller Authentication Best Practices
  • Optimizing Caller Authentication Enrollment
  • Operationalizing Caller Authentication

What is Caller Authentication?

Caller authentication is the process of verifying the identity of persons via the phone channel. 

From email to bank logins, many companies have employed tools like 2-factor verification to make their services more secure. As the world moves to one where the majority of interactions may happen online and through the phone channel, out of necessity, the proper identification of users and customers brings itself to the forefront as call volumes spike and capacity issues stemming from absenteeism, sickness, and country-wide shutdowns continue. 

How Caller Authentication Works 

Defining caller authentication is great, but how does it work? How can it help you decrease fraud costs, improve customer service, and solve issues with capacity. 
Caller authentication – in general, follows 3 steps:

  1. A call is placed to a contact center
  2. The call is connected to the contact center
  3. Caller authentication takes place


Now while these oversimplified steps are what takes place in general concerning call authentication, you will need deeper understanding of the forms of caller authentication available to you and how they can be used for the protection of your contact center, customer information, and bottomline. 

Let’s start by considering the two operationalizations of caller authentication at a high level so you can choose which is best for you. 

Calculate The Cost Savings of Switching to Caller Authentication

Ditching KBA’s and switching to caller authentication can save your call center time and ultimately affects your bottom-line. Use our authentication cost savings calculator to find out how much money caller authentication can save your contact center.

Passive vs. Active Authentication

Authentication – operationally comes in two flavors passive and active.

Passive Authentication

Passive Authentication is the process of authenticating callers without any interaction with the caller or required actions on behalf of the agent. Passive authentication results in calls that are authenticated before being connected to the agent. Creating a smoother more personalized customer experience, reducing average handle time by eliminating required actions on behalf of the agent, and strengthening the front lines of your contact center to attack. Passive authentication methods also help increase self-service options in the IVR. 

Active Authentication

Active Authentication is the process of authenticating callers by requiring callers and/or agents to actively participate in authentication. The most common permeation of this is the use of knowledge-based authentication questions. Here, agents are expected to ask questions to ascertain whether or not the person is who they say they are. Which often forces agents to become weird mixes of Sherlock Holmes and Lumiere.

Which Method is Most Effective?

Passive authentication allows for the verification of identity without the interaction with or input from humans during the call. 
Active authentication requires action on behalf of both the caller and customer service agent in order to validate an identity.
Though both methods are in use, one method is more secure, faster, less prone to false positives and positively impacts customer service. While the other is compromised due to repeated major breaches and leaks depositing PII on the dark web. 

Which Method is Most Secure?

Multi-factor Vs. Knowledge Based-Authentication

Multi-factor Authentication

Multi-factor authentication is the use of multiple disparate data points to authenticate or verify identity. In practice, its application in call centers means the utilization of numerous data points to ensure the caller is genuine. Voice, device, and behavior are 3 common points used to authenticate callers- though multi-factor authentication generally refers to the use of two or more ways of verifying an identity. Using multi-factor authentication technology to assist the agent in authenticating the caller, reduces the cost per call by reducing the amount of time agents are on the phone and can improve NPS by delivering personalized customer experiences.
Multi-factor Authentication typically leverages at least two of 3 “factors”:

  • Something you know – like the answer to a KBA question
  • Something you are – like a fingerprint
  • Something you have – like a mobile device or keycard

Knowledge Based-Authentication

Knowledge Based-Authentication is the combination of real and fake-out questions that should help agents root out imposters and fraudsters. However, due to the answers to these questions being available publicly or leaked online – the effectiveness of this method is no longer debated. Knowledge based authentication comes in two flavors:

Dynamic Knowledge-Based Authentication

Dynamic knowledge-based authentication is the use of publicly available information to verify identity and they are updated as your public information changes. An example would be “Which of these addresses have you been associated with in the past?”

Static Knowledge-Based Authentication Questions

Static KBAs are questions with presumably unique answers that should be specific to you – for example, “What is your favorite food?” The assumption here is that this information is something that only you or someone very close to you would know – and therefore could be used to identify you. 

Research shows that 47% of consumers cannot remember the answers to static KBAs and that 20% of the time, fraudsters guess the right answer. Additionally, dynamic knowledge based authentication questions have been compromised as megabreaches have spread address, phone numbers, and credit information across the dark web for years. 
In short, multi-factor authentication, and more so passive multi-factor authentication, is the most effective and beneficial form of caller authentication. The passive approach offers many benefits concerning security, operations, and customer experience. Call center leadership looking to increase capacity, improve customer experience, reduce agent stress, and address fraud costs should seriously consider passive multi-factor authentication as a solution. 

Caller Authentication Best Practices

Contact centers use authentication tools to provide frictionless, personalized customer experiences. But some authentication tools are better suited to that task than others. Exploring best practices for contact center authentication translates to positive gains in other areas; 

Optimizing your authentication practices can eliminate time sucks, empower your customers, and improve operational efficiencies. Expand your knowledge of contact center authentication strategies, with insights, actionable recommendations, and learnings in our expert-led authentication webinar series and curated resource library.You can leverage authentication best practices for quantifiable operational gains for your contact center. Acquire the knowledge and tools you need to help keep your contact center secured without sacrificing customer service.

You can leverage authentication best practices for quantifiable operational gains for your contact center. Acquire the knowledge and tools you need to help keep your contact center secured without sacrificing customer service.

Optimizing Caller Authentication Enrollment

Although multi-factor caller authentication has many advantages, no authentication solution can work without enrollment. Hence optimizing enrollment processes optimizes your authentication rate. Passive enrollment options remove barriers to enrollment by eliminating the active participation of consumers, ensuring the best authentication rates by delivering the highest enrollment rates. Employing passive multi-factor authentication for your contact center and reducing customer agitating practices like active authentication enrollment can improve security posture. 

What is Enrollment Optimization?

Enrollment optimization is the transformation of the processes concerning enrollment into their most efficient state for the consumer and the business. Enrollment processes differ but are typically categorized as either passive or active. As noted above, optimization leans towards passive solutions as they do not require consumer interaction, nor agent involvement. Passive enrollment requires no human interaction and optimizes enrollment by ensuring a seamless experience for the caller and the best return on authentication investments
A seamless experience is essential not only for NPS scores and brand loyalty but also for the effectiveness of your authentication planning. It’s simple, passive enrollment of every caller better ensures enjoyable experiences during each call, which welcomes consumer interaction, and deepens their affinity to your brand. The more seamless you can make every interaction, the better the customer experience. In short, passive enrollment is the optimal solution for authentication enrollment. 

Why is Enrollment Optimization Important?

Because your authentication solution is only as useful as the number of your customers enrolled, your goal should be 100% adoption. Though this is impossible, it is critical to note that should few consumers enroll, your authentication solution would be much less effective, as inferior enrollment rates translate to inferior authentication rates. Again, passive enrollment goes a step further, ensuring the best authentication rates by delivering the highest enrollment rates. 

5 Tips for Optimizing Enrollment for Enhanced Authentication Right Now

  • Leverage ANI as a factor in the ID claim. ANI, or automatic number identification, helps to take the cognitive load off the caller by leveraging data that already comes with the call. ANI of an incoming call can be matched with data on the file to look up a uniquely matched identity. This data can be leveraged not only for a first-time caller but also for an identity claim for a returning caller. Rather than having to answer a knowledge-based authentication question or share sensitive information over the phone to verify identity, ANI can be looked up silently in the background of the call.
  • Leverage a unique identifier. Having a consistent, asserted identity claim, ensures that call after call, time after time, you can identify a caller across different lines of business. Leveraging a unique identifier provides a seamless, passive process, authenticating the caller in the background of a call so you can get them where they need to be faster. 
  • Avoid clunky active enrollment. Active enrollment with specific passphrases is time-consuming for customers just wanting to have their issues handled; customers calling into a call center may find that as a distraction to resolving the issue at hand, resulting in sub-optimal user experience. Make the enrollment process seamless and straightforward by enrolling callers as they naturally engage with call center agents instead of forcing a separate enrollment process.
  • Keep things simple with API integration whenever possible. Pindrop’s APIs are straightforward – the footprint is small, they’re effortless to use. It’s a simple process, and the APIs are leveraged across both the agent leg and the IVR leg of the call. 
  • Engage experts, including process engineers, privacy by design, and Pindrop’s Business Intelligence Team to craft an ideal end customer experience.


Operationalizing Caller Authentication
The use of passive multi-factor authentication directly impacts operational efficiencies. Directly reducing AHTs by removing the need for KBAs on most incoming calls, and improving call capacity, and IVR containment. Data gleaned to build multi-factor profiles include a range of device, audio, and carrier data and can be combined with other security solutions to create a comprehensive protection suite for the protection of your consumer data. See how Pindrop works with our partners to deliver security solutions that address common challenges in the physical, digital, and voice the channel. 

Passport, can help you optimize operations. Reducing costs and improving metrics. Explore this page to learn more about authentication applications for contact centers and how your organization can benefit.