PINDROP BLOG

KNOWLEDGE DOES NOT EQUAL SECURITY

Airlines, banks, stock exchanges, and trading platforms suffered brief website outages this week1 after a key piece of internet infrastructure failed, sparking the second major interruption of the past two weeks. 

The outages come just over a week after countless websites and apps around the world went down for about an hour when a major content delivery network suffered a widespread failure2

Content delivery systems improve load times for websites and provide other services to internet sites, apps, and platforms. The services accomplish that by storing content and aspects of websites and apps on servers that are physically closer to users. In today’s world, websites are the heart of many organizations especially when it comes to giving customers the opportunity to create their own profiles and complete many types of transactions self-sufficiently.

What Happens at Call Centers During Internet Outages?

When a website goes down, what’s the next avenue for a customer to go to? You got it – the call center. The unavailability of a website means more traffic at the call center. The proper identification of users and customers brings itself to the forefront as call volumes spike and capacity issues emerge.

To be fair, there was a point in time where knowledge-based authentication questions (KBAs) were an effective form of identification. But that time is gone. It’s likely that more personal information about each and every one of us is available on the web than any time before in history, and the growing amount of cybersecurity incidents each year aren’t helping. Pindrop’s data shows that fraudsters tend to pass such questions with success more than half of the time whereas the true person forgets the correct answers one-third of the time. 

Due to the data breaches we read about in the headlines3, your social security number, phone number, address, and even personal health habits can be purchased by fraudsters with little to no back-alley dealing needed. The internet has many marketplaces that are willing to sell databases full of personal information that double as answers to KBAs. 

So what is the solution when someone can’t answer these questions accurately? Ask more questions. Step-up authentication often involves more of the same, or alternatively, results in refusing to provide any information to the caller. This is usually presented in the form of “our system is down” or “you need to come into one of our physical locations,” which is not the most ideal customer service experience. Loyalty is not derived from treating your customers like criminals. 

Additionally, this notion goes beyond KBAs, but to anything, you “know.”  Information is easily transferred or stolen in the digital age, and passwords and PINs also fall under the category of secrets as security. For the same reason you shouldn’t force customers to maintain their own key to your brick and mortar storefront, you shouldn’t have to ask them to create and maintain their own secret word, PINs, or password as part of their identity verification.

Pindrop authentication solutions help contact centers authenticate legitimate callers quickly and accurately enabling personalization, and ensuring customer experience no matter where you or your agents are located. 

Please click here to learn how First National Bank of Omaha saved 2.5 Million minutes in handle time and cut half of its account takeover losses by an account within one year in collaboration with Pindrop.

1Riley, Charles; Burnside, Tina; Meeks, Alexandra; CNN Business, “Airline and bank websites go down in another major internet failure (https://www.cnn.com/2021/06/17/tech/airlines-website-outage/index.html), June 17, 2021, cnn.com

2Valinsky, Jordan; Goldman, David; CNN Business, “Massive internet outage: Websites and apps around the world go dark (https://edition.cnn.com/2021/06/08/tech/internet-outage-fastly/index.html), June 8, 2021, cnn.com

3Cunningham, Ben; Pindrop, “Facebook Breach Means More Munitions for Fraudster ATO attempts” (https://www.pindrop.com/blog/facebook-breach-means-more-munitions-for-fraudster-ato-attempts/), April 6, 2021, pindrop.com