Background 

Digital audio watermarking received a great deal of attention in the early 2000s as a means of protecting the intellectual property of digital media in the advent of file-sharing and media streaming. While there were some publications discussing watermarking, the vast majority of research from this period focused on music where copyright protection requirements have been most significant.

In the past year, the topic of audio watermarking has seen a resurgence in interest and this time the focus is on speech. The key driver behind this resurgence has been the vast improvement in text-to-speech and voice conversion technologies that has led to the somewhat negative connotation of ‘deepfakes’. It quickly became apparent that deepfakes can be a vehicle for misinformation, media manipulation, social engineering and fraud, to mention but a few. It has therefore become increasingly important to be able to quickly and accurately decide if a speech signal is real or not – something that by now is far beyond the capabilities of a human listener. And this is where watermarking comes in. It has been proposed to watermark synthetically generated or manipulated audio then use the watermark to validate the authenticity of the speech signal.

In Pindrop’s contribution at Interspeech 2024, one of the flagship scientific conferences of speech science, we present an improved method of watermarking based on the classic spread spectrum approach. In this blog, we will provide a summary of the main findings of this work. The interested reader is referred to the paper for details [REF TO PAPER]. 

Fundamentals of watermarking

A watermark typically consists of a pseudo-random sequence of +1s and -1s. This sequence is embedded in a carrier signal, which in our case is speech. The watermarked signal may then be compressed for storage, transmitted over telephone networks or replayed through a loudspeaker. At some point, a user of the speech signal can probe its authenticity by trying to detect a watermark and, if the watermark is present, it would indicate a deepfake. 

Figure 1. Generic watermarking system diagram.

Although conceptually straightforward, watermarking presents conflicting requirements that must be satisfied for a watermark to be useful in practice. These requirements are illustrated in Fig. 2. The balance must be struck between the robustness to anticipated and deliberate attacks, imperceptibility (or inaudibility) to a listener or to an observer, and the information bearing capacity.

Figure 2. Triangle of conflicting requirements of watermarking.

What makes watermarking speech more challenging than music?

There are a number of factors that make watermarking of speech more challenging than watermarking music. The most important of these factors are listed below:

  • Speech communication channels: a typical speech communication channel includes several stages where the speech signal is degraded through, for example, downsampling, additive noise, reverberation, compression, packet loss and acoustic echoes. All of these may be viewed as non-deliberate attacks, and thus they form the base of minimum requirements for watermark robustness. 
  • Tolerance to degradations: the objective of a speech signal is to convey two pieces of information: (i) who is speaking and (ii) a message between a speaker and a listener. Both of these can be achieved successfully even in large amounts of background noise and reverberation. This may be exploited by bad actors to make a watermark undetectable. 
  • Limited spectral content: speech signals generally have much less spectral content than music. This makes it more difficult to find space for embedding a watermark in a manner that makes it imperceptible. 
  • Short frame stationarity: speech can be considered stationary in 20-30ms frames only which is at least two to three times lower than music signals. As will be discussed later in the blog, this has implications on the length of watermark that can be embedded. 

Improved spread-spectrum watermarking of speech

Spread-spectrum watermarking is one of the most prominent solutions available in the scientific literature. However, it was developed with focus on music and as we described earlier, watermarking of speech requires a different set of requirements. Below we summarize the important improvements and, thus, the novel contributions of our work.

  • Frame-length analysis: in the original spread-spectrum work, frame sizes of 100 ms were used for the embedding of the watermark. We demonstrated empirically that the optimal frame-size for speech is in the range of 20-30 ms; longer frame-size than that makes the watermark audible and its intensity must be reduced, which in turn reduces robustness. We also showed that frame-sizes greater than 100 ms may be used for music without compromising robustness or imperceptibility.
  • LPC-based weighting: one commonly used technique to improve imperceptibility and without compromising robustness is to embed the watermark in high magnitude frequency components of the carrier signal. While this has proven to work for music, we demonstrate in our work that it is detrimental to speech. The reason for this is that the high magnitude frequency components in speech typically correspond to formant frequencies and when these are disturbed the speech quality is adversely impacted. Hence, we derive a weighting function from the linear prediction coding (LPC) spectral envelopes that is closely related to the formants and use it to weight the watermark such that it is reduced within the spectral peaks but emphasized elsewhere. Our results show that the intensity of a watermark may be doubled (thereby increasing robustness) when this method is applied. 
  • Deep spectral shaping: from classical detection theory, the optimal detection of the watermark (or any signal in general) is a matched filter or the correlation between the watermarked signal and the watermark. This holds true if the carrier signal is spectrally white and for simple interference such as added white Gaussian noise. As we have discussed above, this is rarely the case for speech signals. Applying a pre-whitening filter, such as a cepstral filter, can improve detection accuracy by combating the inherent spectral slope in speech, however, it does not deal with more complex degradations. Hence, we considered two different deep neural network (DNN)-based architectures for preprocessing the signal prior to the matched filter operation. The models were trained on anticipated degradations such as downsampling and compression down to 8 kbit/s. We showed that this could significantly improve detection accuracy in these more challenging cases with an equal error rate improvement of up to 98%. 

Summary

Watermarking has been proposed as a possible solution to the detection of synthetically generated or modified speech. While many methods were developed originally for music, they are not directly applicable to speech. We have highlighted the differences between speech and music and we addressed several of those in this work. Specifically, we defined an optimal frame-size range for embedding a watermark, we derived an LPC-based weighting function for improved watermark embedding, and a DNN-based decoding strategy for watermark decoding robust to complex degradations. This work thus shows that we are able to obtain reasonably robust watermarking strategies for speech signals. However, there is still work to be done in order to fully understand the extent to which this can help combat the misuse of deepfakes.

Learn more about Pindrop liveness detection technology here.

Deepfakes are no longer a future threat in call centers. Bad actors actively use deepfakes to break call center authentication systems and conduct fraud. Our new Pindrop® Pulse liveness detection module, released to beta customers in January, has discovered the different patterns of deepfake attacks bad actors are adopting in call centers today. 

A select number of Pindrop’s customers in financial services opted to incorporate the beta version of Pulse into their Pindrop® Passport authentication subscription. Within days of enabling, Pulse started to detect suspicious calls with low liveness scores, indicating the use of synthetic voice. Pindrop’s research team further analyzed the calls to validate that the voices were synthetically generated. Ultimately, multiple attack paths were uncovered across the different customers participating in the early access program, highlighting that the use of synthetic voice is already more prevalent than the earlier lack of evidence might have indicated.

The following four themes emerged from our analysis across multiple Pulse beta customers:

    1. Synthetic voice was used to bypass authentication in the IVR: We also observed fraudsters using machine-generated voice to bypass IVR authentication for targeted accounts, providing the right answers for the security questions and, in one case, even passing one-time passwords (OTP). Bots that successfully authenticated in the IVR identified accounts worth targeting via basic balance inquiries. Subsequent calls into these accounts were from a real human to perpetrate the fraud. IVR reconnaissance is not new, but automating this process dramatically scales the number of accounts a fraudster can target.
    2. Synthetic voice requested profile changes with Agent: Several calls were observed using synthetic voice to request an agent to change user profile information like email or mailing address. In the world of fraud, this is usually a step before a fraudster either prepares to receive an OTP from an online transaction or requests a new card to the updated address. The experience for agents on these calls could have been more comfortable at best, and on one call, the agent updated the address successfully at the request of the fraudulent synthetic voice.
    3. Fraudsters are training their own voicebots to mimic bank IVRs: In what sounded like a bizarre first call, a voicebot called into the bank’s IVR not to do account reconnaissance but to repeat the IVR prompts. Multiple calls came into different branches of the IVR conversation tree, and every two seconds, the bot would restate what it heard. A week later, more calls were observed doing the same, but at this time, the voice bot repeated the phrases in precisely the same voice and mannerisms of the bank’s IVR. We believe a fraudster was training a voicebot to mirror the bank’s IVR as a starting point of a smishing attack. 
    4. Synthetic voice was not always for duping authentication: Most calls were from fraudsters using a basic synthetic voice to figure out IVR navigation and gather basic account information. Once mapped, a fraudster called in themselves to social engineer the contact center agent.

There are 4 main takeaways for Call Centers: 

  1. Deepfakes are no longer an emerging threat, they are a current attack method: Bad actors are actively using deepfakes to break the authentication systems in call centers and conduct fraud. Every call center needs to validate the defensibility of its authentication system against deepfakes. Review a professional testing agency’s best practices on how to test your authentication system against such attacks
  2. Liveness evaluation is needed independently and alongside authentication: catching and blocking pre-authentication reconnaissance calls can prevent fraudsters from gathering intel to launch more informed attacks.
  3. Liveness detection is most impactful when integrated into a multi-factor authentication (MFA) platform: Few fraudsters can dupe multiple factors, making MFA platforms a no-brainer choice for companies concerned about deepfakes. the Pindrop® Passport solution uses seven factors to determine authentication eligibility and returns high-risk and low voice match scores on many synthetic beta calls. In contrast, solutions relying on voice alone put customers at greater risk with reliance on the single factor most fraudsters are focused on getting past.
  4. Call Centers need continuous monitoring for Liveness: Different attacks target different call segments. Monitoring both IVR and Agent legs of call helps protect against both reconnaissance and account access attacks. 

Many companies are considering the future impact of Deepfakes, but it’s already here. A Fall 2023 survey of Pindrop customers showed that while 86% were concerned about the risk posed by deepfakes in 2024, 66% were not confident in their organization’s ability to identify them. Meanwhile, consumers expect to be protected, with about 40% expressing at least “Somewhat High” confidence that “Banks, Insurance & Healthcare” have already taken steps to protect them against risks in our Deepfake and Voice Clone Consumer Sentiment Report. While it may take time for attackers to move downstream from the largest targets, it’s clear that the threat of deepfake attacks is already here. It’s time to fortify the defenses. 

Learn more about the Pindrop® Pulse product here.

From proposing new paradigms to cost-saving accuracy improvements, our research team is all over the ICASSP, an industry-leading human centric signal processing conference. Let’s take a look at Pindrop’s three paper submissions to learn more about these innovations.

Note: The experimental results presented in these papers do not reflect the performance of our products.

Paper 1 – Distribution Learning for Age Estimation from Voice

The research team here at Pindrop decided to take a new approach to improve age range estimation just from a speaker’s voice. Instead of looking at it as a classification or regression problem, we look at it as a distribution learning problem. After looking into how distribution learning is used for facial recognition, the first apparent obstacle identified is that audio research lacks datasets with “apparent” age. The research conducted, however, shows that the promises of distribution learning validated for facial age estimation still hold for audio, that is, when humans estimate someone’s age range (from image or voice), it is relatively easy for them to give an age range estimate with a particular confidence interval. We were able to beat out the traditional approaches under most conditions.

Fig 1: Proposed age estimation: The front-end extracts speaker embeddings from voice utterances. The back-end is trained using Gaussian-based distribution learning losses.

Read the full paper → 

Paper 2 – Speaker Embedding Conversion for Backward and Cross-Channel Compatibility

Automatic speaker verification (ASV) systems have been growing in accuracy thanks to breakthroughs in low-rank speaker representations and deep learning techniques. At Pindrop, we refer to ASV as ‘voice authentication,’ and this technology has led to the success of voice authentication in real-world applications from contact centers to mobile applications and smart devices.

When looking at compatibility between voice models, our research team found that many providers of voice authentication technology have been migrating their models to newer deep learning paradigms, making embeddings from legacy versions incompatible with newer versions. They have proposed a novel DNN-based method to facilitate this model upgrade to allow for backwards compatibility.

Fig 2: Overview of the proposed ASV system. The system uses the embedding convertor to transform the old enrolled i-vectors into the “converted” x-vectors* that could be directly compared with the newly acquired test x-vector.

The research team also found that their new DNN-based model works without impacting customers, while reducing engineering and computational cost overhead.

Read the full paper → 

Paper 3 – Unsupervised Model Adaptation for End-to-End ASR

State-of-the-art Automatic Speech Recognition (ASR) systems are widely used in our devices and communications systems. When you call your bank, a robot voice asks you to “say or press 1,” for example. The system transcribes your audio so the computer can point you in the right direction. However, these ASR systems can be flawed, underperforming in mismatched train-test conditions like call centers where it’s difficult to account for accent, voice audio quality, etc.

To solve for this, the research team has proposed a cost-effective way to improve accuracy of ASR systems using in-domain data without the need for costly human annotations. This was made possible by exploring the relationship between the word-error-rate (WER) and the CTC loss on one hand, and the WER and the probability ratio based confidence (PRC) on the other hand., as illustrated in Figure 3. Results show that we could reduce the WER by 8% (absolute) in a completely unsupervised way, basically allowing the ASR model to adapt itself to accommodate for suboptimal conditions.

Fig 3: Scatter plots of CTC loss vs WER, PRC vs WER for the utterances from the HarperValleyBank dataset.

Read the full paper → 

Note: The experimental results presented in these papers do not reflect the performance of our products.

Fraud costs don’t start in your finance department. They start in your IVR. 60% of fraud begins in or touches it and while you are aware of the media reported mega-breaches that have plagued companies and consumers both, have you considered your contact center’s place in the journey from data capture to fraudulent transaction and account takeover? Fraudsters stalk contact center IVRs using them as search engines for your CRM to validate customer data. They then use that validated customer data to social engineer your agents or commit fraud across other channels. Pindrop is turning the tables on fraudsters by creating a playbook to stop them. 

If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
Sun Tzu, The Art of War

To help support contact center leaders in the arms race for customer data, Pindrop has assembled a curated collection of assets, research, and tools to help you bolster your defenses.  

You can explore the tool kit on this page linearly or choose the section you need: 
What is Contact Center Fraud?
Who Are The Victims of Contact Center Fraud?
Who Are The Victims of Contact Center Fraud: Your Customers
How Contact Center Fraud Impacts Elders and The Disabled
How Contact Center Fraud Impacts Children and Families
Who Are The Victims of Contact Center Fraud: Employees
How Contact Center Fraud Impacts: The Fraud Team
How Contact Center Fraud Impacts: The CX Team
How Contact Center Fraud Impacts: The Leadership
Who Are The Victims of Contact Center Fraud: Your Business
What Kinds of Fraud Targets Contact Centers?
Account Takeover Is The Goal
Social Engineering in Contact Centers
Call Spoofing in Contact Centers
Man in the Middle, The Customer Assisted-Attack
Fraud Tactics –  Evolving in a contactless society
Where Do Attacks Begin in Contact Centers?

What is Contact Center Fraud? 

Fraudulent activities like fake transactions and false information updates or activities supporting the eventual takeover of an account like data reconnaissance or social engineering – are all types of contact center fraud. Contact center fraud, therefore, is any fraud related activity occurring in or originating from the contact center – or more simply, your company’s phone channel.

Unsurprisingly, seismic changes in the way we interact with customers and the way they interact with us and each other have impacted call volumes and have exacerbated other operational challenges – opening the door for rising contact center fraud. 

Who Are The Victims of Contact Center Fraud?

The victims of contact center fraud are often considered to be the customer themselves and of course the business. With common costs including chargebacks and other remediation efforts like card re-issuance fees; in addition to the actual monetary loss. But these are only a fraction of the victims and impacts of contact center fraud. 

We discuss the real victims of contact center fraud below:

Who Are The Victims of Contact Center Fraud: Your Customers

Your customers come to mind as the first and most obvious victims of contact center fraud. Fraudsters are scraping your ivr to validate their information for nefarious use after-all, but what about their dependents, friends and family, and your most at-risk customers? 

How Contact Center Fraud Impacts Elders and The Disabled

Elder fraud is heinous and unfortunately, it is increasing. The seniors that patronize your business are being targeted through information harvesting schemes online and via the phone channel. These phishing scams result in fraud reconnaissance activities in your IVR to validate the data and hone processes for account takeover. Contact center fraud specifically impacts elders due to their incapability of remediation. 

How Contact Center Fraud Impacts Children and Families

Not often viewed as a casualty in the fraud fight, the identity of children, both of account owners and those that are actual clients is specifically at risk. Like the elderly, the credit histories of children are rarely monitored and as such are easy targets for cybercriminals and professional fraudsters. Uniquely the threat to children often includes the usage of leaked or stolen lifetime data like social security numbers, the compromise of which can cause identity on-going complications. 

Who Are The Victims of Contact Center Fraud: Employees

How Contact Center Fraud Impacts: The Fraud Team

A fraud team’s capacity is often regarded as an obvious result of increased contact center fraud activity – but the costs concerning operations like time lost on false positives, complex fraud ring investigations, and increased fraud activity causes backlogs that put stress on what may be an already understaffed fraud team. 

How Contact Center Fraud Impacts: The CX Team

Costs associated with churn like recruiting and training spends can be the result of anti-fraud systems that provide no support for your frontline, requiring investigations and inferences on the part of the agent.  

Who Are The Victims of Contact Center Fraud: Your Business

Operations Costs

Operations costs associated with finding and fighting fraud are often over-looked. Costs associated with decreased analyst capacity but increased fraud can devour entire week’s worth of man-hours for an entire team, wasted on the remediation of one account takeover. 

If your business is targeted by an organized crime ring,  there could be as many as 10 professional fraudsters working simultaneously to defraud one organization. In this scenario, as many as 100 accounts would be controlled by fraudsters, resulting in 1600 hours of remediation. 

16 Hours Per Compromised Account x 100 Compromised Accounts = 1600 Work Hours To Remediate

1600 hours of remediation is 40 analysts worth of work for an entire week. A week’s worth of wasted costs and productivity causes backlog and can result in more  fraud losses and related remediation costs, ranging from several thousand per account, higher if the fraudster had been targeting the institution with reconnaissance activities.

Brand and Reputation Costs

1 in 3 consumers will abandon a brand after a negative experience like ATO, and over 90% will abandon their chosen retailer after 3 bad experiences. As we have necessarily shifted to a contactless economy- the phone channel is replacing face-to-face customer service and consumers overwhelmingly want to keep human interaction as an element when resolving an issue or otherwise interacting with corporations and organizations. 

Your IT Security

A spike in fraud attacks may mean a network intrusion, exposed servers, or a third party breach. Additionally, leaky IVRs may allow for the validation of employee data that can be used for network intrusion and unauthorized access. The threat of contact center fraud effectively expands your attack surface as IVRs and the voice channel as a whole increasingly becomes a vector of choice in the contactless era.

Additionally, as dark web data finds itself into the contact center, should your employees use the same passwords across their personal accounts and your network, data validation in the IVR could potentially open new challenges that don’t target the consumer and instead focus on your company’s internal data. 

What Kinds of Fraud Targets Contact Centers?  

Fraudsters don’t rely on luck; they do their homework. They use multiple sources like purchased data, harvested from corporate breaches, and sold on the dark web and leaked data scraped from servers and unsecured pages to develop profiles on the organizations they target. They study how contact centers operate, the relevant policies for their endeavors, and have access to petabytes of personal data on their customers like name, DOBs, SSN, drivers license numbers, and more.  They come prepared to answer security questions and have practiced strategies to bypass your security, authenticate into account, and get out before anyone notices.  

Account Takeover Is The Goal 

The goal of contact center fraud is account takeover. Account takeover allows for additional low-risk reconnaissance and the creation of additional synthetic identities. To accomplish this, fraudsters leave the dark web armed with “fresh data” and use it to target your contact center in a variety of ways.

Social Engineering in Contact Centers

Professional fraudsters understand human psychology, it is a part of their jobs. In the contact center when they interact with your agents they use this psychology knowledge along with distraction, empathy, trust-building, vishing, and basically harassing the agent into allowing access to the account. 

Call Spoofing in Contact Centers

ANI spoofing allows bad actors to imitate a customer number to bypass IVR controls. Automatic Number Identification spoofing is a deliberate action that allows access to your frontline agents and enables social engineering. 

Account Reconnaissance in Contact Center IVRs

Before ever attempting interaction with an agent, bad actors validate consumer information in the IVR. 60% of fraud originates in our at some point touches the IVR. 

Man in the Middle, The Customer Assisted-Attack

Assisted by ANI Spoofing to the customer instead of your call center initially, consumers are duped into believing that they are interacting with a genuine agent as the fraudster literally plays the middle man live – calling into the bank with the customers spoofed number and giving your agent the correct answers directly from your customer. 

Dark Web Data & Contact Center Fraud

Cross-channel fraud can be assisted by unidentified breaches or leaks which provide data for sellers and buyers on the dark web. Fresh and often guaranteed to be verified – bad actors simply bypass controls using a mix of spoofing technology and perfectly genuine data. 

Fraud Tactics –  Evolving in a contactless society

In early March, governments across the world began warning consumers of a sudden uptick in scams most likely driven by current and assumed-future conditions. Phishing scams that would evolve into fraudulent activity across banking, financial services, insurance, and other verticals. The fraudsters would adapt their social engineering appeals to reflect current events and play on anxieties too. Taking many standard techniques and simply adding a dose of the newsfeed.

Social Engineering Tactics – Changes Since The Contactless Shift

The Urgent Request 
The Fraudster calls and says all my other banks are closing and I won’t have access to any money so we need to transfer money asap. They will make it sound like an urgent request, “we can’t wait” in hopes your agents will skip some steps to make the transfer happen. 

The Philanthrope: The Fraudster calls pretending to be a client and says they need to access money quickly so they can donate to various COVID-19 related cures, treatments, clinical drugs, etc., and need to make a transfer to another account. Always rushing agents on the phone to act quickly.  

International Traveler: The Fraudster calls telling the agent that they are stuck outside of the U.S. and need money ASAP so they can get back in. Again, playing on all the hysteria of being stranded overseas, away from family, to make it sound hectic and dire. 

Elder Abuse: The Fraudster calls organizations pretending to be the caregiver of an elderly person who has become ill and needs help. These con-artists then phish for information on the actual client while on the phone with your agents. Then, they empty the elderly person’s account, or they call in again to see if they can phish for more information.

Traditional Phishing: Fraudsters using social engineering to garner information from your call center agents for future fraudulent. Strong authentication and anti-fraud protections will be crucial here.

The Racketeer
Favorite Tactic: Man in the middle 
The Wolf
Favorite Tactic: IVR Reconnaissance
Mr. Roboto
Favorite Tactic: ANI Spoofing
Crash Override
Favorite Tactic: Dark Web Data
The Good Samaritan
Favorite Tactic: Social Engineering
The Smurfette
Favorite Tactic: IVR Reconnaissance
Mr. Roboto
Favorite Tactic: ANI Spoofing

Explore more fraud profiles in our 2020 Voice Intelligence Report. 

Where Do Attacks Begin in Contact Centers?

The journey of a fraudster begins with stolen or otherwise ill-gotten customer data and ends with significant costs to your organization. As fraudsters move from theft to validation and ultimately use that stolen data for fraudulent purchases, they may touch your phone channel hundreds of times. Fraudsters use IVRs for reconnaissance activities, validating transactions, balances, and performing other tasks deemed as “low-risk”. But these low-risk activities translate to future fraudulent activity. Activity that takes place across channels like your online chat, email, and again through your phone channel- in the form of socially engineered agents. Watch our webinar, understand the journey, and build a comprehensive defense.

The Fraudster Toolkit:
Fraudsters use tools just like you do to help them optimize their performance. So we developed resources to help you build solid defenses. Below are the most popular tools fraudsters are using to cost you money, time, and customers – with links to show you how to stop it. 

The Wire Cutters: Social Engineering
One of the core components of contact center fraud, but almost impossible to detect consistently without technology. Learn More – Webinar on demand 

The Circular Saw: Voice Distortion
Many fraudsters alter their voice to bypass any voice biometric technology trying to create noise, or even as simple as using a higher or lower-pitched voice to more closely imitate their victim when talking to a contact center. 

The Framing Hammer: Fraud Bible
As a possible legend or myth, the fraudster playbook known as the fraud bible read Pindrop’s position on the dark web trophy. 

The Tape Measure: Data on Target Victim
Data reconnaissance and data dealing can mean big business for fraudsters, learn more about their techniques here, and how they supplement their own data with your IVR.  

The Shovel: Account Mining
Fraudsters use a company’s own tools against them. Learn first hand how fraudsters use the IVR to verify stolen data and use automated dialers to dial account numbers and PINs. 

The Handyman: Artificial Intelligence
AI is changing the world rapidly, including fraud. AI now has provided the ability to look and sounds like anyone else. If someone has a long youtube video of themself, that would be enough to replicate their voice and allow the fraudster to communicate as the victim to employees and contact center. 

How to Detect Contact Center Fraud: Current Solutions for Contact Center Security

IVR Authentication As Fraud Prevention

It’s a bad idea. IVR authentication has it’s benefits, verifying supposedly genuine customers prior to the call’s connection to an agent. Pre-ring authentication lowers AHT, increases agent capacity, and improves CX but simple voiceprint to blacklist matching is not sufficient for fraud defense.

Real-Time Fraud Detection For Contact Centers

Real-time fraud detection used to be the gold standard of technological limits concerning anti-fraud solutions. However, fraudsters spend weeks attacking your IVR, validating data, honing processes, and even testing your fraud controls. The actual transaction and loss do not occur typically for another 30-60 days. 

Graph Analysis for Fraud Detection in Contact Centers

Graph analysis has many applications. Capable of visualizing and analyzing extremely large data sets across any number of data points to reveal relationships between what seems to be unrelated activities. These relationships translate to patterns that may be indicative of fraudulent activity.

You can harness the power of your IVR in the form of predictive analytics. Learn more about preventing fraud in the IVR and learn how you can harness data from your phone channel to harden your entire contact center to attack. 

LAS VEGAS–One of the difficulties in protecting against phone fraud scams is actually detecting them. Technology certainly helps, but in a lot of cases, it’s up to the potential victim on the other end of the line to figure it out for himself.
That has turned out to be a fairly high hurdle for a variety of reasons, one of which is that many people aren’t all that good at recognizing the subtle differences in speech, discourse patterns, and syntax that can signal a problem. Phone scammers count on this and work hard to exploit it by using conversational tricks and tactics to push victims to the place they want them to go. A key part of this plan is to make the story they’re telling–whether it’s about unpaid taxes or money transfers or a Nigerian prince–sound like it requires urgent action on the part of the victim.
Judith Tabron of Hofstra University has studied various phone scams and the ways that the scammers use language tricks to dupe victims, and found that the urgency is a vital part of their game.
“The scammers are trying to pull you into a current emergency. That’s part of the goal. They’re not telling you a story, it’s a malformed story,” Tabron said during a talk at the Black Hat conference here Thursday.
“It’s probably the toughest thing to recognize in the moment, though. It’s a violation of the narrative structure that we’re expecting.”
Constructing that malformed story takes work, though, and one of the building blocks is the use of polar tag questions. Those are questions along the lines of: Turn off the TV, ok? It’s the kind of question that people essentially never say no to, and phone scammers rely on that, Tabron said. Noticing the use of repeated polar tag questions can help victims identify scam calls, she said.
“If you can notice those, it’s helpful. If they’re ending every conversational turn with a polar tag question, there’s a reason for that,” she said. “It’s a test.”
The scammer wants to get the victim to start agreeing with the questions so he can establish a rapport and move on to the next step of the scam, which is extracting whatever money he’s after. Getting that money is the ultimate goal, and the use of coercive language to intimidate the victim is often a part of the play, too.
“Not all phone scams have coercive language in them, but a lot of them do,” Tabron said. “There’s a lot of bullying that goes on in the wire transfer scams. A lot of, Do this or you’re fired.”
But Tabron said just telling potential victims to be wary about these calls doesn’t necessarily help very much. Detecting fraudulent behavior is a more viable solution.
“Telling people to be hyper-vigilant doesn’t work. You have to tell people what to look for,” she said.

Voice security is
not a luxury—it’s
a necessity

Take the first step toward a safer, more secure future
for your business.