So what does this mean for the Contact Centre industry and in particular organisations that take customer payments over the phone?
Despite improvements in security technology, criminals are finding new ways to target consumers using deception crimes over the phone. These have increased overall fraud losses on UK cards by almost 20% in 2013 with £216.1 million worth of card frauds committed in the first 6 months.
The most worrying statistic shows a sharp increase in Card-Not-Present (CNP) crimes, where the cardholder is not physically present at the merchant when making a purchase. Criminals obtain card details through methods such as skimming, hacking into retailer’s data connections, or through unsolicited emails or telephone calls. CNP crime accounts for 63% of all card fraud.
Phone fraud on the increase
A telephone scam called “vishing” is becoming a more widely used method by criminals to get card details. The conman pretending to be calling from a building society, bank or utility provider tries to get their victim to hand over personal information such as their card PIN and date of birth.
They’ll ask the victim to call the bank back immediately to check that the call is authentic. Once the caller hangs up the criminal stays on the line, hands the phone to another member of their gang and the victim believes that they are actually speaking to their bank.
Another scam asks the victim to key in their PIN on their phone keypad, after claiming that their card needs renewing, or has seen some fraudulent activity. This means the criminal can to decipher their personal number from the telephone audio tones.
Tackling fraud
The Citizens Advice Bureau and police provide some good advice, helping consumers to spot a scam. Advice such as:
- Never give out contact details like your name, phone number or address to strangers or to people who should have this information already.
- Never give financial information or details of your identity, bank accounts or credit card to strangers or to the businesses that should already hold your details.
But if this is the advice given to consumers to protect themselves better, in the situation of paying a bill or making a purchase, what do consumers do when they are asked identification questions by a call/contact centre agent before being asked for their card details? How do they know whether they can trust the agent and organisation to keep their information safe?
The Contact Centre Challenge
In a consumer survey commissioned by Eckoh in 2012, 86% of consumers did not trust contact centre workers to keep their card payment details secure, believing that some agents may commit fraud by stealing their data. With the increase in contact centres asking for certain security information over the phone, this increased awareness of security consciousness by consumers may hinder attempts at merchants to present a secure environment to their customers.
To protect their customer details, many contact centres are applying technology that is compliant with the Payment Card Industry Data Security Standards (PCI DSS). This prevents card details from entering their environment and the agents from seeing or hearing the card information being relayed to them. Card details are provided over the phone using the customers’ telephone keypad and the audio tones are converted to monotones to avert encryption. Agent screens displaying a customer’s file also masks the card details from view so they are not seen.
Consumers need to know it’s Safe
Consumers will want the same security signature on their phone calls as they see on their web payments. Despite going to great lengths to implement PCI DSS compliant technology, contact centres are not promoting this level of security to their customers. With greater fraud awareness, customers will no doubt begin to question the integrity and security of the information they are asked to verbally provide over the phone. This was confirmed in our recent survey where 50.3% of consumers said that they would feel more secure if they knew a technology based solution was involved in the contact centre agent transaction process.
To give customers peace of mind at a time when criminals are using direct contact to commit fraud, merchants need to offer the reassurance that they have ALL customer contact channels, including their voice channels, securely covered.
