Fraudsters keep trying their hand at duping call centers to access member accounts, but a new partnership between PSCU and an Atlanta-based company called Pindrop is calling attention to a new wave of audio technology that could help pinch dial-in criminals before they even say a word.
The partnership, announced this month, involves something called Phoneprinting — technology that listens in on calls and, in real-time, helps decide whether they may be fraudulent. It then alerts agents, while they are still on the line with callers, that a call may be suspicious.
The idea is to identify fraud attempts early, but it could also be a sign that the days of unlocking an account solely with knowledge-based authentication (think mother’s maiden name or favorite pet) may soon begin to wane.
“We’ve got fraudsters we track around the world and some of them are so professional you would have no idea it’s a true fraudster,” Pindrop VP Michael Hughes said. “Most of this crime is organized. So they are well trained, they’re well versed, they have scripts written, and when they call in they have all the information associated with that account and they just breeze right through authentication. That’s why it’s such a problem in the industry today.”
But by scrutinizing almost 150 other parts of a call, including things such as acoustics and geolocation, listening technologies like Pindrop’s can flag whether a caller appears to be trying to mask his location or a device, for example, according to Pindrop spokesperson Ken Shuman.
Call centers can essentially use the technology to “sound print” calls, because devices themselves have their own inherent sounds, Hughes added.
“Most of these acoustics are unable to be heard by the human ear, so we need machines to listen for them,” he said. “These are acoustical sounds that are inherent in technology that fraudsters cannot remove.”
“We can basically look for anomalies,” he added. “So, the caller calls in and we expect to hear a mobile phone and we don’t hear a mobile phone we hear, for example, Skype coming from some foreign country — we know that there’s a problem potentially with that call.”
“They might be calling on a VoIP line but they can make it look like a mobile phone, or they might be calling from overseas but they can mess with the sound to make it seem like it’s local. We actually love when they do that because it actually sends up more red flags,” Shuman noted. “Because we can see them trying to mask where they’re coming from. So when they try to mask their calls, that actually gives us better intel. They think they’re getting ahead of the curve.”
Jack Lynch, who is PSCU’s chief risk officer, said he’s seen a gradual increase in call center fraud attempts in the industry since the EMV liability shift. He said he expects criminals to continue — if not increase — their efforts to hit call centers. Today one in every 2,000 call center calls is fraudulent, and call center fraud has risen 45% since 2013, according to Pindrop.
But adding new authentication technology doesn’t just help nab bad guys, it also allows call centers to expedite authentication for legitimate callers, letting members get what they need faster, Lynch added. Nonetheless, he said he expects the partnership with Pindrop will prevent millions of dollars’ worth of fraud.
Modernizing authentication tactics is a path many credit unions will need to explore soon, he warned. Credit unions will need to invest more in fraud detection and training at call centers, as well as leverage their pattern-detecting analytics.
“They’re going to have to make the investment, because more and more of the fraudsters are going to get there,” he says.