Contact Center Pipeline May 2025 | Page 38

VOICE SECURITY

When detailing the most concerning AI-enhanced attack vectors, it’ s no surprise that the advisory puts AI-enhanced social engineering schemes and, particularly, voice phishing( vishing) at the top of its list of“ most significant threats.”

THE PRICE WE PAY

It is notable that, according to survey results compiled by research and analysis firm ContactBabel for the US 2024 Contact Center Decision-Maker’ s Guide, an average of 65 % of calls to contact centers require caller ID verification( for the financial industry, that percentage rises to 80-90 %).

Of those calls, a full 90 % require vetting through a live agent. The cost associated with these extensive caller ID verification processes has risen consistently and now tops $ 12.7 billion industry wide.

Despite continuous improvements in fraud detection applications and practices designed to streamline the caller verification process, the process of confirming caller identity today consumes 65 % more time than it did nearly 15 years ago.

This, in large part, is the price we pay to protect the organization and its customers against ever-increasing, ever-more sophisticated cyberattack threats.

A STRATEGY RESET: A FOCUS ON THE CALL FLOW

When architecting an enterprise-class, cost effective, resilient voice defense, the call flow must take center stage. From call inception through agent interaction, industry best practices emphasize the need for a multi-layered approach. This diagram( SEE DIAGRAM 1) illustrates the recommended layers of security and where they fit into a typical call flow.

Each layer can be further defined as follows.

Voice Firewall

A voice firewall is a technology-based call filtering system that examines the forensics of call data related to incoming voice traffic at the forefront of the call flow.

Calls that are clearly abusive, disruptive, or unwanted( robocalls, spoofed calls, spam storms) are identified and eliminated before they pass to the IVR. Other calls may require additional caller authentication screening.

Critically, a voice firewall uses advanced analytics and machine learning to identify anomalous behaviors and tell-tale indicators of potential fraud. It can be configured to either remove or reroute those calls deemed suspicious to other resources for additional vetting.

By cleansing incoming call traffic of unwanted calls from the beginning, a voice firewall optimizes the performance of downstream call authentication and fraud detection solutions. And,

by reducing live agent interaction with unwanted callers, they substantially reduce the organization’ s risk exposure to voice-based threats.

Call Authentication

Call authentication takes place midstream along the call flow and refers to a combination of technologies and practices used to confirm that the person calling is actually who they say they are. While a voice firewall examines the call metadata, call authentication examines the caller. Automatic number identification( ANI) validation and CRM lookup are common call authentication technologies.

Modern contact center platforms may also include a biometric technology screening that analyzes callers’ keypad interactions when navigating the IVR system for signs of reconnaissance“ probing” indicative of nefarious intent.

Additionally, these systems may“ listen” to caller voice responses to IVR prompts and flag those deemed inconsistent. Suspect results may trigger agent desktop alerts or call routing to a specialty resource.

Fraud Detection

Fraud detection is the last line of defense carried out at the agent level. Note that fraud detection screening may be integrated into certain call authentication technologies. Results from prior technology-based screenings may generate alerts on the agent desktop prompting additional action. In general, here are what agent-level fraud detection practices include:

• Knowledge-based authentication( KBA). A traditional security protocol where agents ask the caller to repeat a password or answer a security question.

CONTINUED ON PAGE 41

( SOURCE: MUTARE)

38 CONTACT CENTER PIPELINE