In Data Security, It’s a Numbers Game

Contact Solutions, through a partnership with Pindrop Security and IDology, also offers a multifactor solution to prevent contact center fraud. Called Adaptive Fraud Protection, it leverages Contact Solutions' Red Flag technology to detect and tailor appropriate responses to suspicious activity in the IVR using real-time analytics. IDology's ExpectID IQ is incorporated to provide automated knowledge-based authentication in which responses are verified in real time. And, lastly, Pindrop's Phone Reputation Service contributes to the combined security solution with its real-time caller ID.

Not to be outdone, Authentify in March launched Authentify xFA SecureCallCenter to protect contact center agents from social engineering attempts. With the SecureCallCenter app, a user logs in to the institution's mobile app and taps a contact center button. This triggers Authentify xFA's biometric authentication sequence while a voice channel call is also placed to the contact center. After the user has been authenticated, the SecureCallCenter app connects the call and passes the end user's contact and account information to a module at the contact center console. The module interprets the information for the console, enabling the information to be displayed to the next representative in the queue.

"This is a unique combination of security features where digital certificates, voice biometrics, and a fingerprint could be coupled for authenticating an inbound call," said Alan Dundas, Authentify's vice president of product architecture, in a statement. "There are 60,000 customer service representatives employed across just the top 20 call centers in the U.S. The majority of them are operated by financial services. If you saved each representative only five minutes a day on authentication tasks, that translates to 250,000 employee hours per week. The ROI is easy to measure."

COST-BENEFIT ANALYSIS

As with most enterprise technology investments, cost is a pressing issue, especially for small and midsize firms and young start-ups. Thoughts there are starting to change as well. "There are costs associated with multifactor authentication," Loeser says. "They're not astronomical, but the technology does require some degree of financial commitment."

"It used to be really expensive to put in [multifactor authentication]. There was a high cost associated with deployment and maintenance, but all that is changing now," Ponemon says.

Additionally, the benefits far outweigh any costs, especially when compared to the damage caused by a data breach, Loeser contends. Those costs, he adds, "can be astronomical."

When it comes to multifactor authentication, it's important to determine which deployment methods and factors will best suit your organization.

No matter which option the company chooses, though, Hypatia Research's Ament recommends "assiduous" back-end integration and cross-organizational design. Then, she recommends, authentication methods should be deployed consistently across channels and modes. Customers don't care that companies have selected different tools for the e-commerce and contact center channels, she points out.

And, then, it helps to keep in mind that no system is 100 percent foolproof, but that doesn't mean that companies shouldn't try. "It doesn't take much to provide multifactor authentication. It might make it a little slower to get data out of the system, but it's definitely worth it," Loeser says.

News Editor Leonard Klie can be reached at lklie@infotoday.com.

Related Articles

IBM Announces Spectrum Protect Plus

The data protection solution is designed for virtual machine administrators.