As EMV Gains Traction, Fraud Shifts to Call Centers

Maria Schuld
Group Executive – Financial Services Group
Posted on November 22, 2016


What measures does your call center take to combat fraudsters?

As EMV boosts security at points of sale, fraudsters are shifting more and more of their focus toward card-not-present (CNP) venues. Call centers represent one of the areas targeted, with IDology’s 2015 Fraud Report noting that suspected call center-fraud attempts rose six-fold in one year.

How Fraudsters Crash the Call Center Gate

Security breaches provide fraudsters with driver’s licenses, account numbers and other personal data. Those aren’t the only sources of information, however. Fraudsters excel at exploiting social media and the plethora of information easily accessible to all of us that gives them even deeper looks into our personal lives.

In fact, studies show that the more active people are on social media, the more vulnerable they become to fraud and identity theft. That’s because software exists that scans the Internet and then packages the available information about an individual to sell to anyone.  Fraudsters can mine these details to get past challenge questions at call centers.

These are ways in which fraudsters typically work their way through call center systems:

  • Re-opening the gate – The fraudster makes a suspicious transaction, which alerts the bank. The bank cannot validate the transaction, so the card is turned off. However, the fraudster knows or gathers enough information to get the card turned back on by contacting the call center. Getting the card turned back on can open the gate for a fraudster to max out a credit limit quickly.
  • Pushing the gate open step-by-step – Fraudsters who face challenge questions they cannot answer may make multiple calls to push their way through the process, one step at a time: calling to learn a question, researching the answer, then calling back for another question until they gain access to the account.
  • Exploiting the “weakest link” – Fraudsters also try to exploit trusting call center employees by offering a credible story that helps them evade challenge questions.

How Technology Fights Fraudsters

Several advancements in technology are currently succeeding at combating rising fraud, and new ones are on the horizon. For example, you’ve probably noticed the rise in code numbers sent to your mobile device for authentication. Other tools are now being used to counter Automatic Number Identification (ANI) spoofing. Meanwhile, more checks and balances are in place to ensure that a call is being made through a trusted network provider and is coming from the correct geographic area. These solutions help thwart fraudsters who are disguising caller IDs through questionable network providers.

According to a Forbes article, about 70 percent of call center fraud is perpetrated by the same people. Phone printing – akin to fingerprinting – detects whether a call originates from the location it claims and from the phone type it’s supposed to be. When a fraudulent phone print is detected, it’s added to a blacklist of “bad” callers, which at least slows the fraudsters down until they replace their phones.

In the future, look for greater usage of biometric authentication as voice recognition and fingerprinting software continues to become more accurate and able to take into account factors such as the impact of a case of the sniffles on a person’s voice.

How to Handle Fraud at Call Centers

These tools can eliminate much of the fraud occurring at call centers, but their usage does lengthen authentication time. The longer time increases labor costs and can be frustrating to consumers. Without these tools, however, companies face much bigger costs associated with fraud, including the potential loss of reputation. And remember, successful fraudsters keep returning to the well until it’s dry.

My advice for handling fraud at call centers entails a two-pronged approach:

  • Make sure your in-house or outsourced call center has a solid fraud strategy, which includes:
    • Moving toward a plan of authentication based on biometrics (i.e., voice)
    • Using a multi-layered approach to authentication
    • Employing tools that have a track record of success against fraud
  • Develop a communications strategy to:
    • Inform customers how their data can be accessed by fraudsters and how they can work with your company to combat crime
    • Remind customers frequently about the measures you’re taking to protect them and what they can do to help you keep them secure


Leave a Reply

Maria Schuld
Group Executive – Financial Services Group

With over 20 years of experience in the financial and payments industry, Maria is the Group Executive for debit, credit, fraud operations and business management. Previously, she was a senior management team member for Metavante before its 2009 acquisition by FIS. Other areas of expertise include implementation management, account management, and professional services management.