One of the biggest growth industries of 2016 was call center fraud.
Fraudulent calls to call centers more than doubled in 2015-16, from 1 in every 2,000 to 1 in every 937, according to Atlanta based information security firm Pindrop – which saw its revenue triple over the same period.
You can learn more about Pindrop’s “acoustic fingerprinting” technology and how it defends call centers at the eRisk – New York conference on 14th September. Tickets are complimentary for retailers and end users. To register go to http://eriskevents.com/new-york-booking/
The combination of EMV card rollouts and better online security has pushed fraudsters to exploit the phone channel. Since a human being is usually still needed to authorize call center transactions, they are proving to be easier targets.
Pindrop is a specialist in risk scoring for phone calls, a service that many people hardly realise exists, or is needed, says the company’s director of research David Dewey.
He tells Retail Risk News: “If I go out on to the street and talk to a stranger and tell them that what I do for a living is help people defend their call centers against fraud, their first reaction is always, do people really do that?
“It’s because people are unaware fraudsters are targeting call centers that they are one of the most lightly defended channels,” he says. “Fraudsters are using that to their advantage.”
His colleague Payas Gupta, a data scientist working at Pindrop, adds: “Our customers often don’t realise how much fraud is aimed at their centers. We go in and find it’s much more than they anticipated.”
In his presentation at eRisk – New York, Payas will be explaining how the company’s products and services can help retailers.
Pindrop saw its revenue triple in 2015 while its customer base more than doubled.
The savings that many retailers as well as financial institutions have achieved using Pindrop’s “acoustic fingerprinting” technology was obviously the key to that success.
Known as Phoneprint, the technology integrates with companies’ internal systems and helps to identify people’s voices, locations, and devices. This is added to a database for future reference and to help separate legitimate callers from scammers.
Phoneprint listens to 147 different features of a phone call, to identify the uniqueness of a device and attach it to a caller, the company says. To create the metadata, Pindrop analyzed millions of phone calls in telecom databases from around the world and used machine learning to turn that information into usable content.
Phoneprint can reveal whether a caller is using a cell, landline or VoIP phone; where the call is really coming from and whether the caller has been seen before. It also looks for evidence of caller ID spoofing or voice distortion technology, such as ‘packet loss’ in which ‘pindrop’-sized bits of audio drop out, hence the company name.
Based on this analysis, the service generates a risk profile and a score for each call. Pindrop has identified specific criminal groups, for example, a Nigerian ring nicknamed “West Africa One”.
The solution really is one of a kind, says David Dewey. “We don’t see anyone else out there on the market using this sort of technology to tackle the problem of call center fraud.”
Another tool the company uses to investigate scammers, and the way they work, is a large pool of “user-less” phone numbers.
“We directly manage what we believe is the world’s largest “phone honeypot”” – known at Pindrop as the Phoneypot), says David. “These are numbers that don’t belong to anyone so that technically no one should be calling them. Fraudsters sometimes call these honeypot numbers, and we data-mine the calls to try to find out where the fraud is coming from and what kind of details they are looking for.”
The recent BBC investigation in which a reporter passed himself off as his twin brother when calling a bank, showed that voice biometrics technology can make mistakes. David agrees there is error associated with it.
“That’s why at Pindrop we tackle the problem with several layers of protection. We add a layer of phone fingerprinting to the voice biometrics, so that if your evil twin brother wanted to steal your voice he would also have to steal your phone. On top of that we use behavioral analytics to look at how you normally interact with an IVR (interactive voice response) system, how you normally type in your account number, for example. So now your long lost evil twin brother has to steal your voice and your phone and imitate your interaction with IVR. It’s called defense in depth.”
The ROI on Pindrop’s products is very measurable, David says.
“For example one fraudster phoned a company’s call center, asked what was their most expensive refrigerator and then ordered four of them. There is a clear dollar amount you can save by not serving that customer. The client that received that call had a dollar amount they wanted us to save, and we achieved half of that amount in the first week of our deployment.
“People think phone fraud isn’t happening to them. When you explain it to them in terms of banks it makes sense, but when you explain it in terms of office supplies they think that couldn’t possibly be happening. It’s important to understand that fraudsters are targeting anyone that has a call center, and handles financial transactions of any kind.”