Fraudsters answer security questions better than customers
Pindrop released a report uncovering how companies might be accidentally inviting fraud, threat mongers from the dark web and bad actors better prepared to pass authentication.
Data dealers are growing more sophisticated, offering more service, more details, and more organized information. Because of this, 2021 was a record breaking year for data breaches. In fact, bad actors actually had better performance than genuine customers at answering security questions. The data illustrates this security weakness when used as an authentication method, as well as the impact on genuine customers who will often fail to pass authentication with this security system.
Bad actors better prepared to pass authentication
- Ninety-two percent of fraudsters passed knowledge-based authentication (KBA) questions based on a national contact center case study, while genuine customers only passed KBA’s forty-six percent of the time
- Organized crime rings have now set up storefronts on the dark web and have become illicit data vendors and even offer return policies
- Customer satisfaction with the identification process is higher online than via phone call
- Sixty-five percent of enterprise company board members expect customer engagement/loyalty to improve as a result of increased investment in IT, technology, and digital business capabilities
- Twelve percent of the time, retail and insurance company agents failed to verify customers’ identities
“With 2021 seeing a sixty-eight percent increase in data breaches, bad actors are compromising data easier and more efficiently,” said Vijay Balasubramanian, CEO of Pindrop. “Now is a good time to change the locks and advance the way customers can open more worlds safely and privately with just their voice.”
Data breaches and the dark web are destroying a provider’s ability to use knowledge-based or out-of-wallet questions to authenticate customers. As board members demand better customer experience, it’s shown that customers prefer more advanced authentication methods than they are currently receiving over the phone.
The report examines how authentication and identification technology that allow people the right access have a dual nature. While the systems are designed to let users in, these programs also have the ability to let in individuals who are not the user. To stay protected and secure, it is crucial to understand how bad actors rely on certain authentication methods to commit fraud.