verification methods

Verification Methods: How Call Centers Can Stop Fraud

As much as 61% of all fraud that occurs in the U.S. is actually traceable back to call centers. Gaps in proper verification methods for inquiring customers can make call centers a fertile space for fraud to take root and wreak havoc. In fact, call center losses have continued to increase from $393M in 2015 to $775M in 2020.

Stopping such a sudden influx of fraudulent calls from overrunning a mission-critical call center starts with understanding how it happens in the first place.

How Fraud Happens in Call Centers 

Call center fraud takes on many forms, depending mostly on intent. The following fraudulent schemes are among the most common and they all revolve around tricking agents into revealing valuable information or altering an account:

Account Takeover

Achieving a full account takeover tends to be the endgame for many fraudsters when they call contact centers. To do this, they may ask for account details to be altered or engage in “social engineering” (a variety of manipulative actions) to move agents to make spur-of-the-moment decisions. For instance, a simple social engineering tactic called the “mumble technique” allows some attackers to get through security barriers by intentionally mispronouncing answers to personal questions.

In some cases, simply being added to a user’s account can grant attackers enough leeway to get what they want. This form of fraud can be particularly tricky to rectify after it has occurred, leading to lengthy resolution times and high costs. In 2017, such scenarios took up to 15 hours to resolve on average.

Data Breaches

By leveraging breached information obtained on the dark web, attackers can impersonate unsuspecting victims more effectively. If they have enough information to convince call center agents that they are who they say they are, they could be able to seize control of their victim’s account, funds, etc. with little difficulty.

Alternatively, attackers may use stolen information to convince agents to give them additional information for use elsewhere.

Where it goes wrong 

Call centers of all kinds can fall short when it comes to security, giving potential fraudsters an easy opening to commit their crimes. Even call centers with proven security methods in place can be vulnerable if those methods are misused, inconsistently enforced, or misunderstood by agents in practice.

The following mistakes are common but devastating when taken advantage of by criminal callers:

1. Relying on KBA Questions

Although KBA questions can come in handy to help bar criminals from gaining instant access to a user’s information and account capabilities, they can also be deduced quite easily by persistent attackers.

A Google search can often yield reasonable answers for common KBA questions such as the following:

  • What area code is associated with your account?

  • What state was your SSN issued in?

  • What is your exact address?

Relying on KBA alone can open your business and customers up to a lot of threats, including full account takeovers.

2. General System Susceptibility

Despite geolocation, phone numbers, and device fingerprinting fraudsters can find their way into their victims’ accounts. By spoofing their IP location, caller ID, etc. even automated security systems can have a hard time catching malicious callers.

3. Little to No Person/Account Matching

Without matching a person to the account they have access to, businesses of all kinds can never truly be sure their customers are who they say they are.

As fraud tactics take on complex new forms, the need to tie a person’s online presence to their physical identity grows. For call centers, this is especially important, though difficult to do without the right tooling.

How To Protect Your Call Center 

Call centers absolutely need efficient verification methods for customer identity validation to ensure the utmost security standards are upheld at all times. However, implementing a solution safe enough to protect both customers and the call center itself often implies introducing significant friction for both parties in the process.

Intellicheck’s solutions can fit neatly into your call center’s existing workflow, adapting to the hardware and system architecture you already have in place to provide seamless fraud protection. On top of this, Intellicheck runs in seconds, granting access to genuine users with 99 percent accuracy without turning them away in frustration.

With Intellicheck, users’ documents can be scanned deeply and thoroughly to match text, barcode data, and images with those on official records, ensuring they are exactly who they say they are. Photo identification capabilities go beyond mere image cross-referencing with Intellicheck as well, with pictures being parsed for perceived liveness to ensure they are real. To take a proactive approach to call center fraud, call on Intellicheck.


To see a recorded demo, click here.

A transaction takes place every time you scan /validate an ID.

The transactions that you purchase are available for use for up to one year from the purchase date. When you run out of transactions, you automatically purchase another bucket of the same number of transactions that you originally purchased.

Groups allow you to set-up notifications that are shared across a specific set of devices. For instance if you marked a person as “do not serve” that alert would show when their ID was scanned by any user in the group.

Once you fill in the application form and are approved for purchase, you will be sent a credit card payment link. Once you have made your first payment, then Intellicheck will get you set up and ready to go.

Intellicheck Mobile is the app that your employees use to scan IDs. Once you have your account set-up, you can go to the Apple App Store or Google Play Store to download it for your device. Google Play Store Apple App Store

Standard pricing includes up to 5 devices. These devices will require a separate login, and can be set on the Intellicheck Admin Portal. Customers receive a link to the Admin Portal after they are set up.