The contact centre is becoming an increasingly attractive target for fraudsters. In part this is due to advances in security technology, such as Chip & PIN and 3D Secure, making many payment channels safer than ever for consumers. Greater security in online and face-to-face channels means criminals are forced to look for new paths of lower resistance. The traditional contact centre environment, where huge volumes of Card Not Present (CNP) transactions are processed and customers divulge payment card details to agents over the phone, is increasingly being seen as one such path.
Fraud can encompass anything from someone overhearing private information whilst on the phone and passing this to a third party, to a contact centre agent using a person’s details to access their records without authorisation. It can also be a more sinister act such as a contact centre employee being blackmailed into providing sensitive information to a criminal. Fraud could include criminals directly accessing customer data held by the business and carrying out malicious actions, including selling passwords and sensitive card data on the dark web.
Fundamentally, contact centres – whether managed by the company or outsourced – can be the epicentre of customer data storage and availability. Failing to provide adequate safeguards for this data can result in significant damage, including financial loss and identity fraud for the customer, but also damage to a company’s reputation.