The end goal of every call center is to provide fast and efficient services to callers. Whether a call center makes out going calls, takes incoming calls, or does both, you want your customers to come away from the call with a positive feeling about their experience.
But before phone reps can even begin to help customers, they have to validate that the person on the other end of the line is who they say they are. Getting through this portion of the call quickly and efficiently, while also protecting your customer's data from nefarious impostors can be challenging. This balancing act is especially true if you have industry security standards such as PCI and HIPAA that you must also adhere to.
Traditionally, phone service centers use validation methods like asking the customer to validate their address or phone number, asking the customer to answer security questions, or asking the customer to tell you their PIN number.
The problem is that all of the above methods are either not very secure or are not very efficient. Anyone with even remote contact with another person is likely to know or can figure out someone's address or phone number. With access to the Internet and social media postings, answers to security questions like the name of an oldest child or where someone went to high school, is easy enough to obtain. As for pre-issued security PINs, most people lose or forget those almost as soon as they are issued. With all of the user names and passwords that a typical adult needs to remember, can you blame them for forgetting a PIN?
Phone centers need a better way to validate the caller on the end of the phone line quickly, reliably, and most importantly securely.
For user authentication, the best online systems employ two-factor authentication, also referred to as 2FA or MFA (multi-factor authentication). There is no reason why a phone center cannot use 2FA as well.
To authenticate a user, a properly implemented 2FA process needs to employ two out of three of the following:
Something the customer knows
Something the customer has
Something the customer is
Something the customer is centers around bio-metrics (like a finger print reader) and is not very relevant or even possible in a phone service scenario.
Something the user knows is typically the only user authentication method employed by phone service centers today. It is the three things mentioned above... "What is your address of record?" "What is the name of your eldest child?" "What is your PIN?"
This is a tried and true authentication method. But, if that is your phone center's only method for validating a caller, it is not very secure! Why? Because that is only one-factor authentication, and as stated before, it is information that an impostor may know.
The good news is that QMan SMS Hero for Salesforce makes implementing the second factor required for 2FA, something the customer has, easy and secure with SMS Auth Codes. SMS Auth Codes uses the information that you already have on record for your customer, their phone number, to issue a one-time use authorization code to the customer via SMS text message. Once received, the customer relays back the auth code to the phone rep who then validates it.
The whole process takes seconds and adds a much higher level of security to your caller authentication procedures. This is not only because it is a second factor of authentication but also because, if relevant information about one of your customers is known by some one posing as them, it is unlikely that the impostor also has your customer's cell phone in their possession.
What's more, if an impostor is on the other end of the line, sending an authorization code to your customer's cell phone will immediately alert the real customer to this fact and they can then alert your organization.
To learn more about QMan SMS Auth Codes, as well as the other tools in QMan SMS Hero, check out the QMan SMS Hero AppExchange web page.