"PYMNTS asked nine executives from a cross-section of the payments industry for their thoughts on how Equifax changes everything, and how it doesn’t. After all, companies must still look at what data is flowing into and out of their firms. They must still endeavor to keep consumer and cardholder data (and their own corporate data) safe. They must also, in looking at transactions and customer interactions, try to foster a seamless experience. How can they do that in an environment in which the security status quo is no longer appropriate?" - PYMNTS.com
The Equifax situation should put all consumers on heightened awareness, and identity and credit protection should be everyone’s top priority regardless if their information was involved in this breach or not. Too much Personally Identifiable Information (PII) is readily available, whether it’s on Facebook or the dark web. There is nothing positive about the Equifax breach, but it has reinforced that data security and consumer protection need to be a continued and targeted topic of conversation to drive change in security practices. There is no easy fix, but consumers and businesses can take steps to mitigate the risk.
Consumer awareness is the first step. Consumers need to take a proactive approach to monitoring their sensitive information. Locking down Social Security Numbers with all credit bureaus is a simple and easy step that helps protect ones’ identity. Consumers can also take advantage of free credit reports to watch for fraudulent account creation. Continuous surveillance of online accounts should be part of a recurring routine so that any account takeovers can be caught early.
In the typical call center environment, the natural desire for the representative is to take care of the customer, not to be a fraud analyst, and this can lead to inadvertent skips in business processes. Agent security education should be a recurring and integral part of the climate and culture of the call center. Call center IT personnel should continually explore the most up-to-date technology to limit internal and external exposure to PII. There are different technologies that exist to secure data and traditional Multi-Factor Authentication (MFA) will remain an important part of security. MFA continues to improve with enhanced technologies such as voice, fingerprint, retinal and facial recognition biometrics. Additional security options for call centers are proactive threat detection with real-time call authentication, call origination forensics and customer driven inputs in live environments. These are strong and viable options in the quest to protect consumers information.
With that being said, there are other concerns in a call center environment that warrant mention:
Customers providing PII during open-air communications (bus, train, etc.)
Decreased customer confidence when verbalizing PII
Back-office access to Quality Monitoring recordings
Rare, but still present, internal bad actors
There is no easy answer and no one-size fits all approach to identity and credit protection for either consumers or businesses. Both have a shared responsibility; however, the true change agent in protecting consumer identity is education of the consumers themselves. Consumers will ultimately demand that industries involved in handling PII engage in more stringent protection and handling, and businesses need to be ready to accommodate these demands. Consumers need to take charge of their world, before someone else does.
Below is the link to the full article and download option for the complete eBook.