Identity verification is an often overlooked process that call center agents undertake on every interaction they have with customers. Agents typically ask for a couple pieces of information like birth date or social security number and then verify that the answers provided match what they have in their system.
For financial organizations such as banks and credit unions, customer identity verification is required to protect sensitive financial data and prevent fraud.
As customers, we also have an interest in protecting our finances and generally appreciate the security precautions taken as long as it doesn’t impact the customer experience too much.
Despite the importance and frequency of verifying people's identity, the process in place at most organizations is informal and poorly tracked. In many banking cores, agents can see upwards of 10 different questions they can choose from and there is little data gathered from any invalid responses. In some organizations, this information is not in any system at all and is all done from memory.
It’s no surprise that when digging into which verification questions agents choose, we find that they almost always choose the same one on every interaction, and it is the easiest one for customers to answer. Those questions also turn out to be the easiest for a fraudulent actor to learn the answer to—for example, birth date.