By Ian Roncoroni | Cofounder and COO, Next Caller
As Hurricane Sandy bore down on the East Coast in 2012, the majority of New Yorkers were focused on securing provisions, and perhaps even a way out of the city. But not Squarespace, who had only one thought on their mind: with a data center located in New York City, how would the website building company keep their customers’ data safe and secure?
The Squarespace team went on a Twitter tear -- posting social media updates on the status of their safeguard efforts and the safety of their customer’s data. This level of proactive transparency did not go unnoticed; customers and non-customers responded with their own social posts expressing their appreciation and gratitude. Squarespace had taken a potentially catastrophic data loss event and used it as an opportunity to build customer trust.
Welcome to the world of fraud and data loss prevention as a customer service.
The Catch-22 of being customer-friendly
The increased recognition of customer service as a vital component of doing business, coupled with the changes in the technological landscape in the past 10 years, has also given rise to a new multi-channel service approach. Today, customers can interact with businesses in a number of ways, including but not limited to text, email, phone, and social media. While advancements in brand engagement have allowed companies to engage more directly with their customers on preferred platforms, they’ve also created new opportunities for a very undesirable demographic: fraudsters.
Customer-friendly organizations have created a Catch-22 of sorts. In an attempt to cater to the behaviors and preferences of tech-savvy millennial customer base -- the same demographic most likely to fall victim to fraudulent scams -- retailers have unintentionally exacerbated their vulnerability. Meeting the needs of customers while maintaining security and a high-level of trust is an enormous challenge facing brands today. A challenge that necessitates a completely new “channel” of customer service.
The enormous costs of the war on trust
When retailers and other big brands lose the trust of their customers, the damage is immediate, severe, and extremely difficult to repair. Nothing loses trust faster than fraud or data breaches. According to Vitrium, 46% of brands reported damage to their their reputations and brand value as a direct result of a data breach. To put a dollar value on the damage, Experian estimates that brands lose around $332 million following a breach of customer data or information.
FICO conjectures that in 2016 an identity theft will take place every 2 seconds, and that of the $3.6 billion that will be lost in eCommerce fraud, 40% of that will be the direct result of account takeover. It’s not a question of “if” a brand will be hit with fraudulent attacks and behavior, but “when” and “how much.” Target is illustrative of this challenge: following their well-publicized data breach, sales dropped 2.5% in Q4, store traffic fell, and a brand that was once a perennial member of BrandIndex’s Top 10 Brands fell out of the Top 20.
There is no doubt that brands are scrambling to put safeguards in place to prevent these types of fraud and breaches from happening. However, in their zeal to build up cybersecurity to keep the omnipresent threat of fraudsters at bay, they often overlook the factor at the core of the majority of these attacks and breaches: the human element.
Strengthening the human element to weaken fraud
A recent data breach at Snapchat wasn’t the result of a shadow ring of genius hackers - it happened after one fraudster impersonated the CEO and tricked an employee into sending them sensitive data. Santander fell victim to a similar scheme, only involving text messaging. A common tool in the fraudster toolkit is “call spoofing”. By masking their phone number and manipulating it to appear as another customer’s, fraudsters obtain sensitive personal information, make unauthorized purchases, or even open lines of credit and transfer funds. In this new vision of fraud prevention as a new channel of customer service, the human element has to be as strong as the technological element.
So how can we strengthen the human? The first step is to train employees to be aware of and able to respond to social engineering tactics. In an age where intimate personal details are readily available online through mediums such as Facebook, Instagram, and Twitter, fraudsters are able to answer “security” questions with ease. By familiarizing employees with these techniques and formulating more unique identity verification protocols, retailers can build capacity for thwarting these attacks.
The same type of training would be prudent for identifying and avoiding “phishing” and “SMiShing” attacks, where fraudsters send an intentionally deceptive text message or email, tricking an employee into clicking on a malicious link or sending sensitive information to the fraudster. Brands would also be wise to arm their employees with as much information about a caller as possible. Real-time phone fraud analysis technology, which permits employees to assess the validity of a call before they even pick up the phone, would help employees to treat suspicious calls with the proper gravitas from the outset.
Transparency as the true North Star
While it is difficult to recover trust from a data breach or episode of fraud, it is not impossible so long as the brand acts with integrity and total transparency. Publix, the grocery store chain renowned for its customer service, received accolades for engaging in a very public search for a Data Breach Response Provider even though a breach had yet to take place. The brand showed their commitment to getting out ahead of any potential challenges and sent a clear message to customers: if something goes wrong, we are in control, we are in charge, and we will fix it.
By contrast, eBay waited weeks to inform their customers of a payment data breach, with many customers finding out about the fraud from their banks before they ever heard from eBay. This gave the appearance that eBay was hiding from mistakes instead of owning them, which also sent a clear message to customers: if something goes wrong, you can not trust me to be honest with you about it.
As multi-channel customer service and mobile payments grow, retailers could and should expect a dramatic spike in fraudulent behavior. Smart businesses will use transparency with their customers as their “north star” and fuse fraud prevention and customer service, training employees to identify and avoid fraudulent behaviors like social engineering, phishing, and SMiShing.
The retailers that are able to merge these human elements with technological advancements like real-time call analysis for fraud and spoof will be well-equipped to minimize the likelihood of fraud and data breaches, aligning themselves with customer-first organizations like LL Bean and Zappos, and preventing attackers from stealing their most precious asset: trust.
Ian Roncoroni is COO and Cofounder of Next Caller, an Advanced Caller ID platform. Ian is responsible for business development and strategy. Prior to Next Caller, Ian founded Soho Energy Corp, an energy derivatives brokerage in New York. He graduated from Princeton University in 2006 with a degree in Philosophy..
More exclusive content and thought-leadership articles from Pointofsale.com