Confirming one’s identity to a customer service agent on the phone is never easy. Banks, wireless providers, healthcare and insurance companies come to mind as some of the most demanding – in the number of authentication requirements to validate you as their customer. Before a customer can even get to the issue at hand – let alone solve it – he/she must wade through a myriad of challenge questions, phone numbers, account numbers and nicknames, and that’s just the warm up. Still to come, are recollections of one’s last payment amount and the list goes on.
You’ve made it clear that you don’t want me as a customer – I can take a hint
Not to demean the toll this takes on the customer; serving the customer can wither the inspiration of a call center agent, too – no matter how passionate he/she is.
How truly difficult is it to authenticate a customer to avoid compromising said customer’s own privacy and security? How many times have you heard that you are being authenticated for the tenth time merely for “your” security? Is it really for your security? Or…
Having worked as an authentication product consultant in one of our nations’ largest banks, I learned that the incidence of fraud – of the likes we are speaking – is very small relative to other components of the risk management portfolio. Banks are looking to protect themselves from fraud at least as much or moreso than to prevent you from being inconvenienced (unable to use their service). But banks are not alone.
While purchasing a new smart phone recently, I actually had to leave the store to ‘fax the wireless provider my driver’s license’. Hadn’t I just shown them my drivers’ license in person? Yes. Was that enough? No. What value would a printed paper in a fax queue provide that a human looking at my matching photo did not provide? Yes, it didn’t make sense to me either, so I left.
Making it work online
The fact is that two-factor authentication has been used for verifying identity for online transactions for at least 15 years and continues to improve the authentication process today. An example of two factor might be: a laptop login accompanied by proof via another channel: voice, text message, biometrics (thumbprint, etc.), or one-time password such as an RSA card.
In my own personal experience living in Switzerland as early as 1996 I began receiving a scratch list of numbers from my bank, UBS, and used them along with my username and password to log into my online banking system. That’s two factor – online credentials and scratch list. It would be a better choice and better experience for companies to use the latest in two factor authentication today: the mobile device. Some companies are already doing this in areas such as mobile banking.
Today, the mobile phone can serve as a second channel of authentication for transactions. Wouldn’t it be a better experience to read a number from your mobile device and enter it on a website than to buy a new print cartridge for your fax machine? For a better choice in customer service and overall experience interacting with your favorite service providers, why not suggest they offer mobile phone authentication to better serve their customers? They’ll be making a better choice for their customers if they do.