The cost of data breaches has never been higher. According to IBM’s 2022 report, the average cost of a data breach is a huge USD 4.35 million – with stolen or compromised credentials being the primary catalyst.
And, naturally, given that the industry’s key commodity is money, it’s financial services that faces the biggest scrutiny. From banking and loans to insurance and investments, the FS sector has to manage an ever-present challenge of keeping its data highly secure.
This challenge is also perhaps most pressing in a contact center environment in which agents are handling significant volumes of customer calls, managing highly sensitive financial records, and having to abide by strict regulatory requirements.
Here we share a few of our tips for keeping your bases covered and your financial services contact center secure.
1. Moving to the cloud
While on-premise solutions for data security were historically seen as more secure vs. their cloud counterpart – primarily because cloud-based data responsibility is shared with a cloud service provider (CSP) as opposed to entirely customer controlled – things have moved on massively. As McKinsey reports, “a CSP’s business model depends on best-in-class security, and they have each invested billions in cloud security and in hiring thousands of the top cyber experts.”
Today, trying to keep up with security capabilities close to the likes of CSP services provided by the likes of Google, Amazon or IBM just doesn’t seem viable. What’s more, cloud servers are far more cost-effective, scalable and flexible than any on-premise solution – which will afford your financial services contact center with additional commercial and operational benefits.
2. Leveraging IVR
Interactive voice response (IVR) gives your inbound callers interactivity options via their telephone keypad to provide information and navigate their call to the most suitable agent. In a financial services contact center, the use of IVR is very useful for the secure relaying of sensitive data, multi-factor authentication, and even voice biometrics to accurately verify callers.
Also, given that IVR often requires no agent involvement whatsoever, it helps contact centers dramatically reduce unnecessary agent work and allows operators to focus solely on addressing the customer’s needs.
3. Securing phone payments
Conducting over-the-phone payments are naturally a key component of the FS industry. While a lot of financial institutions offer secure online portals for customers to self-manage these transactions themselves, there are cases where customer payments made via the phone are the ideal method for the company – e.g. debt collection.
A good over-the-phone payment solution will follow the PCI DSS standard to ensure the legal requirements of processing and storing cardholder data. It will also be supported by a system that gives zero visibility of payment details to agents – i.e. allowing the customer to enter their card details via their telephone keypad.
4. Implementing user authentication
User authentication methods – most notably two-factor authentication (2FA) – have been around for some time and are a staple of security best practice for most companies. By including an additional method of verification beyond just a password (e.g. SMS verification codes and push notification authentication), you reduce the risk of security breaches by 99.9%.
What’s more, the evolution of user authentication methods has seen them become a genuine convenience, as well as a critical part of security. Single sign-on (SSO) requires a user to only authenticate themselves and log in once and, thereafter, they can use all associated applications without having to repeatedly provide login credentials.
For an environment as sensitive as a financial services contact center, it’s well worth considering combining methods like 2FA and SSO to give your business and its users the utmost protection.
5. Leveling up call recordings
A common feature of many contact centers, a call recording feature will automatically record and store the audio files of agent-customer calls. While typically used for quality management and training reasons, call recordings have now become a legal requirement across several industries – with the strictest compliance being in the financial services industry. The European regulation of MiFID II/MiFIR came into effect in 2018 and with it came a host of legal requirements regarding call recordings. These include:
Ensuring call recording storage of up to five years
All home office employees must have calls recorded
Call recordings must be periodically monitored to ensure continued compliance
A solution that offers all of the above and more
VCC Live is a cloud-based contact center software to manage the full scope of your contact center activities. Our feature-filled platform is trusted by financial institutions of all shapes and sizes – including banking, loans, and microlending.
Get regular updates from VCC Live
You'll get an email as soon as we publish new insights or have updates worth checking out.