Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

Poor call-centre security exposes bank accounts to fraud

Sloppy security practices at call centres operated by 20 of the UK’s top financial institutions are leaving consumers at risk, according to an investigation commissioned by voice and data solutions provider Intervoice.27 Jan 2006

The study assessed the ability of researchers to access financial services through the bank-run call centres if they were unable to provide a password – the most commonly used call centre security tool.

The study found that call centre agents at nearly half (9 out of 20) of the financial institutions investigated – which in total offer services to more than 20 million people in the UK – could be simply coaxed into accepting less stringent identity checks from callers claiming to have forgotten their personal passwords.

These included requests for alternative data such as a landline phone number for the account holder, mother’s maiden name or recent direct debit details.

In the case of three financial institutions that provide personal credit cards, no security password was required at all to conduct a balance transfer of £500.

Intervoice Director David Noone described the findings as shocking.

“The problem is that call centre staff are trained to be helpful and in their efforts to avoid customer frustrations will readily offer up alternative security checks,” he said. “This is often with questions relating to personal data on the account holder that could be second sourced in the most extreme cases through stolen bags or in the simplest form through internet research.”

He warned that in their rush to prevent fraudsters gaining access to accounts over the internet or through computer viruses, financial institutions had turned their back on telephone fraud.

“This has become one of the easiest back doors for criminals to conduct fraud. The Intervoice study shows that passwords may have had their day in call centres,” added Noone.