No doubt you have Caller ID on your home and business phone and your Smart or cellular phone. It seems simple enough. When the phone rings, you glance at the screen and you’re automatically alerted to who is calling, right?
Well, now a days Caller ID is not so reliable. Anyone with a computer and Internet access can get their hands on a software-based VoIP telephone switch and change Caller IDs and ANIs. Such an action is called “Spoofing” and it is causing all sorts of problems for every type of business including banks.
Spoofers are committing all sorts of frauds by falsifying Caller ID and ANI. Their methods include “Vishing,” “Social Engineering Attacks,” “Line Takeover,” and “Fraudulent Card Activations.”
Vishing is when you receive a phone call and the Caller ID displays the name of a bank. You take the call assuming that you are talking to a representative of a bank and they tell you they need to verify a credit card transaction. You assume that everything is on the up and up and so you provide private information about your credit card which can later be used to buy things or obtain cash on your account.
Social Engineering Attacks are used to gain access to such things as bank or telephone records or other types of information. The type of information that a bad guy can obtain in this manner can be used to take over your bank or credit card accounts, open a fraudulent credit card account using your identification, or gather other types of information that can be used to steal your identification.
A Line Takeover is when a bad guy takes control of your phone line and reroutes calls to them that are meant to go to you. So if a bank calls you back to verify that you are calling from a number that the bank has on file, the bank is actually connecting with a bad guy who means to do you harm.
Finally, there is Fraudulent Card Activations. When your credit, debit, or ATM card expires the bank sends you a new card through the mail. On the card is a sticker that displays a phone number that you call to activate the card. This procedure allows the bank to automatically retrieve your ANI information through the phone line. However, what they get is not your information. Instead, the data passed on to the bank is from someone who is up to no good.
TrustID, Inc., a company based in Lake Oswego, Oregon, has an automatic authentication solution that assures that the caller is who he or she is supposed to be.
The technology features real-time telephone network forensics, telephony reference carrier call-routing databases, and analytics. When a call into a phone that includes the TrustID technology is received, the Caller ID or ANI data is routed to TrustID through an HTTPS Post on the initial ring. The technology then automatically authenticates that the call is coming from a known physical location or handset and passes the data back to the company so that the receiver of the call can route it to someone who knows and is confident that the caller is a credentialed customer or sent to someone who knows that it is a fraudulent call for investigation.
TrustID claims that the technology can be used by financial services, healthcare businesses, retailers, and telecommunications centers.
The company asserts that the technology catches fraud, diminishes expenses, and limits risk while it enhances brand loyalty and helps create more revenue.
Visit the TrustID website to find out more about the technology and company.
Comments