Explore the challenges and best practices of contact center authentication in this 35-minute conference talk from BSidesSF 2019. Delve into Twilio's year-long research on improving phone-based customer authentication, comparing it to online security measures. Discover how various companies, from startups to Fortune 50, handle user identification over the phone. Learn about effective strategies to enhance both customer experience and call center agent efficiency. Gain insights on implementing strong authentication methods, creating agent guardrails, and designing silent authentication processes. Examine real-world examples from Netflix, American Express, and United Airlines, and understand how to apply these lessons to your own contact center operations. Leave with actionable recommendations to strengthen your phone authentication systems and protect customer information.
Overview
Syllabus
Introduction
Twilio
Examples
Customer support
Identifying you
Authentication
Results
Qualitative Data
The Good
Netflix
Netflix Service Code
American Express Service Code
United Airlines
Identity Information
Recommendations
Match the rigor of web authentication
Over the phone authentication
What about my TOTP
Strong authentication options
Agent guardrails
Limit caller information
Silent authentication
Agent dashboard options
Threat models
Whats next
Summary
QA Session
Taught by
Security BSides San Francisco
