DOTS Telephone Verification Steps Up Site Security
The threat from computer crimes and other online security breaches has barely slowed, never mind stopped, according to a recent survey of 538 security professionals in U.S. corporations that was conducted by the Computer Security Institute and the FBI’s Computer Intrusion Squad.1
One such crime is online identity theft, and the two most popular ways to carry it out is though Phishing2 and Pharming3. Phishers bait you using provocative fake emails that send you to fake sites, and are successful because there is still a large part of the Internet population that is unaware of their tactics. Pharmers gather unsuspecting victims by redirecting legitimate URLs to bogus sites.
Armed with the information they harvest from consumer inputs, Phishers’ and Pharmers’ activities account for billions of dollars a year in online fraud. Companies today can play a key role in protecting their customers and themselves by fending off agents of these Phishers and Pharmers; stepping up site security and making it more difficult for them to use their ill-gotten information.
Counter online crime by integrating a live telephone verification service that communicates directly with the person interacting with your site. During a transaction, after (s)he enters his/her phone number into your Web form, the service calls or texts back with a Personalized Identification Number (PIN) that (s)he must then enter into the form before continuing on. This checks to see if the phone number is working and correct. At this point, fraudsters generally fall out. They thrive on impersonating others and doing things that can’t be traced, so, most likely, their input phone numbers will be fake and they won’t be able to complete their transactions.
Take extra measures. To guard against those that try to trick the system by using others’ phones, Service Objects’ DOTS Telephone Verification goes even further by building in optional operations you can use to identify the caller or validate the information your contact types in.
Customize your security system. You can deploy one or several operations depending on the conditions you set. For example, if you know that there is a high rate of fraud coming from a particular region, you can flag calls coming in from that region, and before delivering a PIN, without delay, check the input phone number against the listed name associated with it. You might also decide to check the contact’s geographical location or other information, such as address listing, to verify that the person placing the call is who (s)he says (s)he is.
If a phone number doesn’t match up to the person interacting with your site, set a condition and create another step in your verification process requesting further information. If the contact is truly a customer, then compliance should be no problem; but if (s)he is up to no good, this is probably where (s)he will abandon his or her mission.
As long as the Internet exists and people continue to do business online, Phishers and Pharmers are not going away. Tens, if not hundreds of thousands of Internet users are duped every day. You can help protect your customers and your company by thwarting these fraudsters’ attempts to use the information they harvest from unwitting consumers.
Step up the security on your site by verifying phone numbers with a live telephone verification service that not only communicates directly with each person that interacts with your site, but also has the capacity to validate that his or her information is correct.
Verify and validate: a powerful combination that helps keep your online customers and business secure.
For more information about DOTS Telephone Verification, please visit: //www.serviceobjects.com/products/phone/telephone-verification
1 Excerpt from Computerworld, http://www.computerworld.com/s/article/62002/Security_Statistics_
2 Phishing is a method of “baiting” users to give up personal information by sending out legitimate looking emails that contain links that go to fake sites designed to look equally as legitimate as the emails. Phishers are impersonators claiming to be legitimate companies (banks, popular shopping sites, etc.) in order to scam users into giving up private account information. Phishing, in a way, is similar to fishing with a net. Phishers throw their “nets” out, bait users to enter, and eventually drag in an adequate percentage of victims.
3 Pharming is more insidious in that it doesn’t just rely on bait to gather and harvest users’ personal information; even the most Internet savvy user may unwittingly become a victim. Pharmers operate by re-directing Internet users to bogus Web sites— even if they type into their browsers the exact address of their banks or other online services. So basically, someone believing that (s)he is interacting with his/her bank is actually providing the pharmer with his/her bank information, social security number and/or other private information that can be used to perpetrate a bevy of offline as well as online criminal activities.