Important COVID-19 update Read More


The latest thinking from Eckoh

Alarm bells over insurance contact centers and CNP
Thursday, 17 November 2016

Imagine getting a burglar alarm fitted to your home. The company does a great job and you feel really secure. But then you overhear the fitters yelling your alarm's entry code to each other, across the crowded street outside. Would you be worried? If so, here's something that'll nag away at you about the insurance industry.

Alarm bells over insurance CC 900

The scenario just mentioned is all about irony. You pay someone to beef up your security — only for the very same people to risk undermining it seconds later. But some insurance companies are unwittingly doing this today. Household names too. And we're talking about the risks around card fraud.

Ahh, so this blog is all about EMV, right?

No. Let's get this one out of the way. EMV (Europay, MasterCard and Visa) is a new standard for credit-card payments in the United States. When the UK equivalent (chip and pin) was introduced, face-to-face credit-card fraud fell by a whopping 72%. That's all great news for insurance and other sectors.

But in this article, we're talking about Card Not Present (CNP) fraud.

Now it's personal

Sorting your insurance can often be done in a few clicks online. But you're not buying a Game of Thrones box-set or a new mobile phone. Insurance is personal ... for homes and contents, prized possessions like cars, as well as holidays and health. So people often like to finalize a deal by speaking with an agent over the phone. It just feels more human.

Typically, the conversation ends with the agent taking a one-off payment to get things started. You read out your long card number and the three digits on the back.

But while you're making your life more secure, imagine if:

  • The agent makes a copy of your card details to use for themselves later?
  • As the agent reads back the number to you, someone next to them makes a note?
  • Your numbers appear on-screen, long enough for someone to take a grab?
  • Your details and hundreds of others are been sold to thieves?
  • The insurer's system is hacked and card information stolen and it makes the news?
  • Your call was recorded (for 'training purposes') and someone listens back to get the numbers?

Of all the industries out there, you'd think insurance would be among the most cautious and secure. But with CNP transactions in many cases, you'd be wrong. And there's the great irony. Let's just hope they have insured themselves against CNP fraud.

CNP fraud is growing fast

As security tightens in areas such as EMV and point-of-sale, criminals will look for other options. And Card Not Present (CNP) fraud is proving wildly popular in the United States. In 2011, it accounted for $2.1 billion. For 2016, losses are expected to hit $3.8 billion and the upward trend is set to reach $6.4 billion by 2018 (source: Aite Group: Card-Not-Present Fraud in a Post-EMV Environment: Combating the Fraud Spike).

So what's the answer?

There are complicated and expensive ways to attempt to fix this. But none is foolproof.

The best approach is to actually save customers from ever having to read out their details in the first place. And if they use their keypads instead, it can stop those audible DTMF tones from being sneakily deciphered back into card data.

That way you can prevent sensitive card data from ever reaching your agents, processes, systems and recording systems. Put simply, there's nothing for criminals to steal.

So how can customers make secure payments? To find out how to stop CNP fraud in its tracks, quickly and simply, download the CNP crime in Contact Center eGuide. It's great news for insurers and other industries where customers really value conversations with agents — but need total peace of mind.

If you'd like to know more about secure payment then give us a call on 866 258 9297 or drop us an email at This email address is being protected from spambots. You need JavaScript enabled to view it.

About the Author

Tony Porter

Tony Porter

Head of Global Marketing Tony has over 30 years’ experience in sales, marketing and business development and currently leads these activities for Eckoh in both the US and UK markets and across all sectors. Tony’s role focuses on helping contact centers to improve their customer engagement, making them convenient and secure for consumers to use. He understands the challenges organizations face around PCI DSS compliance and how to make the Omnichannel contact center experience a satisfying reality. He is a regular speaker at events on topics such as PCI DSS, GDPR, contact center technology, IVR solutions, self-service, secure payments, marketing and business development.

Connect with us on LinkedIn

Tweets by @Eckoh

Eckoh (@Eckoh)

Eckoh (@Eckoh)

Find out the critical next steps to ensuring security for your remote workers involving your people, processes and technology. #contactcentres #securepayments #eckoh
Eckoh (@Eckoh)

Eckoh (@Eckoh)

Eckoh had an excellent performance in the year, with double digit revenue and profit growth as well as record order levels for a second year running. #contactcentres #paymentsecurity
Eckoh (@Eckoh)

Eckoh (@Eckoh)

Find out about the 5 lessons learned from COVID-19 for contact centre resilience.