Why just having a customer performance metric is not enough. Every…
Artificial Intelligence is now being applied to traditional consumer financial fraud, often being used to support the pretence that your brand has contacted your customers. As their efforts become more sophisticated, we look at what business and consumers can do to protect themselves from these AI enhanced fraudsters.
Not the surprise I had in mind
I received an unwelcome Christmas surprise this year when hundreds of dollars of purchases appeared on my credit card via my Apple account. I’d been hacked. Happy Christmas!
Apple’s customer experience in this instance was particularly good as their alerts notified me quickly to the problem, which meant I was able to block my credit card and change my Apple password, minimising the damage. Plus, the icing on the customer experience cake was that I was reimbursed within 48hrs.
As I was writing this blog, just this morning I received a text message claiming to be from “Woolworths Gifts” congratulating me on my win and providing me with two links. A quick google search unearthed the scam.
If my experience is anything to go by, we’re seeing a proliferation of increasingly complex scams that could impact on your brand.
Complex fraud is increasing
Unfortunately, this kind of fraud is on the rise in Australia. The ‘Targeting Scams’ report released by the Australian Competition and Consumer Commission (ACCC) states more than $340 million was reported lost by Australian victims of fraud schemes in 2017, up $40 million on the previous year.
And if you think scams are just for the gullible, their increasing sophistication means even the most diligent consumer is at risk, thanks mainly to AI.
In 2018 many Australians were on the receiving end of a scam that centred on an AI generated phone call. The call claimed to be from from the Australian Taxation Office and threatened immediate legal action if the recipient didn’t call the number provided straight away. You had to listen carefully to realise that the voice was robotic.
And even though, when you consider the nature of the call – you’re under investigation, there’s a warrant out for your arrest – it seems ridiculous to fall for it, the call felt in some part genuine, preying on the doubt we all feel from time to time.
Are we becoming wiser to scams?
So, is this having a knock-on effect on consumers behaviour? And will it make them more wary about providing personal information in the future?
According to a survey of 10,500 consumers by digital security firm Gemalto, “seven out of 10 UK consumers and two-thirds, on average, around the world would stop doing business with a brand that suffers a breach of users’ financial or personal data.”
Retailers are most at risk globally, with 62% of respondents willing to walk away after a data breach, followed by banks (59%) and social media sites (58%). The survey also found that, across all ages, 93% place the blame squarely on businesses and would think about acting against them. Social media sites worry consumers most, with 61% concerned that these companies do not protect consumer data adequately, followed by banking websites (40%).
How will this affect trust?
With Australian financial services already dealing with significant distrust issues, how will the Open Banking legislation hitting in 2020 further exacerbate consumers’ privacy concerns?
It seems that the industry already is aware of the core issues, with the Australian Banking Association publishing an extensive laundry list of urgent fixes to mitigate privacy risks for consumers and fraud loss risk to themselves.
However, with the acceleration in sophistication and platform and tech developments supporting the emergence of digital only players, the question remains, are we able to keep up with the criminals?
One emerging Australian neobank had to urgently upgrade its defences after one of its directors fell victim to a phishing scam and had only just implemented two-factor authentication on email accounts in late January.
But the debate is on as to whether the neobanks may be at an advantage with Chief executive of Douugh, Andy Taylor saying “we have the luxury of employing more up-to-date technology than the major banks, as we do not have to support disparate legacy systems. Everything is more centralised, meaning it’s easier to manage in a lot of ways.”
However, it could also be argued that relying on digital interactions could leave new entrants exposed to the use of these channels providing a vulnerability as consumers look to understand how interactions work with digital only fin services firms.
How to handle a scam targeting your brand
So what can you do, if your brand suffers from a scam or data breach?
- Have a plan in place – While we may have tradition crisis management PR strategies in place, not many firms have specific comms plans designed to react to a significant data incident. Be prepared that you may not know everything about the incident at first and your plan should have the flexibility to evolve.
- Get in front of your customers as soon as possible – It’s your customers’ trust that will determine the impact on your brand. Don’t let your customers see your incident in the press first. Tell them as soon as you know, as much as you know.
- Put a face on your comms – Having the message come from your senior leadership is important to showing customers how seriously you take their wellbeing.
- Be transparent – It’s happened, there’s no point hiding from the fact, so get out there by telling your customers what’s happened, when it happened, what the impact may be, what you’re doing to help and what they should do next. Anything less is not enough.
- Use all your channels – Don’t forget that scams come through multiple channels, even letters (rarely, but they do). Also remember that your customers are not all the same, and not all of them read their emails. When dealing with an incident, use every channel you have to provide consistent, clear messages, with an offer to answer any questions they may have.