With cyber criminality and fraud against banks running rampant in recent years and showing no signs of slacking off, banking organisations around the world are coming to understand that they need to be doing much more effective due diligence when managing inbound customer contacts via voice calls or web chats.First National Bank of Omaha (FNBO) is one of the myriad of consumer and commercial banks all over the world that has to deal with these challenges on a day-to-day basis, but in the past few years, it has undergone a quiet revolution in how it identifies and verifies its customers, after enlisting the help of emergent voice security specialist Pindrop.Based in Nebraska in the US, FNBO was founded by two brothers during the pioneer days of the 1850s. Over a century and a half later, FNBO today runs a full service retail and business banking operation spanning Americas central Great Plains region, from Illinois down to Texas, and westward to the Rocky Mountains.Working at one of the largest privately held banks in the US, with over $30bn in assets, Steve Furlong, FNBO director of fraud management, spends his days ensuring the security of thousands of inbound customer contacts, not all of them from his own customers FNBO also operates Visa and Mastercard credit cards on behalf of other commercial organisations, with partners including hospitality companies, nonprofits and retailers alike.The core cyber security challenge Furlongs fraud team faces is clearly a know-your-customer (KYC) issue. Am I really speaking to the true cardholder? says Furlong. Am I transacting with the right person, and not a fraudster, a man-in-the-middle, or even a deepfake?The difficulties associated with customer verification are something Furlong recognises well after many years in the world of fraud. Historically, he had always been told to work to two core tenets first, he was not to lose any money, but second, he was to make it very easy for customers to do whatever they wanted to do. Its easy to see how these two goals can be fundamentally in conflict with each other.Its an extremely tough challenge, he tells Computer Weekly. My gut tells me to put every bit of protection in place that I can and make it very hard for anybody to interact using all of the KBA [knowledge-based-authentication] tools out there and making people jump through hoops.For a long time, says Furlong, he approached the fraud problem with this in mind, asking for as much data as needed the colour of your first car, your favourite primary school teacher, your first pets name, your address in 1995 checks that many legitimate customers would inevitably fail and then have to go to a physical branch to have their government photo IDs confirmed.Thats a horrible experience, concedes Furlong. But from a fraud viewpoint, its super successful, so it was the hat that I used to wear, and I think everybody in my world did.But as times changed, we realised we couldnt keep putting customers through these hoops we would lose them, he says. And as we became more partner-centric, issuing cards for other companies and brands, we would get complaints from them saying, youre denying our customer, and not only that, youre doing it in our store!Furlong was also experiencing friction with his colleagues in FNBOs contact centres, whose goals were to eliminate time spent on calls, answer questions, and solve problems more quickly and efficiently. He describes it as the antithesis of his old way of thinking.It was this growing need to better meet the challenges of in-the-moment customer authentication and verification that first led FNBO to Pindrop about five years ago. Pindrop got its start in the early 2010s, when its founder, Vijay Balasubramaniyan (who holds a PhD in telecoms security), became frustrated at having legitimate transactions flagged and denied by his bank when visiting India, simply because there was no easy way to prove his identity.Furlong first heard about Pindrop through industry contacts via whom he learned other banks were starting to implement its Protect fraud detection product in their contact centres. However, this first engagement quickly hit a wall that meant FNBO couldnt move forward with the supplier it had to be run on-premise, which for the bank wasnt feasible.We spoke to them but we didnt move down that road because we cant allow someone behind our firewalls, says Furlong. [But] then they went to the cloud and brought out their Passport product, which is all about authentication.He reopened discussions, took the temperature of his peers and analysts, and ultimately was able to sell Pindrop to FNBOs board based on the argument that even though the organisation was not seeing a whole bunch of fraud through inbound customer service channels at that time, it could use an insurance policy against the possibility.Initially, the partnership centred only the Protect product, but during discussions at the banks Omaha headquarters, it became apparent that Passport could also help solve some of Furlongs challenges, so ultimately FNBO took the decision to move forward with both.Pindrop has a great partnership approach, says Furlong, turning to the implementation process. They sent a bunch of people out to Omaha where we had a big, day-long kick-off meeting, [and] then we had regular, biweekly meetings with their development and implementation staff.Because it was in the cloud, it was a fairly seamless process we stood up Protect within 60 days, Passport took a little longer ... to be able to integrate it in the fashion wed want to.For FNBOs customers, the implementation of Pindrop has probably gone, by-and-large, completely unnoticed, says Furlong. Its seamless to them, he says. Outside of the fact that we dont put them through so many authentication steps anymore, depending on what Pindrop is alerting us to.So, if it says, hey, this is a good person, this is Steve, the fraud scores are low, the authentication scores are high, Im not asking you three questions or sending you a one-time passcode. Im able to shorten that process a lot depending on risk.The authentication scoring process draws together various data points that Pindrops systems glean during the customer contact. These data can include, but are not limited to, information such as the geographic location of the inbound contact, or whether or not the customer has changed their device, or downgraded it this is often a sign of nefarious intent.If these scores hit a certain threshold and a contract becomes flagged as a potential risk, FNBO will escalate the contact to a dedicated contact centre where they will speak with a customer service agent who specialises in fraud and can throw down some of the more traditional KBA hurdles.Banking customers will not notice any of this, says Furlong. Weve not had any customers come to us and ask why were not asking 30 questions anymore, so in my mind, theyre liking that theyre not complaining about it!In terms of more tangible benefits, he says, these are largely being seen in FNBOs contact centres. We do get a lot of feedback on it from contact centre reps we have out there, says Furlong. They love the product because it directs them into what to do. They do not have to be fraud experts anymore. We have a fraud shop for that, so they dont have to detect fraud.Its kind of the running joke here, when we lose connection with Pindrop on our side, the agents have to go back to the other KBA processes, and they are immediately raising alarm bells to our IT team saying, hey, somethings down here; Im not getting a score. They love that score.Reflecting on the work FNBO and Pindrop have done to date, Furlong says he has been particularly impressed with the degree to which the relationship between the two firms has been a partnership, rather than a transaction.They take on an advisory role they care as much about hearing from us as we care about hearing from them on what we should be doing, he says. Theyre always working with us to know what were doing and whats the next thing on our mind; what is the next risk.And the next risk is clearly linked to the prospect of hard-to-detect, artificial intelligence-generated deepfake fraud something that has been talked about since the launch of ChatGPT in November 2022.At a recent media and analyst event in Washington DC, Pindrop executives demonstrated some of the new anti-deepfake capabilities its now bringing to bear in a recently launched product called Pulse, which it claims provides near-instantaneous analysis and identification of audio deepfakes in the interactive voice response (IVR) system or at the customer service agent level. FNBO helped beta-test this product.I was presenting at a conference two years ago, and someone talked about deepfakes and asked if I was worried about them, says Furlong. I said, no, not really.But in 2023, he started to change his tune, and in 2024, he made a complete 180 on the issue. When we partnered with Pindrop on deepfakes, I was very interested to see if we were getting attacked by them, he says. And we sure were we were getting deepfake calls coming in.Read more about communications securityEnterprise collaboration is an integral part of doing business. But companies must learn to guard against voice security issues that could compromise their networks.Chinese hacking of US telecom networks raises questions about the exploitation by hostile hacking groups of government backdoors to provide lawful access to telecoms services.How Olympic-sized networking nightmares were avoided in Paris despite unprecedented traffic peaks and usage patterns.Concerningly for Furlong and FNBO, deepfakes are democratising, and have the potential to democratise cyber crime and fraud, widening the potential pool of criminality he recounts how during the beta process, he asked one of his team to go off and create a convincing deepfake to try to break through the system, something they were able to accomplish in a matter of minutes.A lot of my peers are worried about gangs and organised crime, and theyre absolutely right to be, but Im also worried about some guy sitting at home thinking hes going to go after some money as well, says Furlong.Theyre coming through the phone, through our IVR, theyre coming through chat, theyre coming through video-conferencing, he says. Its super cool that the world has come to that, and weve advanced to do these kinds of things, but its become scary as to what we can do with those things.FNBO officially implemented the deepfake detection technology in late 2024, and its already detecting attacks albeit not at a significant rate. Its at an expected rate, enough to notice, says Furlong. I would expect as we get into 2025 and 2026 that it will become very significant.Going forward, FNBO is continuing to work with Pindrop on deepfakes and other aspects of voice security currently, Furlong is looking into live call transcription and analysis to be able to tell if a customer is being victimised or prompted by a scammer.Can Pindrop do that for me by detecting pregnant pauses meaning theres a man in the middle or do they sound like theyre reading a script? says Furlong.To me, thats the next evolution of this whole piece, he concludes.