Recent US Department of Commerce data shows 2020 e-commerce sales had not only the largest impact on record, but also the largest gain in 20 years. Fueled by stay-at-home orders and social distancing guidelines brought forth by the pandemic, e-commerce sales represented 14% of retail sales for 2020, a 27% increase from the year prior.
Many businesses rapidly adopted or expanded cardholder not present (CNP) solutions – in which an order takes place remotely to achieve business continuity in trying times. For many, cloud-based payment solutions were quickly adopted. Others relied on traditional contact centers to take orders with increased significance, even as agents were displaced from the office and call volumes rose 42% industry wide.
Under duress and necessity, the driver to adopt these solutions was on agility, not security. Many organizations admit to having overlooked performing security assessments on their cloud providers (Metrigy), leaving them vulnerable to growing threats. In the contact center, organizations most often rely on their agents as their first line of defense against fraud (Forrester). These security holes have subsequently led to increases in fraud attempts, incidents, and breaches (Verizon DBIR).
These new buying habits and payment procedures are here to stay, and as businesses adjust, the cybersecurity threat continues to grow. There are many modern cloud communications services that allow for easy communication and collaboration with customers, but their focus is often on ramping up their subscription base and not on security. Ultimately, businesses are responsible for their customers’ security, as they will be the ones blamed should customer data be exploited.
Now more than ever, a good defense is key. Both CSPs and enterprises can look to implement the following solutions to protect both themselves and their customers as e-commerce continues to grow:
Retain visibility and control in communications
Deploy a session border controller (SBC) to retain visibility and control of untrusted communications over the PSTN. The SBC provides a centralized control layer for security and interoperability between the enterprise, cloud services, PSTN callers and even remote working agents. It can also be used to easily plug-in best-of-breed third-party services to fortify any weaknesses or gaps in communications solutions’ capabilities.
Authenticate incoming callers
It has become trivially easy to spoof caller IDs, and scammers are taking advantage. 44% of Americans received spam calls related to COVID-19 in Q1 of 2020 alone, with an average of 28 general robocalls received monthly (Truecaller). In addition, nearly all fraud attacks involve spoofed identities as an element of their schemes, leaving contact centers and IVRs under a constant barrage of bogus, unwanted incoming calls.
While detecting more sophisticated spoofing schemes is not as simple as downloading the call spoofing applications available, there are services that can tap into PSTN data to provide further protection. Premier solutions supplement that data with identity fingerprinting and advanced anomaly detection for added protection.
Fight intelligence with intelligence
It’s not just a hacker in a hoodie from whom you’re protecting yourself. In fact, organized crime is responsible for more than half of all data breaches, and nation-state-affiliated actors are the 2nd most successful group (Verizon DBIR p.11). These groups have the tools, manpower and financial support to achieve their means. You must utilize powerful detection capabilities by harnessing the power of cloud and advanced analytics to have any chance of rooting out the threat. A strong solution will provide an end-to-end view from agent-to-cloud-to-enterprise for a holistic approach to communications security.
The need for CSPs and enterprises to continue prioritizing customer security will only grow more pertinent as e-commerce sales rise. By focusing on increased visibility and control of communications, stronger authentication and reliable detection tools, you can get ahead of incoming dangers to both your customers and overall business. Even as workers return to the office throughout 2021, those organizations that leverage a proactive approach to assuring security of these new buying habits will come out on top, leaving them poised for a positive future.
James Tessier is the Market Insights lead for Oracle Enterprise Communications. He has over 12 years of experience in the communications security market providing expertise in systems engineering, consulting, competitive intelligence and product marketing. His current focus is on sessions border controllers (SBCs) and cloud-based communications security.