What Does a Customer Experience When You Handle Fraud the Right Way?

PositiveCX.jpg

By: Tim Prugar

This morning, tens of millions of Americans woke up and experienced the same, sinking feeling:

Was my information exposed in the Equifax Breach? Am I at risk for being a victim of fraud?

As a business, your customers are frightened right now. They're worried about their accounts, and their identities, and the lives that they have worked hard to build for themselves and their families. What they want more than anything is the peace of mind that if something goes wrong, it can and will be taken care of in a timely fashion.

I know that feeling well - last month I was the victim of credit card fraud. The feelings above were real, and they were intense. However, my bank was able to transform a very scary experience into a positive one by making it easy to have my problem addressed and fixed. The fundamental tension in fraud prevention is between Customer Experience and Security. However, as you'll see here, those two can very easily work hand-in-hand to protect the customer while ensuring loyalty. 

My story, originally posted over at CustomerThink, is as follows:

Speed

I had just become the victim of credit card fraud.

While sitting at my desk, I received an email alert from my bank — one of the largest in the United States — that my credit card had just been used in Iowa. Of course, I wasn’t in Iowa. And I hadn’t used my credit card in nearly three weeks.

Upon looking, to me, it was an amount that clearly showed someone was testing the card to see if it would go through — often the first step in a fraudster’s bag of tricks.

My bank prompted me to confirm the purchase — “Was this your purchase, or is something wrong?” it read. They had started on the right foot, and with 15% of banking customers who experience fraud closing all accounts with that provider, the bank knew the next steps were just as critical to keeping my business.

I clicked “something is wrong” and my card was immediately frozen. I called the support number listed in the email, was quickly authenticated by the bank, and in less than five minutes, my card was closed, the fraudulent transactions reversed, and a new card was on its way.

Efficiency

Chances are, you or someone you know has or will be a victim of credit card fraud. According to the consumer financial protection bureau, more than 10% of the US will fall victim at some point in their lifetime; indeed, the United States accounts for 47% of the world’s credit card fraud cases.

To combat this, companies are always improving their security. For example, the advent of EMV, the smart chip on your card, has led to a decline in total losses in recent years, as it has become more difficult for some fraud acquisition techniques like card skimming.

So where do high-tech fraudsters turn when they’re thwarted? The weakest link, of course. And today that is the call center. The place where customers are earned and lost.

In 2016, call-center fraud rose more than 110%. Financial institutions authenticating primarily through ANI — automatic number identification — were startlingly vulnerable to attacks carried out by phone spoofing, which remains a heavily relied upon technique for fraudsters.

Shoring up this vulnerability is a fine line for financial institutions to walk.

Too little security and perpetrators of fraud can easily game the system. Too much security, and you’re putting an already aggravated customer through the ringer.

The worst thing a bank can do is handle this poorly: bouncing someone between multiple agents, poorly thought out knowledge based authentication question that either the person may not know the answer to, or a fraudster may be able to figure out through social media, long hold times, etc.

You need a system that does this, and does it quickly, so a customer can get on with their day as quickly and efficiently as possible.

Positivity

Ironically, having my credit card stolen ended up being a pleasant experience, because now I’ve got a great story to tell — a firsthand account of how a powerful authentication system can transform the customer experience in fraud cases.

How a company handles fraud and makes the customer feel is important; a company has the same responsibility as when they’re trying to convince a customer to buy. If someone has a terrible experience dealing with the counter-fraud measures of their banking institution — that can derail the entire relationship.

Speed is a factor in situations like this, and with a solid authentication system in place, my bank and I can operate with trust and peace of mind that I am who I say and solve the problem at the speed I desire as the victim. I want to get a person on the phone as quickly as possible.

When a company can authenticate a caller quickly, they chop off the clunky knowledge based process at the beginning of the call and it allows them to green light calls like mine.

The primary benefits are twofold: identifying fraudulent calls and beginning the procedures on dealing with such calls, or authenticating the call quickly before any further damage is done by a perpetrator of fraud.

Who knows what the damage of an additional 5, 10 or even 30 minutes means in terms of fraud — but we can stop the damage before it gets that far.

When companies use efficient technology to put the customer experience first while simultaneously demonstrating a commitment to strong security measures, everyone comes out ahead.

Even though my account was compromised, even though there was fraud — I walked away with a positive feeling about the company, because of the efficiency of how my case was handled.

With brand loyalty harder than ever to win, and fraudsters continuing to evolve the way they commit attacks, smart organizations will do well to bake fraud prevention into their CX.

 

Tim Prugar is the VP of Operations at Next Caller. He can be reached at tim@nextcaller.com.

What Can AI Learn from School Teachers?

Over at ICMI, Next Caller's Director of Customer Success, Tim Prugar, reflects on his career in education and provides some thoughts on what Contact Center AI can learn from the thousands of real-time adjustments and decisions that teachers make on a daily basis. 

Read Tim's Post Here.

Will Biometrics Change the Way Your Business Accepts Payments?

By: Tim Prugar

Yes. Yes they will. But Payments will also change the way that Biometrics are leveraged for security. 

Technology has widened the chasm between small businesses and behemoth competitors like Amazon and Alibaba. This becomes most clear in the payments space, where smaller merchants struggle to process the volume and speed of transactions with the technological innovation that larger firms can afford. Small Business Trends took a look at the role biometrics plays in payments, and had an interesting takeaway:

Biometrics is not a Binary

Well, shouldn't be a binary anyway. Biometric identifiers don't get scored as "Correct" or "Incorrect" like knowledge-based identifiers do (Either "Appetite for Destruction" is your favorite album or it isn't!). Instead, authentication solutions look for the probability of a match based on a number of traits or signifiers - once that probability crosses a certain threshold, it's deemed a "match." 

The most effective biometric systems increase the probability that a biometric identifier is deemed a match by marrying that fingerprint or iris or what-have-you to other data signals. As the article points out, fingerprint biometrics can have their efficacy increased when paired with data signals like geolocation or Device ID. Similarly, Jack Ma made Alipay more secure by marrying the "Selfiepay" concept with smiling or nodding as a movement captcha. 

But what about Voice Biometrics?

Voice biometrics are an effective solution for authenticating callers and detecting fraud. Without additional data points, however, Voice Biometrics fails to meet its full potential. 

Here's what Voice Bio can leverage to get even smarter:

Dynamic Blacklists - If a call is coming from a known fraudulent number, a suspicious international number range, or a compromised account- why treat it as a basic customer call? Leverage this information, much of which can be accessed via API in near-real-time, to flag calls before they even reach you Biometric Authentication. 

Spoof - According to Next Caller's research, 94% of all fraudulent attacks on the call center leverage ANI spoofing as one of the methods to gain access.  Smart call centers use information about whether a call is spoofed to "green light" a call for an agent or flag that call for further scrutiny. 

Geolocation - Where should your caller be? If they're somewhere else - that's a solid indicator to at least take a second look at a call. 

Again, all of the above information is available in near-real-time, much faster than a Voice Biometric Authenticator can perform an analysis. 

The next major wave of Biometric Security won't be the implementation of the solutions, but the marrying of data that makes those solutions smarter. 

 

Tim Prugar is the Director of Customer Success at Next Caller. He can be reached at tim@nextcaller.com

Is the FCC Investigating Your Platform?

By: Tim Prugar

If your business model is similar to Dialing Services, LLC...they very well might be. 

Late last week, the FCC adopted a "Forfeiture Order" against Dialing Services, imposing fines totaling $2.9 million, citing their practice of placing pre-recorded calls to mobile phones without prior opt-in consent. The FCC asserts that Dialing Services placed more than 4.7 million calls over a 3 month period, ignoring multiple FCC warnings and a citation in the process. The FCC found that not only did Dialing Services offer a spoofing functionality for their clients, but they also participated in the creation of the content. 

So why is this decision significant?

1. Dialing Services is a Platform

This decision has enormous significance because it's not simply going after Dialing Service's clients - it's going after the platform itself. This may signify a sea change in legal thinking, identifying platforms that offer robodialing services as equality culpable for TCPA violations as firms that execute the calls. This is a big, big deal. 

2. Potential Crackdown on "Neighbor Spoofing"

The use of spoofing isn't limited to account takeover or prank calls. The practice of "Neighbor Spoofing" - spoofing the area code of the person you're calling in order to increase the likelihood they answer - has been picking up steam in the sales world over the last 5-7 years. The FCC citing this practice explicitly in their Order may indicate a dedication to cracking down on this type of spoofing. It would certainly be in keeping with the current FCC's clear vow to reduce Robocalls. 

 

Tim Prugar is the Director of Customer Success at Next Caller. He can be reached at tim@nextcaller.com

What You Can Expect After the Verizon Breach

By: Tim Prugar

Yesterday, ZDNet broke the story that a data breach at Verizon resulted in the exposure of the names, phone numbers, and PINs for over 14 million Verizon customers. The data was accessed in June after it was discovered to be improperly stored on a server maintained by Nice Systems, an Israel-based company. 

The scope of the damage has yet to be established, but here are some safe bets on what you will see in the wake of this breach:

Explosion of Call Center Fraud at Verizon

Obtaining customer names, phone numbers, and PINs is pretty much the Holy Grail for fraudsters. Having this information allows fraudsters to order new handsets, obtain additional personal information for a secondary attack, set up call forwarding, or engage in number porting. Attacks using this information will almost always center around spoofing, and will most likely look something like this:

1) Fraudster researches the individual who owns the account they wish to breach online or through social media to figure out the answers to Knowledge-Based Authentication Questions.

2) Fraudster spoofs the number of the account they're attacking in order to present a matching ANI to the IVR system or the live agent.

3) Fraudster gives the name they've obtained from the breach to the agent when they reach a live person.

4) Fraudster gives the PIN they obtained through the breach. If there are any Knowledge-Based Authentication questions, Fraudster answers them easily based on their prior research. They're in. The Account Takeover is complete. 

 

Exploitation of Two-Factor Authentication (2FA)

Fraudsters will attack the Verizon Call Center directly - but for most fraudsters this will be the first step in a two-step plan. 

Many banks leverage 2FA to ensure the security of the accounts. 2FA largely relies on mobile devices, leveraging callbacks or SMS messaging to ensure the security of the customer. 

As Fraudsters set up call forwarding or port numbers during their primary attack on the Verizon Call Center, they will have the ability to intercept this 2FA from financial institutions. By successfully navigating this authentication process, fraudsters can attempt to execute wire transfers, open lines of credit, order replacement credit cards, or any amount of nefarious behavior. Expect fraudsters to leverage spoofing once again to present as the compromised customer to the financial institution to execute this plan. 

 

Increased Attacks on ISPs

We predicted in this post that ISPs would encounter "Hacktivism" and retaliatory breaches in the wake of the Net Neutrality debate. There isn't evidence yet that this breach is a direct result of internet unrest, but ISPs would be wise to batten down the hatches on their cyber and telephony channels. 

 

Tim Prugar is the Director of Customer Success at Next Caller. He can be reached at tim@nextcaller.com.

 

 

Merchants Stand To Lose HOW MUCH to CNP Fraud?

 

By: Tim Prugar

           Regular readers of this blog should be no stranger to Next Caller’s stance that the EMV migration has had a significant impact on Card-not-Present (CNP) Fraud in the retail and financial services spaces. The call center channel and eCommerce are the most vulnerable due to the volume of transactions and vulnerability to social engineering. We always knew that the threat was a potentially catastrophic one, but the amount of money at stake may be even greater than anyone realized.

            A recent report by Javelin estimates that $71 billion will be lost to CNP Fraud over the course of the next five years. With those staggering numbers in play, it’s even more alarming that so many merchants still insist that the costs of combatting fraud are too high to justify. This is false: the majority of real-time fraud solutions are less expensive and less labor intensive than salaried Analysts who perform manual reviews of instances after the fact. Javelin also indicates that in the eCommerce space, address fraud in the form of freight forwarding and Synthetic ID fraud are of particular threat to the industry.

            So, in the face of this oncoming tsunami of fraud, what is a merchant or financial institution to do?

 

Prioritize Real-Time

The reason for the growth in CNP Fraud is twofold: one, the difficulty of traditional Card-Present Fraud post EMV migration, and two, the enormous volume of transactions fraudsters can pump through CNP channels. Merchants and Financial Institutions simply do not have the time and resources to hand-review the massive amount of fraud that is coming and will continue to come their way. Visionary organizations will prioritize real-time, first-stage fraud detection systems over second-stage review solutions.

 

Leverage Geographic Intelligence

Businesses know where their fraud is taking place. Why not view those regions with a greater degree of skepticism? Setting up business rules to trigger automated, real-time reviews of orders going to suspicious locations is a must for dynamic fraud teams. According to Javelin, Fraud chargeback rates in Brazil jumped from .5% of all transactions to 3.5% - with a jump from 1.25% to 2.75% reported during the same period in Mexico. Wouldn’t it make sense to pay a touch more attention to orders going to those locales?

 

Verify Everything

With Synthetic ID fraud on the rise, it serves as the perfect compliment to CNP Fraud. It’s not enough anymore to verify that a phone number and/or a postal address are valid. Fraudsters are providing valid information in invalid combinations to circumvent detection systems. Fraud teams, particularly in eCommerce, should not only be validating each order line, but should be verifying that the information has been seen together before – an offering that Next Caller provides.  

 

Tim Prugar is the Director of Customer Success at Next Caller. He can be reached at tim@nextcaller.com.

6 Life Lessons I Learned From Next Caller

 

By: Vanessa Pena

Did you just graduate from college, buried under loan debt and can’t find a job? You are not alone! Recent data revealed that colleges are failing to teach students critical thinking skills, which are often linked to finding a successful job or thriving as a young professional. This made me reflect on my own experience as a student and got me thinking: Am I truly preparing for “real life”? Am I ready to enter the workforce, or to have my own company, as I intend to do, someday?

 This past January, I started a 6-month co-op program, during which I took a break from my studies to work as a full time employee at Next Caller. To give a little bit of background I am an Economics Major with a strong desire to start my own social enterprise in Ecuador. So, why a tech company? I first applied because the company values and culture resonated with my search for an entrepreneurial and passionate team. However, I certainly couldn’t grasp the way in which this experience was going to shape my thinking. After reflecting on my experience, I compiled 6 invaluable, life-long skills and lessons I learned:  

6) Creativity Is The Most Powerful Tool

Working as a Sales Development Representative taught me that if something isn’t effective, you have to rethink it. When you are trying to get a meeting with a C-level executive from a Fortune 500 company, an original, personalized email is your biggest asset. In sales, you will face many “NOs” and endless objections. However, the real art hides in overcoming each objection by asking questions and thinking outside of the box. Recently, there has been a lot of dialogue about artificial intelligence and how automation is going to replace human jobs. Machines aren’t likely to outsmart creative thinking and emotional intelligence, so this is definitely a vital skill to have.

5) Technology Is For Everyone

When I first started at Next Caller, I was unfamiliar with many of the technology terms, such as API, ANI, and spoof. After six months of being immersed in different markets and situations, I have an intimate knowledge of things that I could have never learned from college books. I realized that you don’t have to be an engineer to be curious, ask questions and to try to understand how technology really works. People are looking for ever-faster, simpler and more cost effective solutions. Technology is the best way to achieve those goals. Most importantly, I now see the power of technology, the fast pace at which it evolves, and the exponential change it can bring.

4) Embrace Constant Self-Evaluation and feedback

In order to make progress and have an impactful job you must have clear goals and actively pursue them. Every Friday, we did “wins and shout-outs”, where each member of the team talked about weekly goals, the progress that was made, and gave a shout-out or a playful “burn” to someone on the team. This not only increased accountability and transparency but also created a cohesive team working for a common vision. It showed me the value of acknowledging someone else's accomplishments, setting goals, and welcoming constructive feedback.

 3) Good and On Time Is Better Than Late and Perfect.

Nowadays, change is the only constant. Next Caller showed me that things move at a crazy pace. Sometimes a product has to pivot 180 degrees from the original idea in order to fit a market. The important part is to get things out there and to test them, with real people or companies. The same principle applies to life, instead of trying to find the silver bullet or the perfect solution, you have to start experimenting. As long as you keep improving and learning along the way, you will eventually thrive. For an aspiring entrepreneur, this is a priceless lesson that I can take with me.  

2) See the Person Behind Every Interaction

This notion applies to everything that Next Caller does. The first day of sales I was very nervous. My VP told me, "Always remember you are talking to a real person, just like you.” The fact that Next Caller was started with the purpose of helping businesses get to know their customers to foster mutual respect speaks volumes.  Now, every time I see a product, I see a team behind it writing code, selling, or marketing it.  As consumers, even if we only see the end product of the technology, we must not forget that there is a human behind the scenes making it possible. This increased my empathy and desire to genuinely approach people to know their story and learn from them.

Nevertheless, if I would have to choose only one lesson, it would be...

1) Invest In People and Empower Them

People are the engine of every company; each unique member has a story and an invaluable role to play. Once at Next Caller, the CEO told us that his mission is to make everyone in the company happy. I thought that this was a virtuous statement. A few words of wisdom from one colleague I took were: if you invest your resources in finding the right talent, you must empower people, trust them and give them the tools to make your company great. I had the opportunity to get to know and work with amazing individuals and managers that trusted me with tasks I didn’t even know I was capable of doing. There is infinite potential in trusting, combining different talents, and empowering people to achieve a common goal.

Thanks to this experience, I am armed with invaluable skills that make me much more confident as I approach my graduation day and pursue many exciting opportunities in my future. Although I am leaving an incredible team at Next Caller, I know that I will always be connected to this strong network of inspirational mentors and friends for life.

Vanessa Pena recently completed her Co-Op as part of the Sales and Marketing departments at Next Caller. If you are a potential employer researching Vanessa's background and experience, we would enthusiastically recommend her due to her marketing expertise, creativity, self-starter nature, professionalism, and collaborative mentality. 

Speed Read: How to Hack Biometrics

Hot off the presses, two quick articles to start your week. Both on the subject of hacking biometrics, voice or otherwise. 

  • The Register breaks down how scientists are trying to identify and stop the methods that hackers and fraudsters circumvent voice biometric authentication systems. SPOILER ALERT: spoof plays a major role. 

 

  • A lively debate focusing on the "hackability" of biometrics. It looks like the question isn't if biometrics can be hacked, but how easy it is to do. 

 

Click to learn more about Next Caller's unique approach to real-time caller authentication and fraud prevention.

Social Security: Social Media Phishing Attacks Are on the Rise, Here’s How You Can Protect Yourself

While phishing, or the practice of sending emails or making phone calls purporting to be from legitimate companies in an effort to get victims to reveal personal information is nothing new, fraudsters are increasingly turning to new channels to target victims. One such channel is social media.

Recently, a social media attacked carried out by Russian hackers was able to infiltrate the computer of a Pentagon official. And it didn’t take much for the hackers to find their way in; a simple link attached to a Twitter post advertising a vacation package was enough. Once the linked was clicked, the official’s computer was infected.

In November 2015, the State Department revealed that its 7,000 of its employees took the first step toward being compromised by clicking on a link that appeared in their social media feeds.

According to one report, social media phishing attacks increased 500% from beginning of 2016 to end of 2016. While that’s a scary statistic, the success rate of these types of attacks may be even more frightening.

Research published by the cybersecurity firm ZeroFOX found that 66% of spear phishing messages sent through social media sites were opened by their intended victims.

The reason for the increase in attacks on social media is rather simple. These attacks are targeting channels where users usually have a high-degree of trust. When you share something to your social network, or see a post from someone else, it’s unlikely that you screen the content for fraud potential.

With the number of attacks on the rise, and the vulnerability that social media channels presents making headlines, corporations and government agencies around the world are starting to realize the importance of educating and training staff on the dangers of social media fraud.

However, these attacks aren’t relegated to big organizations. Anyone who uses social media should be aware of the potential threats as well as the steps they can take to make it less likely that they will be hooked in a social media phishing attack.


To help, we’ve put together the following infographic:

AI in the Contact Center: What Can We Learn From AlphaGo?

   By: Tim Prugar

           The nearly infinite moves a player can make in a game of Go makes it the perfect playground for AI. When DeepMind’s AlphaGo took on Go Champion Lee Sedol, the world wondered whether the AI Lab had been able to create a better Go Player. The reality was much more shocking.

            Early in the series, it became clear that AlphaGo wasn’t AI that played Go better…it was AI that played Go differently. By making moves that defied traditional human convention (an excellent rundown can be found at Quartz) AlphaGo demonstrated how to play the thousand-year-old game differently. Even more surprisingly, its human opponent was able to adapt and elevate his own creativity in ways that even confused the AI player.

            AI is a hot topic in the world of Customer Service and a constant on “CX Trends for 2017” listicles. Thought leaders debate whether Chatbots raise the specter of jobs lost to automation, while others laud the potential of AI to answer time-consuming, “quick fix” questions. Customer Service Guru Shep Hyken argues that AI has the potential to serve as a real-time Intelligent Assistant for customer service representatives, leading to more positive impacts on the customer.

            However, most of these conversations address what AI can do, not what we can learn. In five brief games, AlphaGo showed the world that even in 2017 there can be new moves and approaches.

What might Contact Centers be able to learn if they viewed AI as a resource rather than a tool?

How might AI allow businesses to find and develop entirely new ways of approaching Customer Service?

            The next leap in customer service won't be achieved by businesses that shop for AI to solve an existing problem. That leap will be made by companies who lean into adopting AI to find new and unique solutions that people never knew existed.

 

Tim Prugar is the Director of Customer Success at Next Caller. He can be reached at tim@nextcaller.com. 

Should ISPs Prepare for "Hacktivism" in the Wake of Net Neutrality Vote?

     The internet erupted in a collective fury last week as the FCC voted to rollback net neutrality regulations. From the internet commons of Reddit to the New York Times Editorial Page, observers noted with concern, anxiety, or full-blown rage that the policy shift was a threat to the concept of a free and open internet. The popular wrath was directed at two main sources: FCC Chairman Ajit Pai and massive Internet Service Providers (ISPs) who potentially stand to gain from the deregulation. With ISPs squarely in the sights of the internet’s vengeful wrath, the rise of “hacktivism” should give ISPs significant pause about the security threats this policy change can bring to their organizations.

 

What is Hacktivism?

            A blend of hacking and activism, hacktivists leverage security breaches or other cyber attacks to advance a political or social cause. Rather than looking for money, Hacktivists are seeking to combat perceived injustices. Examples include an attack on the state of Michigan’s website in the wake of the Flint Water Crisis, the hacking of DNC Emails, and even the data breach at Ashley Madison.

 

Why Should Net Neutrality Make ISPs “Productively Paranoid”?

            First and foremost, there’s already been an alleged hacktivist attack as a result of the net neutrality vote. The FCC itself has claimed that it suffered multiple distributed denial-of-service (DDoS) attacks that they believe had the goal of shutting down the public commenting system in advance of the net neutrality vote. These tactics are becoming increasingly common as an expression of internet outrage, and ISPs don’t need to look much further than headlines to see the anger that these policy changes have caused:

Comcast and Verizon’s Sneaky Push to Kill Net Neutrality is Just Embarrassing

Comcast and other ISPs celebrate imminent death of net neutrality rules

Verizon Apparently Thinks You’re Stupid 

FCC Buried By Fake and Hate-Filled Comments on Net Neutrality

            To sum…many people are very unhappy.

 

 What Can You Do To Protect Yourself From Hacktivist Attacks?

            The most important thing to recognize is that attackers focus on vulnerabilities and weaknesses. Any plan to shore up security must identify and secure frequently-overlooked channels.

1.     The Phone

Whether it’s PBX, VOIP-based UC systems, or a consumer-facing call center, the phone channel is a prime target for bad actors. ISPs should be certain that PBX/UC systems have secure passwords and that systems are in place to detect suspected breaches. A hacked PBX can run up hundreds of thousands of dollars in long-distance calls in a single weekend, and would be a perfect way for hacktivists to make ISPs feel financial pain for the net neutrality shifts.

ISPs who operate consumer-facing call centers should employ technology that can detect instances of call spoofing or robodialing in real-time. Executing a Telephony Denial-of-Service (TDos) attack by flooding a call center with robocalls is an effective way to completely shut down a call center, like what happened at the Minnesota insurance exchange. ISPs want to be sure to have strong anti-spoofing technology in place to prevent account takeover protect their customers’ personal data in the event of an attack.

2.     Phishing Attacks

The human being is always the weakest link in the fraud chain. From Snapchat to the World Anti-Doping Agency to GoogleDocs, significant cyber threats can be facilitated by an employee clicking on a link or downloading and opening a file they shouldn’t. It is essential that ISPs exhibit a heightened sense of internal security, and ensure that all employees have received recent training on phishing attacks, social engineering practices, and basic email safety.

3.     Third Party Vendors

With the rise of interconnectivity and the Internet of Things, it’s no longer enough to worry about your own security protocols and practices – you must also be rock-solid certain as to the security credentials of your third party vendors. An air conditioning vendor contributed to Target’s data breach, and Lady Gaga’s album was leaked after a collaborator was hacked. How are you being certain that your vendor partners aren’t accidentally putting your business at risk?

TCPA in the Age of Trump : Kern v. VIP Travel Services

AP Photo/Charlie Neibergall

AP Photo/Charlie Neibergall

By: Tim Prugar

             For businesses that leverage telecommunications as a primary method for selling, whether through voice or SMS channels, the election of Donald Trump to the presidency signified a potential sea change in the way that the Telecommunications Consumer Protection Act (TCPA) would be viewed and enforced. On the one hand, Trump has spoken frequently and publicly about the need to grow American business and remove regulatory barriers that might inhibit that growth. On the other hand, Trump’s new Chairman of the FCC, Ajit Pai, has come out swinging in his vows to stop the “scourge” of robocalling, a major business tool of telemarketers. With these two seemingly competing views of how to approach telemarketing and other telecommunications-based sales outreach, what can businesses expect from TCPA interpretation over the course of the Trump presidency?

            One of the only ways to make accurate predictions is to monitor, analyze, and discuss TCPA cases that are taking place right now. 

 

            Kern v. VIP Travel Services

             Last week, a United States District Court in Michigan issued an opinion in a class action lawsuit against a series of hotels by consumers who had been marketed to on their cell phones. According to the consumers, third-party travel agents were leveraging autodialers to reach them on numbers that were registered with the Do Not Call (DNC) Registry. The consumers alleged that these agents were not only violating TCPA, but that they were doing so with the full blessing of the hotels, who they alleged had provided material assistance in the form of resources and marketing collaboration. The consumers also alleged that the hotel logos were clearly visible on the third-party agent web sites.

            Naturally, the hotels objected to these allegations, and stated emphatically that the third-party agents were acting of their own accord. The courts sided with the hotels, noting that the contracts between the hotels and the the third-party agents clearly established the agents as independent contractors and explicitly stated that all laws governing marketing, including TCPA, should be adhered to. The courts found no evidence that the hotels gave consent for their logos to be used on the web site.

            The theme at the center of this legal dispute is the concept of “vicarious liability.” Essentially, the consumers were alleging that the Hotels should be held responsible for the behavior of the third-party agents. In this case, the courts argued that in order to prove “vicarious liability” in a TCPA suit, the party making the allegations has to prove more than the “mere nexus” of the defendant and the caller. They have to provide solid evidence - which the courts believed the plaintiffs failed to do. 

            So what does this mean for businesses? First, these kinds of lawsuits still cost defendants in the form of time, stress, and legal fees. Second, businesses working in the telemarketing space (whatever form that must take) need to be aware of and tuned in to the business practices of any third-party vendors to whom they might outsource sales or marketing. Their actions can come back to haunt you. Third, make sure that you are checking the validity of a number before every single outbound dial – cross-referencing the DNC Registry, checking for changes in porting, and confirming line type.

            The future of TCPA enforcement is still uncertain, but being wary, informed, and compliant will never go out of style.

 

Tim Prugar is Next Caller's Director of Customer Success. He can be reached at tim@nextcaller.com.