Skip to content
CCaaS agents at their desks. Photo by Alex Kotliarskyi
In a booming industry vulnerable to data security threats, identity security has become more imperative than ever.

Making CCaaS Phishing-Resistant With Biometric MFA

In 2021, the Contact Center as a Service market was valued at $4.18 billion. Today that number is approaching $4.87 billion and is projected to grow to $15.07 billion by 2029. These forecasts are no surprise, the CCaaS industry has seen rapid growth over the last few years, and in 2022, North America is expected to have 35% of the total market share. CCaaS has made the best contact center experience possible for organizations worldwide. With a cloud-based business model, CCaaS has enabled organizations to optimize their customer support experience while only purchasing the necessary technology.

This switch to cloud-based infrastructure comes with some unknowns, such as– does being cloud-based bring greater security risk? Security tends to be the number one concern when moving to a cloud-based solution. Businesses often think that they can look after their sensitive data better than anyone else, being that they have the most to lose if there is a breach. This creates worries about attacks from outside, within the service providers’ organizations, or through poorly designed security creating risks, meaning that allowing a third party to control an organization's security is a major cultural and technological change from the way most businesses and IT departments have operated.

According to statistics provided by NICE, contact centers globally handle more than 100 billion calls every month. With such a large volume of calls comes an increased risk of threats, and with contact center platforms managing massive amounts of data, they are often targets for hackers. Of the 100 billion calls that the average contact center handles monthly, statistics show that one out of every 1,700 calls is identified as fraudulent. 

In an industry with a high number of threat actors looking to potentially breach internal systems, having a robust security policy is imperative; however, one of the most overlooked components of an organization's security posture is multi-factor authentication. This happens for various reasons, but most commonly because modern MFA solutions simply do not work in the CCaaS environment. 

Having agents working with sensitive data means that many organizations opt to limit mobile devices, making mobile-based authenticators a non-option. Other authenticators, like hard tokens, are expensive and difficult to manage, making them extremely costly and unsustainable in the long run. This puts CCaaS providers in a difficult spot where they are either using solutions that don't work or worst-case scenario, aren’t using MFA at all. CCaaS customers expect that their data is being protected. If an organization were to be breached and was not enforcing strong access control, the damages could be significant to both its bottom line and its reputation.  

Twosense MFA is a software-only solution that does not require mobile devices or hard tokens. Built on zero-trust principles, Twosense MFA uses passive biometrics to authenticate users. Passwords can be stolen, and hard tokens can be phished, but behaviors cannot.

With 3 simple steps, admins can deploy phishing-resistant biometric MFA to every agent on every app, regardless of time or location. This enables CCaaS providers to have a best-in-class security policy for both on-site agents and remote agents.

Schedule your one-on-one demo with our team to see how Twosense can help make your contact center more secure here

More from the Blog

January 18, 2022

2FA Phishing Toolkits Are Easier To Find Than Ever

As 2FA increases in popularity as the default security feature for most organizations, websites, and applications, so...
April 18, 2022

Prompt Bombing MFA

As multi-factor authentication continues to be prioritized for security, evolving ways of bypassing MFA are born....
November 3, 2022

Phishing Strikes Again in Dropbox Breach

On November 1st, 2022, Dropbox confirmed that a data breach involving a threat actor had occurred and that credentials,...

Sign Up for our Blog

We will never share your email address with third parties.