No Jitter is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Journey: Why You Need to Know This CX Identity Innovator: Page 2 of 2

To make this more concrete, let’s consider how zero knowledge verification would work for an inbound call to a bank contact center. The account holder calling in must authenticate with the bank before the contact center agent will discuss anything about the caller’s accounts. At the present time, the bank authenticates the account holder by having the agent, or the IVR, ask for information such as the last four digits of the caller’s SSN, mother’s maiden name, and account number. Not only has this private information been revealed to the agent, but it is now also part of a recording, and possibly a permanent transcript.
Using Journey’s solution, the bank could take several easy zero knowledge verification steps:

1. After receiving a call, the contact center sends a notification to the caller’s mobile device asking the caller to log into the bank’s mobile app on the phone. Logging into the app using facial recognition provides one in a million accuracy; the bank could also use more complex back-end facial recognition provided by a third party that would provide one in a billion accuracy.

Mobile app messaging example

When calling into a bank call center, the caller can receive an SMS message from the bank inviting them to authenticate with the bank's app on the mobile phone. Facial recognition authentication takes only a second. By authenticating on the mobile device, the bank knows who the caller is.

Image: Journey


2. The caller is authenticated in a couple of seconds and the bank can send a message via the secure Journey orchestration layer telling the caller that they’ve been verified and sharing the name of the agent to whom they’re talking.

Mobile app authentication

The bank can inform the caller that they’ve authenticated and with which teller they’ll be speaking. The Journey solution enables mutual authentication between the caller and agent, similar to how applications like Uber or Airbnb let you know details about your driver or room host.

Image: Journey


3. The bank may require additional verification information, such as the account holder’s address, date of birth, or SSN. Rather than sharing this private information with the agent, the caller enters it into the mobile app. The data is sent through Journey’s orchestration cloud to the bank’s back-end systems for validation.

Agent dashboard

The agent dashboard as the bank customer authenticates. In this image, the agent can see that the person has authenticated their name (using facial recognition on the mobile app). The agent can then request verification through the mobile app for other items, such as the address, date of birth, or SSN. The agent never sees the SSN, date of birth, or the address during the authentication process.

Image: Journey


4. Once the account holder has authenticated, following the bank’s rules and protocols, Journey sends a signed, digital certificate to both the call center software on the agent desktop and to the user’s mobile device. This certificate is proof that the person has properly authenticated. If the call is passed to another agent, this certificate flows with the call so that the new agent knows the user has already authenticated, simplifying identity authentication even during call transfers.

Using zero knowledge verifications, the agent can see verification certificates without ever needing to see or hear any confidential information, yet the caller is securely authenticated, which increases customer privacy and improves the customer experience throughout the interaction.
Journey estimates it can save its customers at least $1 per call through faster authentication. Plus, the Journey solution eliminates silly or painful security Q&A experiences. In addition, it solves some issues for the contact center:
  • It can reduce or eliminate the scope for compliance for PCI, HIPAA, GDPR, and CCPA.
  • The underlying privacy and security-related details bypass the contact center stack entirely.
  • It eliminates or reduces the need to prohibit cell phones in the contact center, delete call recordings, mask out sections of agent dashboards, and rely on “secure IVR.” In addition, it allows agents to work at home because an “evil person” looking over the agent’s shoulder will never see or hear any useable confidential information.
Journey sees several other fertile application areas for its technology, as shown in the graphic below. Another one that I can see moving to the forefront in coming months is voter verification, should we still be in quarantine or under other physical distancing guidelines and people don’t want to go to a polling location. A voting application embedding Journey’s technology on a mobile device would enable millions of people to cast ballots remotely, securely, and with less fraud.
Journey use cases

Additional applications for Journey's zero knowledge verification technology.

Image: Journey
As one of the judges in the Best of Enterprise Connect competition, I found Journey’s technology and demos quite persuasive. The capabilities, while not the typical communications and collaboration ideas we encounter in the industry, may have far-reaching effects on how contact center software stacks are built and how people interact with the companies that make the products and services they use.
If you want more information about Journey, watch this video demo. In addition, listen on demand to the EC Virtual Bootcamp session, “1 Million+ Agents Working from Home…What Could Go Wrong?"

Recommended Reading: