In many industries, such as Home Improvements, Insurance, Travel, Construction and many more it’s very common for homeowner private contact details such as Telephone Numbers to be disseminated across multiple parties – either passed to multiple companies to quote, or spread between various subcontractors or trades completing a job.
This creates a huge problem for data security and massively increases the potential of impersonation fraud. Everyone should be aware of the Booking.com scam whereby fraudsters obtained contact details of buyers actively booking holidays and then called, posing as a Hotel or Airline and taking advance payments that were not genuine.
Intercepted communications can be altered and, for example, payment details altered to divert funds to a different bank account to the one the customer thought they were paying.
In Home Improvements it is common practice for buyer details to be syndicated across three or four different companies – who themselves engage self-employed reps to call and work the leads. Homeowners receive calls but they have no way of knowing whether the call was from the original intended – vetted – company, or from an impostor who has been passed the contact details fraudulently.
There is also no way of ensuring quality. A salesman passed a contact to call will likely do so from his mobile phone, if he remembers to do so. There is a distinct lack of quality assurance.
The Homeowner also has no easy way of revoking permission. Their contact details are generally seen as a highly-valuable commodity and traded illegally.
These problems are, sadly, all too common in many industries and they persist, largely because there seemed to be no easy solution.
The SafeAddress SafeCall Solution
SafeAddress SafeCall is a solution that has been developed over the past 10 years by a team of industry and telecoms professionals, and largely removes all of the issues that lead to the problems described above. It allows any company to pass the ability to contact a Data Subject to third parties, but keep the Data private and have full visibility and control of how contacts are made, and by whom.
It allows companies that operate in industries that must, by necessity, disseminate contact details to properly comply with GDPR, and provides a safe platform that allows the end user to be confident that the calls they receive are genuine and not placed using stolen intelligence.
The resulting intelligence can be used to quality-check the communications with the customer with solid facts to show how promptly and well the communications are taking place.
How SafeAddress Works:
- Contact Data are transferred to the SafeAddress API.
- API returns ‘masked’ telephone number that can be used or exchanged as normal.
- All communications are now securely recorded and logged for compliance checking and anti-fraud protection.
- The ‘masked’ data can be invalidated at a pre-determined point – either the completion of a job, or after a time period, or on the Data Subject Request to be forgotten.
When a homeowner requests contact from third party companies, our SafeAddress SafeCall system generates a unique phone number and & PIN code. The Phone number will always start with 033 and the PIN will always consist of 4 digits. When calls are made to the number, the system asks for the four digit PIN and then sends the call through our call recording system.
Calls to the ‘masked’ number are securely forwarded on to the homeowner (callee) after identity checks on the caller.
SafeAddress can either present a pre-provided Caller ID so the callee knows that the call is trustworthy, or can be announced via a short pre-call ‘whisper’.
This provides the following benefits:
- All onward processing is protected
- Usage can be monitored and any abuse is detectable
- Customer can revoke permission at any time at one SPoC ( Single Point of Contact )
- Automated blocking Heuristics
eg. The number is loaded into an autodialler and that accidentally hammers the number with repeated calls. SafeCall spots this and ‘firewalls’ the customer limiting call presentation frequency
- Caller Control – The calling party can be defined if desired so even the masked number/pin combination can be usable by only a given endpoint.
- Caller Presentation enforced so the party calling cannot withhold caller ID if a fixed CLI is not being presented.
- Caller Presentation can be specified so all calls appear from the same expected source.
- Optional return-call recording and monitoring. Calls returning to the presented number can be recorded and logged before redirecting to the return endpoint.
- Optional call-time controls to specify allowable call times.
- Optional Call duration controls.