In many industries, such as Home Improvements, Insurance, Travel, Construction and many more it’s very common for homeowner private contact details such as Email Address and Telephone Numbers to be disseminated across multiple parties – either passed to multiple companies to quote, or spread between various subcontractors or trades completing a job.
This creates a huge problem for data security and massively increases the potential of impersonation fraud. Everyone should be aware of the Booking.com scam whereby fraudsters obtained contact details of buyers actively booking holidays and then called, posing as a Hotel or Airline and taking advance payments that were not genuine.
Intercepted communications can be altered and, for example, payment details altered to divert funds to a different bank account to the one the customer thought they were paying.
In Home Improvements it is common practice for buyer details to be syndicated across three or four different companies – who themselves engage self-employed reps to call and work the leads. Homeowners receive calls but they have no way of knowing whether the call was from the original intended – vetted – company, or from an impostor who has been passed the contact details fraudulently.
There is also no way of ensuring quality. A salesman passed a contact to call will likely do so from his mobile phone, if he remembers to do so. There is a distinct lack of quality assurance.
The Homeowner also has no easy way of revoking permission. Their contact details are generally seen as a highly-valuable commodity and traded illegally.
These problems are, sadly, all too common in many industries and they persist, largely because there seemed to be no easy solution.
The SafeAddress Solution
Safe Address is a solution that has been developed over the past 10 years by a team of industry and telecoms professionals, and largely removes all of the issues that lead to the problems described above. It allows any company to pass the ability to contact a Data Subject to third parties, but keep the Data private and have full visibility and control of how contacts are made, and by whom.
It allows companies that operate in industries that must, by necessity, disseminate contact details to properly comply with GDPR, and provides a safe platform that allows the end user to be confident that the calls and emails they receive are genuine and not placed using stolen intelligence.
The resulting intelligence can be used to quality-check the communications with the customer with solid facts to show how promptly and well the communications are taking place.
How SafeAddress Works:
- Contact Data are transferred to the SafeAddress API.
- API returns ‘masked’ email address and telephone number that can be used or exchanged as normal.
- All communications are now securely recorded and logged for compliance checking and anti-fraud protection.
- The ‘masked’ data can be invalidated at a pre-determined point – either the completion of a job, or after a time period, or on the Data Subject Request to be forgotten.
When a homeowner requests contact from third-party companies, SafeAddress generates a random, unique email address for each contact and an associated security token. When this address is emailed, The SafeAddress email system securely signs the email so it’s possible to guarantee the mail can be transmitted onwards to the homeowner.
SafeAddress technology ensures – using proven and trusted technologies that are supported by every internet service provider worldwide – that the email has been sent from a trusted source, and hasn’t been tampered with en-route.
This secure Safeaddress email address can then be passed to a limited number of trusted companies so the companies can email them with quote information or to other trusted partners in the supply chain.
A homeowner has the personal email address: firstname.lastname@example.org
This email address is passed to the secure server API, which returns a verification token and the ‘masked’ one-way translatable SafeAddress email address that may look like: B76~DD50@safeaddress.uk This email address can then be passed through the supply chain or syndicated to 3 companies to provide quotes. Optionally multiple versions of masked email addresses can be returned and then each passed to different companies. Mails to the masked address are confidentially ‘translated’ and forwarded on to the recipient from a high-quality mail sending cluster.
This means that the customer’s genuine email address is never leaked into the wild.
- Only the genuine company can mail to the address
- Permission can easily be revoked at any time – either address by address, or globally at one Single Point of Contact ( SPoC ).
- The recipient has an added layer of security and can verify the veracity of any email.
- The masked correlation to actual target address can be ‘expired’ at at time pre-determined and relevant for the industry in use.
The homeowner will receive the email that’s sent exactly as it is sent and has the added benefit of being sure that it is genuinely one that has come from one of our recommended companies. When the recipient replies, the reply will go directly back to the sender.
All of the email sent from the advanced SafeAddress mail servers is Signed with DKIM and verified with SPF – the two most used sender verification protocols relied on by banks and financial institutions. The servers are also whitelisted by all the major ISP’s and email providers that allow whitelisting.
When a homeowner requests contact from third party companies, our SafeAddress SafeCall system generates a unique phone number and & PIN code. The Phone number will always start with 033 and the PIN will always consist of 4 digits. When calls are made to the number, the system asks for the four digit PIN and then sends the call through our call recording system.
Calls to the ‘masked’ number are securely forwarded on to the homeowner (callee) after identity checks on the caller.
SafeAddress can either present a pre-provided Caller ID so the callee knows that the call is trustworthy, or can be announced via a short pre-call ‘whisper’.
This provides the following benefits:
- All onward processing is protected
- Usage can be monitored and any abuse is detectable
- Customer can revoke permission at any time at one SPoC ( Single Point of Contact )
- Automated blocking Heuristics
eg. The number is loaded into an autodialler and that accidentally hammers the number with repeated calls. SafeCall spots this and ‘firewalls’ the customer limiting call presentation frequency
- Caller Control – The calling party can be defined if desired so even the masked number/pin combination can be usable by only a given endpoint.
- Caller Presentation enforced so the party calling cannot withhold caller ID if a fixed CLI is not being presented.
- Caller Presentation can be specified so all calls appear from the same expected source.
- Optional return-call recording and monitoring. Calls returning to the presented number can be recorded and logged before redirecting to the return endpoint.
- Optional call-time controls to specify allowable call times.
- Optional Call duration controls.