Implementing a more modern and secure helpdesk authentication can earn companies quick wins and does not have to require a lot of implementation effort or cost. There are three main factors to consider when implementing a new helpdesk authentication solution, including helpdesk support agents, existing tools, and customer communication. Finally, edge cases are an important part that should be considered in the early stages of implementation.
Helpdesk authentication is a process of authenticating a customer that calls the helpdesk regarding any support questions they might have. Caller authentication helps support agents to verify whether the person at the end of the phone line is in fact who they claim to be, and not a fraudster trying to obtain information or conduct fraudulent activities.
The traditional method of helpdesk authentication is knowledge-based authentication (KBA), typically in the form of security questions. However, such methods have been proven [to be a security risk as a result of social engineering attacks](link to blog). By implementing a modern and secure authentication method, companies allow their customers to participate more actively in the authentication process. For example, by accepting push notifications rather than answering security questions that could be discomforting for the customer to answer if they are in a public area. The result is higher customer retention through a more secure process and better customer experience. Additionally, companies can shorten overall call length times and make the helpdesk more efficient. Learn how to implement a frictionless helpdesk authentication process by reading below.
Factors to consider in helpdesk authentication
Companies that already provide an app for customers will find implementing helpdesk authentication easy. For successful implementation, you need to understand the functionality of the helpdesk and what systems are currently in use. Consider the following factors for your implementation project:
Involvement of helpdesk support agents
The helpdesk department is most affected by upcoming changes to helpdesk authentication processes. It is important to involve the affected helpdesk agents from the start of the change implementation as they are the most involved in customer journeys. Teaching them about the positioning of the authentication initiation in their support tool is crucial.
Identifying the technical environment for support
Identify what software tools are used by the helpdesk and support team. For example, where and when does a customer need to authenticate and where is the customer information stored? Is there a possibility to talk to external APIs? List the tools used for authentication and for any confirmation of actions, as well as any other accompanying processes. Questions such as if, how, and where each customer authentication attempt takes place can help to clarify if there is any confirmation of user data change that needs to be logged..
If you change the customer authentication process for your helpdesk, you should communicate these changes to your customers. Removing and avoiding confusion is beneficial and eases the transition process to the new authentication method.
How to implement an efficient helpdesk authentication process
A hypothetical customer journey may have the following steps during a customer call to the helpdesk:
- The customer states their name to the helpdesk agent
- The helpdesk agent initiates customer authentication via the support tool
- The customer receives a push notification on their registered device
- The customer unlocks their device by using biometrics
- The customer reads the message in the application, e.g. “Are you trying to talk to our helpdesk?”
- The customer confirms with a “Yes”
To achieve this process, the helpdesk authentication needs to be integrated in three parts of the technical architecture:
Adding an authenticator to the backend
The initiation of an authentication method (e.g. Push notification) must be added to the business application via API. The backend APIs need to be integrated into the identity and access management (IAM) provider. Some authentication providers (such as Futurae) supply businesses with readily available plug-ins for many IAM providers which drastically cuts down the implementation time.
Integrating the mobile phone interface
If the company has already developed a mobile application, integrating the mobile SDK would be the simplest solution. Alternatively, a second authentication app can be used as well.
Integrating the initiation of customer authentication into the front-end
Add a method in the support tool of the helpdesk that triggers the authentication process.
The implementation effort will therefore primarily depend on the complexity of the customer’s backend system.
Beware of authentication edge cases
The standard case for implementing helpdesk authentication covers the majority of the customer base. However, there are a few usability and edge cases that should be considered in the specification phase of the project. Examples are offline customers or those without a smartphone. Having a fallback solution is crucial in these cases. One possibility is, for example, to continue to use the security questions or to send an SMS for authentication.
Quick wins with helpdesk authentication
Improving authentication for helpdesk is a quick win. It immediately reduces helpdesk call length time (and associated costs), and gives customers a sense of control and security without having to answer knowledge-based questions.