Why Contact Centers Are Switching From Hard Tokens To Continuous MFA

The Limitations of Traditional MFA in Contact Centers

For a long time, most contact centers have used hard tokens to authenticate their agents. They were phishing resistant, worked with clean desk environments, and were fairly easy for the agents to use with minimal training. 

However, they always had a major drawback: contact centers must allocate serious resources to manage these security keys. Large companies often needed personnel and tools to issue and revoke keys, and a lost key would present serious cybersecurity threats.  

As employee turnovers increase, the world moves on to new modes of work, and cybersecurity threats become more sophisticated, these security keys are proving to be insufficient.

The Growing Need for Agile Authentication Solutions

Contact centers are exploring faster and more flexible solutions to meet their needs. They need solutions that simplify operations and create seamless workflows. 

With hard tokens, contact centers must make serious long-term investments and deal with other short-term costs. In practice, hard tokens turn a cybersecurity problem into logistical and operational issues. 

For instance, replacing a single key can put a not-so-insignificant dent in a contact center’s operational budget. Considering the high turnover associated with contact centers, there’s also the cost of issuing and revoking these keys every time someone joins or resigns from the organization. 

If a key is lost during these operations, it can create a cybersecurity nightmare for the organization. Another drawback is that hard tokens don’t work seamlessly in the background. Employees have to actively participate in the authentication process. According to the PCI 4 guidelines that go into effect after March 2025, contact centers must lock out a system and require agents to authenticate again after 15 minutes of inactivity. With hard tokens, this can significantly affect productivity. 

Many organizations have employees in remote and hybrid work settings. Issuing and managing hardware tokens may prove even more difficult in these environments. Since these keys don’t use biometrics to authenticate users, contact centers have no way of preventing their employees from outsourcing their work to family members or others in a remote work environment. 

Continuous MFA as a Game-Changer for Contact Centers

Switching to Continuous MFA can solve many problems for contact centers. Behavioral multi-factor authentication leverages users’ typing patterns, mouse movements, and other behavioral patterns to authenticate them. The solution is deployed as software on the user’s system and requires no training to deploy and no direct user interaction for it to work. 

As the user interacts with their system, Continuous MFA continuously monitors them and analyses their behavioral profile. If there’s a significant difference between how the user is interacting with the system and their behavioral profile, indicating an intruder, the MFA system will lock out the user. Organizations have various response options and can configure the system to contact the manager or use fallback MFA so the user can get back into the system.  

Unlike hard tokens, Continuous MFA doesn’t require additional resources to manage or deploy keys. The solution significantly reduces operational and logistical costs without compromising security. 

Continuous MFA also drastically reduces security friction since users don’t have to actively authenticate themselves. It enhances the security of the infrastructure since it authenticates users continuously, unlike most other authentication solutions like hard tokens, which authenticate users only at specific points in time. 

Why Continuous MFA Out Performs Hard Tokens

In many aspects, Continuous MFA far exceeds the capabilities of hard tokens. Here are a few:

• Cost-Effective: With Continuous MFA from Twosense, organizations don’t need any additional hardware to deploy. This approach lowers the initial deployment costs by 2.5x and considerably reduces the long-term operational costs. IT admins can manage and configure the system remotely, and they have a lot less hardware to manage and keep track of. Read more about reducing security costs in our Cost Saving Blueprint: Twosense vs. Hard Tokens.
• Frictionless Experience: One of the major drawbacks of most authentication solutions, including hard tokens, is that they add some level of friction to workflows. In a contact center setting, agents may have to verify themselves multiple times throughout the day, affecting productivity. This security friction can create new vulnerabilities. With Continuous MFA, the agents are authenticated continuously throughout the day and don’t have to do anything most of the time. 
• Remote-Ready: Continuous MFA is deployed as software without any hardware components, making it ideal for remote environments. Not only do IT admins not have to ship additional hardware to their employees, but Continuous MFA can also reduce the risk of remote employees outsourcing their work or getting their family members to help them (posing significant security risk). While employees may be able to hand over their passwords or security keys, it is impossible for someone to accurately mimic someone else’s behavior or how they interact with their computers. 
  
  

Real-World Benefits Seen by Contact Centers

Contact centers have seen significant benefits after switching to Continuous MFA. For instance, in most cases, it takes around 6 months to detect a breach. With Continuous MFA and continuous authentication, contact centers have been able to reduce this to less than a minute. Contact centers worldwide have also seen significant improvement in employee onboarding time and have been able to better comply with security frameworks. 

Conclusion: The Future of Contact Center Authentication is Behavioral

Contact centers are facing a new era of compliance requirements from regulatory bodies, and more clients are demanding better security infrastructure. At the same time, there’s a global shift to remote work. With Continuous MFA from Twosense, you can gain a competitive advantage with enhanced productivity without compromising security.