We’re excited to share that Dock Labs is collaborating with GSMA, Telefónica Tech, and TMT ID on a new initiative to reinvent call centre authentication.
Here's why:
Today’s customer authentication processes often rely on knowledge-based questions or one-time passwords (OTPs). These methods are time-consuming, typically taking between 30 and 90 seconds, and can be vulnerable to SIM swap attacks, phishing, Caller Line Identification (CLI) spoofing and data breaches.
On top of that, they frequently require customers to disclose personal information to call center agents, creating privacy and compliance risks for organisations.
To address these issues, the group has initiated a Proof of Concept (PoC) to explore a new, privacy-preserving model of caller authentication that is faster, secure, and user-friendly.
The vision: instant, privacy-preserving caller authentication
The PoC will demonstrate how a mobile ID wallet app can serve as a trusted digital identity channel to authenticate calling customers.
When a customer contacts a call centre, the agent can trigger an authentication request directly from their portal. Customers will immediately receive a push notification in their phones asking:
“Are you currently speaking with our customer support team?”
Customers then unlock the app using biometrics and confirm with a simple tap of “Yes.”
Within seconds, the agent receives confirmation and verification of the customer’s identity, eliminating the need for knowledge-based questions, OTPs or exchange of personal information.
This process aims to deliver:
- Faster authentication: Significantly reduce the time required to verify callers.
- Stronger security: Mitigating risks associated with fraudulent SIM swaps, phishing, CLI spoofing and stolen data.
- Enhanced privacy: Ensuring agents never view or handle sensitive customer information.
Objectives of the Proof of Concept
The goal of this initiative is to demonstrate a faster, more secure, and privacy-preserving customer authentication experience for customers calling into call centres.
Key objectives include:
- Validating the solution within a live call centre environment.
- Evaluating the convenience and intuitiveness of the customer experience (UX).
- Measuring improvements in verification time, security assurance, and user satisfaction.
Underpinned by trusted digital identity standards
While the customer experience is designed to be simple, the underlying technology is based on advanced cryptography, open identity standards, and trusted carrier network APIs.
- End-to-end encrypted communication: Built on the DIDComm protocol, ensuring all exchanges between the call centre and the customer’s app remain tamper-proof and confidential.
- Digital identity wallet: A secure wallet, that can be used as a standalone app or integrated via SDK within an organisation’s existing app, stores verifiable credentials accessible only to the rightful user via biometrics.
- Verifiable Credentials: Enable cryptographically signed proofs of identity (e.g. account ownership).
- Selective disclosure: Allows customers to share only what is necessary, for example, confirming identity through a “Yes/No” response rather than transmitting personal details.
- Number Verify: Provides an additional layer of cryptographically secure, phishing-resistant verification of the mobile number and SIM card as an independent trust anchor.
Next steps
This PoC represents a significant milestone in demonstrating how digital identity frameworks and Verifiable Credentials can transform customer authentication, improving trust between customers and service providers.
By proving that call centres can achieve greater efficiency and security without compromising user privacy, this collaboration sets the foundation for a new model of trusted digital engagement.
Results and insights from the pilot will be shared in a forthcoming publication.
