Skip to main content

CXone Expert Clone Site 216

Customer Identity Verification Procedures

  1. Last updated
  2. Save as PDF

Customer Identity Verification Procedures

Summary

This guide outlines mandatory procedures for verifying customer identity before providing account information or making account changes. Proper verification protects customer privacy, prevents fraud, and ensures compliance with data protection regulations.

Why Identity Verification is Critical

Legal and Compliance Requirements

  • Data Protection Act compliance - protect personal information
  • Privacy regulations - only authorized persons access accounts
  • Anti-fraud measures - prevent unauthorized account access
  • Company liability - reduce risk of identity theft claims
  • Industry standards - meet telecommunications regulatory requirements

When Verification is Required

  • Accessing account information (balance, usage, personal details)
  • Making plan changes or service modifications
  • Processing payments or refunds
  • Updating contact information or passwords
  • Discussing billing details or disputes
  • Requesting SIM replacement
  • Suspending or reactivating service
  • Transferring account ownership
  • Requesting account closure

Verification Levels

Level 1: Basic Information Access

Required for: General account inquiries, checking service status, plan information

Verification Method

Verify at least 2 of the following:

  • Full name (as registered on account)
  • Date of birth
  • Registered mobile number
  • Billing address (street name and postal code)
  • Last 4 digits of ID number

Level 2: Account Modifications

Required for: Plan changes, add-ons, payment method updates, temporary suspensions

Verification Method

Verify Level 1 items PLUS one of:

  • Account PIN (4-6 digit code set by customer)
  • Last payment amount and date
  • Recent transaction details
  • Security question answer

Level 3: High-Security Changes

Required for: Address changes, ownership transfers, account closure, large refunds, password resets

Verification Method

Verify Level 1 and 2 items PLUS:

  • Government-issued ID number (full number)
  • OR one-time password (OTP) sent to registered mobile/email
  • OR in-person verification at retail store with physical ID

Step-by-Step Verification Process

Phone Verification Procedure

Step 1: Initial Greeting and Request

  1. Greet customer professionally
  2. Ask how you can help today
  3. Listen to customer's request
  4. Determine required verification level

Step 2: Begin Verification

Use this script:

"To help you with that, I'll need to verify your identity to protect your account security. Can I start by confirming your full name and date of birth?"

Step 3: Collect Verification Information

  1. Ask for required information based on verification level
  2. Check information against account details in system
  3. If information doesn't match: Give customer 2 more attempts
  4. Never tell customer what information is on file - ask them to provide it

Step 4: Complete or Deny Access

If verification passes:

"Thank you. I've verified your identity and can now help you with [request]."

If verification fails:

"I apologize, but I'm unable to verify your identity with the information provided. For account security, I cannot proceed with your request. The account holder can visit our store with photo ID, or we can send a verification code to the registered mobile number. Which would you prefer?"

Chat/Email Verification Procedure

Enhanced Security for Digital Channels

  • Never verify via email alone - too easy to impersonate
  • Always require OTP for any account changes via chat/email
  • Inform customer that OTP will be sent to registered contact
  • OTP valid for 10 minutes only
  • Maximum 3 OTP requests per hour per account

Chat Verification Process

  1. Customer initiates chat and makes request
  2. Agent explains verification is required
  3. Collect basic information (name, mobile number, account number)
  4. Send OTP to registered mobile number or email
  5. Ask customer to provide the OTP received
  6. Verify OTP in system
  7. Proceed with request if OTP matches
  8. OTP expires after 10 minutes

In-Store Verification Procedure

Document Requirements

Accept ONLY original, valid (not expired) government-issued photo ID:

  • National Identity Card
  • Passport
  • Driver's License
  • Employment Pass (for foreigners)
  • Military ID

In-Store Verification Steps

  1. Request customer's ID document
  2. Check ID is valid (not expired)
  3. Verify photo matches person presenting ID
  4. Check name on ID matches account name
  5. Verify ID number against account records
  6. For high-security changes: Scan or photocopy ID and attach to account
  7. Return original ID to customer
  8. Proceed with request

ID Verification Checklist

Check Action
Expiry Date Must be current/not expired
Photo Must clearly match person
Name Must match account registration
ID Number Must match system records
Document Type Must be government-issued
Authenticity Check for obvious signs of tampering

One-Time Password (OTP) System

When to Use OTP

  • All digital channel verifications (chat, email, web)
  • High-security phone verifications
  • Password reset requests
  • When customer cannot provide Level 2 verification
  • Large payment processing (over $500)
  • Address change requests

Generating OTP

  1. In CRM system, click "Send OTP" button
  2. Select delivery method: - SMS to registered mobile (default) - Email to registered email - Both
  3. System generates 6-digit OTP
  4. OTP sent to customer within 30 seconds
  5. OTP valid for 10 minutes
  6. Inform customer to check their mobile/email
  7. Wait for customer to provide OTP
  8. Enter OTP in verification field
  9. System validates and confirms match

OTP Troubleshooting

Customer Didn't Receive OTP

  1. Verify correct mobile number/email on file
  2. Check if customer's message inbox is full
  3. Wait 2-3 minutes (may be delayed)
  4. Resend OTP if needed (max 3 times per hour)
  5. Try alternative delivery method (email if SMS failed)
  6. If all attempts fail: Escalate or require in-store verification

Customer Provides Expired OTP

  • Explain OTP expired after 10 minutes
  • Generate and send new OTP
  • Ask customer to provide new code immediately

Wrong OTP Provided Multiple Times

  • After 3 failed attempts: Lock OTP system for 1 hour
  • Explain security lockout to customer
  • Offer alternative: In-store verification with ID
  • Document failed verification attempts in notes

Special Verification Scenarios

Authorized User vs Account Holder

Authorized Users

Some accounts have designated authorized users who can access account information.

Verification for Authorized Users
  1. Customer identifies as authorized user (not account holder)
  2. Verify authorized user list in CRM system
  3. Verify authorized user's identity (their own name, ID, etc.)
  4. Check their permission level: - View Only: Can access information only - Full Access: Can make changes - Billing Only: Can view bills and make payments only
  5. Proceed based on their permission level
  6. Document in notes that authorized user made request
Adding Authorized User
  • Only account holder can add authorized users
  • Requires Level 3 verification of account holder
  • Collect authorized user's details: Full name, ID number, mobile number
  • Account holder must specify permission level
  • Authorized user added to system
  • Confirmation sent to both account holder and authorized user

Business Accounts

Business Account Verification

  • Verify caller is authorized company representative
  • Check list of authorized contacts in CRM
  • May require company registration number
  • May require letter of authorization for major changes
  • Document company name and caller's position/role

Third-Party Callers

Family Members

"I understand you're calling on behalf of [account holder]. For privacy and security, I can only discuss the account with the account holder directly or an authorized user. Can I speak with [account holder], or would you like them to add you as an authorized user?"

Legal Representatives

  • Requires proof of legal authority (power of attorney, court order)
  • Must be submitted in writing or in-person
  • Document scanned and attached to account
  • Legal team approval may be required
  • Document representative's details and relationship

Deceased Account Holder

  • Express condolences professionally
  • Requires death certificate (official copy)
  • May require proof of executor/next of kin status
  • Must be handled in-person or via formal written process
  • Escalate to specialized team
  • Do not close account until proper documentation received

Lost/Forgotten Account PIN

PIN Reset Process

  1. Customer states they forgot PIN
  2. Cannot proceed without PIN or alternative verification
  3. Options to offer:
    • Option 1: Send OTP to registered mobile/email for verification
    • Option 2: In-store visit with photo ID
    • Option 3: PIN reset link sent via email (requires additional verification)
  4. Once verified via alternative method, customer can set new PIN
  5. New PIN must be 4-6 digits
  6. Confirmation sent to registered email

Fraud Prevention Red Flags

Warning Signs of Potential Fraud

  • Caller cannot provide basic account information
  • Caller is overly pushy or aggressive
  • Caller asks unusual questions about verification process
  • Multiple failed verification attempts
  • Request to change contact details before verification
  • Caller knows some but not all account details
  • Background noise suggests call center environment
  • Caller asks for information rather than providing it
  • Request seems suspicious (e.g., large refund to different account)
  • Recent account activity suggests compromise (password changes, unusual purchases)

Actions When Fraud Suspected

  1. Remain calm and professional
  2. Do NOT accuse customer of fraud
  3. Politely explain you cannot verify identity
  4. Suggest in-store verification with ID
  5. Do NOT provide any account information
  6. Document detailed notes of the interaction
  7. Flag account for fraud review
  8. Escalate to fraud team immediately after call
  9. Consider placing temporary hold on account if risk is high

Verification Scripts and Templates

Standard Verification Opening

"Before I can help you with that, I need to verify your identity for account security. This will only take a moment. Can I start by confirming your full name as registered on the account?"

Unsuccessful Verification

"I apologize, but I'm unable to verify your identity based on the information provided. To protect your account security, I cannot provide account details or make changes without proper verification. You can visit any of our stores with your ID, or I can send a verification code to your registered mobile number. Which would work better for you?"

Refusing Third-Party Request

"I understand you're calling on behalf of [account holder], and I'd like to help. However, due to privacy regulations, I can only discuss account details with the account holder or an authorized user on the account. [Account holder] can add you as an authorized user by calling us directly or visiting a store with their ID. Is there anything else I can help you with today?"

OTP Verification

"For security purposes, I'm going to send a one-time verification code to your registered mobile number ending in [last 4 digits]. You should receive it within 30 seconds. Please provide the 6-digit code when you receive it."

Documentation Requirements

What to Document

  • Verification method used (PIN, OTP, ID check)
  • Which verification questions were asked
  • Whether verification passed or failed
  • Number of attempts if multiple needed
  • If escalated or OTP used
  • Any red flags or suspicious behavior
  • Actions taken if verification failed

Sample Note Entry

"Customer called requesting plan change. Verified identity using name, DOB, address, and account PIN. All verification passed. Processed plan change from Standard to Premium effective next billing cycle. Customer satisfied with service."

Training and Compliance

Verification Policy Reminders

  • NEVER skip verification - it's mandatory
  • NEVER provide information without proper verification
  • NEVER accept verification from caller's "word" or trust alone
  • NEVER share what information is on file - make them tell you
  • ALWAYS document verification method used
  • ALWAYS escalate suspicious situations
  • ALWAYS be polite but firm when denying access

Consequences of Verification Failures

  • Company liability for unauthorized access
  • Customer privacy breach
  • Identity theft enablement
  • Regulatory fines and penalties
  • Agent disciplinary action including termination
  • Reputational damage to company

Important Reminders

  • Verification is mandatory - no exceptions
  • When in doubt, escalate to supervisor
  • Never feel pressured to skip verification
  • Privacy and security come first
  • Document every verification attempt
  • Stay updated on verification procedures through training

Related Articles

  • Account Management Procedures
  • CRM System Navigation Guide
  • Fraud Prevention and Detection
  • Data Protection and Privacy Policy

Effective Date: November 2025 | Version: 1.0 | Target Audience: All Agents

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Reference
  2. Tags
    This page has no tags.