Epic: SM-1818 - IAM: Authenticate and authorize to CC agent In Progress
JIRA: SM-1846 - Authenticate calling customer Done
Priority:
Effort estimate:
Review status: in preparation/ready to review/approved
As a Customer I want to confirm my identity of CC agent so that I can authorize the agent to take any action on my behalf
As a bank user (sales agent) I want to confirm customer identity so that I can access customer’s data and perform action on customer’s behalf
Role: Bank User, Customer
Objective: Confirm identity of calling customer
Reason: security
Functional requirements:
https://safibank.atlassian.net/l/cp/eaTVy0xE
use cases
customer calls via mobile app (fully authenticated customer)
this will be a button (or similar) in the app
app will store this information in iam-manager
iam-manager should have an endpoint to fetch this info
iam-manager should have an endpoint to delete the item (by BOFE)
iam-manager should have an endpoint to store successful auth
customer calls from a (un)registered phone number (not from the app)
there will be a fixed number of questions stored in iam-manager
BOFE will fetch the randomly selected questions (passing the number of questions needed)
CC agent will check manually the customer’s answer
iam-manager should have an endpoint to store successful auth
Nikko’s document:
Customer calling through the SaFi Bank mobile app:
This is a fully verified customer
No need for verification
Assist the customer immediately
Restrictions:
After successful verification, agent can share account information with the CX.
There will be transactions customer service agents can perform in behalf of the CX eg: upgrade/ downgrade of plans, Call Center agents can’t transfer funds in behalf of the CX.
Customer calling outside of the SaFi Bank app but registered mobile phone
This is a partially verified customer
Two Security Questions must be asked by the CSA
Assist the customer upon successful verification
Restrictions:
After successful verification, agent can share account information with the CX.
There will be transactions customer service agents can perform in behalf of the CX eg: upgrade/ downgrade of plans, Call Center agents can’t transfer funds in behalf of the CX.
Customer calling from a non-registered phone
This is a non-verified customer
Establish Right Party contact with Three Verification Questions
Restrictions:
After successful verification, agent can share account information with the CX.
There will be transactions customer service agents can perform in behalf of the CX eg: upgrade/ downgrade of plans, Call Center agents can’t transfer funds in behalf of the CX.
Questions to verify calling customer
https://advancegroup.larksuite.com/file/boxusueUdH9cGBuh7PZsvDcctSd
As per the document, for customer with verified phone number, the 3 questions are:
How much was your last transaction?
Where is your place of birth?
How much money do you have in your main savings account?
And for customer with un-verified phone number, the questions will be:
When was your last transaction?
How much was the amount involved in that last transaction?
Where is your place of birth?
How much money do you have in your main savings account?
When is your birthdate?
When the question is answered, the correct answer should also be displayed in BOFE
Nice to have feature: record the customer’s answer (one by one) in BOFE
Proposal is that IAM is storing this authentication result because BOFE will need the calling customer status (tied to Genesis interaction ID)
UI requirements: https://www.figma.com/file/dkDQHRa1zq7tU58MiL6hBR/SaFi---UI---MVP-(Shared)?node-id=13899%3A83244 create UI for Authenticating Calling customer, use Authenticate CC agent as reference
Process flow: n/a
Execution steps: n/a
Internal dependencies: Back Office, Authorized Call to Genesys https://safibank.atlassian.net/l/cp/eaTVy0xE https://safibank.atlassian.net/l/cp/5nZwLdPn
External dependencies: OKTA
Acceptance criteria: TBD
Links to wireframes/UI: https://www.figma.com/file/dkDQHRa1zq7tU58MiL6hBR/SaFi---UI---MVP-(Shared)?node-id=13899%3A83244 TODO: adjust to the use case
Technical Analysis
Protections: /customer-verification/support-call
should be LEVEL1 signature, all the other endpoints should be service2service only
The security questions are the following (in this order - this is important for the agent)
3 questions when phone number is verified:
How much was your last transaction?
Where is your place of birth?
How much money do you have in your main savings account?
5 questions when phone number is not verified (orange denotes new questions):
When was your last transaction?
How much was the amount involved in that last transaction?
Where is your place of birth?
How much money do you have in your main savings account?
When is your birthdate?
Note, data for verifying the above questions should be collected from other domains and sent to BO (this is the verify data
above).
Attachments:
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599.png (image/png)
plantuml_1667369141599.svg (image/svg+xml)
plantuml_1667369141599 (text/plain)
plantuml_1667369141599.png (image/png)