They fail because the answers are often discoverable, reusable, or inferable from breached data and public sources. Once an attacker can answer static questions or imitate a voice, the call center becomes a trust shortcut. Stronger identity assurance must rely on cryptographic proof, device-bound signals, or risk-based step-up controls.
Why This Matters for Security Teams
Knowledge-based call center checks are failing because they treat identity as a memory test instead of a proof problem. Static questions are often mined from breaches, public records, social media, and data broker ecosystems, so the “secret” is no longer secret. That makes these checks especially weak when attackers combine social engineering with phone spoofing or voice imitation. The NIST Cybersecurity Framework 2.0 frames this correctly: identity assurance has to support risk-based access decisions, not just scripted verification.
For NHI Management Group, the deeper issue is that call centers often become a trust shortcut inside a broader identity stack that already lacks device binding, transaction context, or cryptographic verification. Once an attacker clears the human gate, downstream account recovery, number porting, password resets, and token reissuance can collapse quickly. The DeepSeek breach is a reminder that exposed secrets and sensitive records are not edge cases anymore; they are the raw material attackers use to answer “knowledge” prompts convincingly. In practice, many security teams discover the weakness only after account takeover has already moved from the call center to the customer’s mailbox.
How It Works in Practice
Effective call center assurance shifts from “what do you know?” to “what can you prove right now?” That usually means layering stronger signals before any high-risk action is approved: device reputation, SIM change history, prior authenticated sessions, callback validation to a known number, and step-up checks that are proportional to the request. Where policy maturity is higher, teams also use cryptographic proof, signed device assertions, or out-of-band approvals for account recovery and payment changes. The NIST Cybersecurity Framework 2.0 is useful here because it encourages governance around identify, protect, and respond activities rather than one-off scripts.
In NHI terms, the target is to reduce dependence on reusable knowledge factors and replace them with signals that are harder to replay. That is where current guidance suggests pairing human review with system-backed evidence. For example:
- Use verified device or session context before allowing account recovery.
- Require risk-based step-up when the request changes contact details, resets MFA, or unlocks financial controls.
- Prefer one-time, expiring verification over permanent challenge answers.
- Log the full decision path so fraud teams can review patterns across calls.
This aligns with the broader lessons in the DeepSeek breach and the research covered in LLMjacking: How Attackers Hijack AI Using Compromised NHIs, where exposed credentials and identity shortcuts accelerate abuse. These controls tend to break down when recovery workflows are outsourced, highly scripted, or designed for speed above assurance, because fraudsters can pre-stage enough personal data to defeat human judgment.
Common Variations and Edge Cases
Tighter call center verification often increases customer friction and operational cost, so organisations have to balance fraud resistance against abandonment, accessibility, and support burden. There is no universal standard for this yet, but best practice is evolving toward risk-based paths rather than a single fixed challenge set. For low-risk service requests, lighter checks may be appropriate. For password resets, payout changes, or SIM swaps, stronger assurance is warranted.
Edge cases matter. Elderly users, shared-phone households, travellers, and customers with limited digital access can struggle with device-based verification, so recovery paths need alternatives that do not collapse back into weak knowledge checks. Likewise, if fraud teams rely on one static answer set across years, those answers become enterprise-wide liabilities. The The State of Secrets in AppSec research shows how often organisations overestimate their control over sensitive data; that same confidence gap appears in call center identity. The practical lesson is simple: if a call center can approve a high-impact action using information that was probably exposed somewhere, it is not identity assurance, it is convenience theatre.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10, OWASP Agentic AI Top 10 and CSA MAESTRO address the attack and risk surface, while NIST AI RMF and NIST CSF 2.0 set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | Static knowledge checks are a weak non-human style trust shortcut for identity proof. |
| OWASP Agentic AI Top 10 | Agentic-style runtime trust decisions map to dynamic, context-based verification. | |
| CSA MAESTRO | MAESTRO emphasizes context-aware controls for autonomous and adaptive decision paths. | |
| NIST AI RMF | AIRMF governance supports accountable, risk-based decisions for identity-related automation. | |
| NIST CSF 2.0 | PR.AA-1 | Identity assurance is central to verifying callers before privileged actions. |
Replace reusable knowledge factors with stronger proof signals and shorten the trust window for recovery actions.