How a social engineering breach pushed one retailer to rethink caller verification and remove agents from the equation entirely.
Industry
Retail
Size
30K+ employees
Challenge
A social engineering attack exposed a critical gap in the retailer's service desk: agents were the last line of defense, relying on knowledge-based questions easily bypassed by a skilled impersonator. The company needed high-assurance identity verification that worked across 150+ countries, kept PII away from agents, and didn't slow password resets.
Solution
1Kosmos deployed remote caller verification that validates government-issued IDs and matches a live selfie to the document photo in real time. The platform went live in under three weeks with no heavy integrations. Agents receive a simple pass or fail notification with no PII exposed, removing them from the verification equation entirely.
The Breach
A single phone call exposed everything. An attacker posing as an employee called the service desk, answered a few knowledge-based questions, and convinced an agent to reset their credentials. The retailer's verification process had become a liability.
The incident made one thing clear: agents should never have been the last line of defense. Knowledge-based authentication is easily bypassed by anyone with enough research or social skill, and once an agent trusts the caller, there's no fallback.
A Different Approach
The retailer brought in 1Kosmos to rebuild caller verification from the ground up. Instead of putting agents in the position of judging whether a caller is legitimate, the platform handles identity validation electronically.
When an employee calls for a password reset, they receive a link via phone or email. Using any camera-equipped device, they scan a government-issued ID and capture a live selfie. The system validates the document, matches the photo to the selfie, and checks for signs of spoofing or deepfakes. The entire process takes less than a minute.
Agents Out of the Equation
The new workflow fundamentally changes the agent's role. They no longer ask security questions or make judgment calls about caller identity. Instead, they receive a simple pass or fail notification with no personally identifiable information exposed.
This approach eliminated the social engineering vulnerability while reducing friction for everyone involved. Agents move through calls faster, and employees complete verification without reciting personal details over the phone.
Built for Global Operations
The retailer operates across multiple countries and needed document coverage to match. 1Kosmos validates driver's licenses, passports, and national IDs across more than 150 countries, giving the company a single solution for its entire workforce.
From Vulnerability to Verification
The deployment took less than three weeks from start to finish, with no complex integrations or extended configuration. What began as a response to a breach became a permanent upgrade to service desk security, removing the identity gap that made the attack possible in the first place.
