Authentication secret coaching happens when agents instruct customers not to speak passwords, PINs, or other sensitive authentication information aloud during calls. Instead of asking customers to verbally provide passwords, security-conscious agents direct them to enter codes through phone keypad input, secure online portals, or other methods that do not involve speaking sensitive information over voice channels.
This signal identifies whether agents instructed customers not to speak authentication secrets aloud and redirected them to secure entry methods. It captures moments when agents prioritize security by protecting sensitive information from voice channel exposure.
Verbal transmission of authentication secrets creates multiple security risks that persist long after the call ends. Voice recordings containing passwords become high-value targets for internal and external bad actors. Call monitoring systems, quality review processes, and training programs all potentially expose spoken authentication information to individuals who should not have access to customer credentials.
Speaking passwords also violates security best practices that customers expect from professional organizations. When agents ask customers to say passwords aloud, it demonstrates poor security awareness and potentially trains customers to share sensitive information inappropriately in other contexts.
From a compliance perspective, verbal authentication secret handling creates audit findings in security assessments and regulatory reviews. Organizations that allow password verbalization often fail security control evaluations and face requirements for enhanced protection procedures.
Compass evaluates whether agents instructed customers not to speak authentication secrets aloud and provided alternative secure entry methods. This includes directing customers to keypad input for phone systems, secure online authentication portals, or other methods that protect sensitive information from voice channel exposure.
Security teams monitor authentication secret handling as a critical control metric. Verbal password transmission represents direct credential exposure that must be eliminated through training, procedure changes, and system enhancements that support secure authentication methods.
Compliance officers track authentication coaching rates in industries with specific data protection requirements. Healthcare, financial services, and other regulated sectors often mandate specific procedures for handling customer authentication information securely.
Quality assurance teams include authentication secret handling in security-focused evaluations because proper credential protection directly impacts organizational security posture and customer data protection effectiveness.
This signal is part of Chordia’s Compliance Monitoring capabilities.
We'll walk you through real interactions and show how each signal traces back to specific conversational evidence — so your team can act on what actually happened.
