Genesys Cloud - Main

 View Only

Sign Up

  • 1.  Best practice for identity verification using Bot Flow + Secure Call Flow

    Posted 3 days ago

    Hi everyone,

    We're currently designing a voice-based identity verification experience in Genesys Cloud and would appreciate some guidance on the recommended architecture.

    Our goal is to verify a caller before they reach an agent. The information we need to validate is:

    • ID number
    • Full name
    • Date of birth (DOB)

    Because DOB is sensitive, we don't want it to be stored or exposed in transcripts, so we're planning to collect it in a Secure Call Flow.

    Our current thinking is:

    1. Inbound Call Flow
    2. Call Bot Flow to collect the ID number and full name
    3. Store these values as Participant Data
    4. Return to the Inbound Call Flow
    5. Transfer to a Secure Call Flow
    6. Retrieve the Participant Data
    7. Collect DOB securely
    8. Call a Data Action to validate the details
    9. Transfer to ACD

    One concern we have is capturing full names accurately. In a previous project, we built a voice bot that routed callers to different phone numbers, and we found that speech recognition for names could be inconsistent, particularly with Australian and international names.

    I'm interested to hear how others have approached this.

    • Do you capture the caller's full name by voice, or do you avoid this altogether?
    • Would you recommend looking up the caller by ID number first and then asking them to confirm the retrieved name instead of asking them to speak it?
    • Has anyone implemented a similar Bot Flow → Secure Call Flow design for identity verification?
    • Are there any best practices or lessons learned that you would recommend?
    • For this type of identity verification use case, would you recommend a Bot Flow or a Virtual Agent (VA), and why? Also, is there a better overall approach than the architecture we've outlined above?

    Thanks in advance for any advice or suggestions!


    #ConversationalAI(Bots,VirtualAgent,etc.)

    ------------------------------
    Phaneendra
    Technical Solutions Consultant
    ------------------------------


  • 2.  RE: Best practice for identity verification using Bot Flow + Secure Call Flow

    Posted 3 days ago

    Hi Phaneendra,

    I suggest going with caller name lookup from the CRM. The reason is that people may pronounce certain names differently due to accents, and the system might not recognize them correctly.

    By using the CRM lookup, accents don't become an issue the customer only needs to confirm with a simple "yes" or "no."

    I'm still interested to hear what others think about this approach.

    Thanks



    ------------------------------
    Yogesh Mungekar
    (GCX-ARC, GC-GCP)
    I mostly available in IST time
    ------------------------------



  • 3.  RE: Best practice for identity verification using Bot Flow + Secure Call Flow

    Posted 3 days ago

    Hi Yogesh,

    Thanks, that makes sense and I can definitely see the benefit of looking up the caller by ID number first and then confirming the name with a simple yes/no.

    One thing I was considering is that our agents currently ask the caller to state their full name as part of the verification process, rather than reading it back to them. I was wondering if there are any security or identity verification considerations with reading the name from the CRM first, or if this is generally considered best practice for voice bots.

    My only concern is that we don't want to introduce a loophole where someone who knows another person's ID number could simply answer "yes" when the bot reads back the name. Has anyone addressed this in their implementation, or do you rely on additional verification (such as DOB in a Secure Call Flow) to mitigate that risk?

    Interested to hear how others have approached this.



    ------------------------------
    Phaneendra
    Technical Solutions Consultant
    ------------------------------



  • 4.  RE: Best practice for identity verification using Bot Flow + Secure Call Flow

    Posted 2 days ago

    Hi Phaneendra,

    To strengthen overall security, I would recommend implementing a One-Time Password (OTP) mechanism, which can be delivered through mobile numbers, email accounts, or via authenticator-based push notifications. These methods provide an additional verification layer, ensuring that access is granted only after successful identity confirmation. While this approach significantly enhances protection against unauthorized access, it is important to note that such measures may introduce additional costs related to implementation, integration, and ongoing maintenance.

    Thanks



    ------------------------------
    Yogesh Mungekar
    (GCX-ARC, GC-GCP)
    I mostly available in IST time
    ------------------------------



  • 5.  RE: Best practice for identity verification using Bot Flow + Secure Call Flow

    Posted 2 days ago

    Hi Yogesh,

    Thanks for the suggestion. We already use OTP as part of our authentication and account reset process.

    What we're trying to solve here is whether there is a reliable way for the voice bot to ask the caller for their full name, then use a Data Action to compare the recognised name against the value stored in our CRM. We'd then use a Secure Call Flow to collect and verify the DOB.

    We're interested to hear if anyone has implemented a similar approach or if there are any best practices for handling name recognition and comparison.



    ------------------------------
    Phaneendra
    Technical Solutions Consultant
    ------------------------------



  • 6.  RE: Best practice for identity verification using Bot Flow + Secure Call Flow

    Posted 2 days ago

    We are doing something similar for the name capture. We ask for their identifying account number and retrieve the details associated. In some cases there are multiple users associated to the account. If we need to distinguish who we are speaking to, we ask them to speak their name into a bot flow.

    We then pass this name (transcribed by the bot), along with the possible correct values (the valid names on the account) to a Lambda function. We use a combination of fuzzy matching and AI (Bedrock) to see if the name spoken matches against any of the 'correct' answers. Fuzzy match first to look for e.g. 'John Smith' -> 'John Smyth', if no confident match then we ask the AI, to try and distinguish against e.g. 'Dr Roberts' vs 'Thomas Roberts', etc.

    If neither provides a confident match then we reject.



    ------------------------------
    James Dunn
    Telecoms Specialist
    ------------------------------



  • 7.  RE: Best practice for identity verification using Bot Flow + Secure Call Flow

    Posted 2 days ago

    Hi James,

    Thanks, this is really helpful and very close to what we're trying to achieve.

    Do you think a similar approach would work using a Genesys Cloud Function instead of an AWS Lambda, with the function handling the fuzzy name matching before returning the result to the Bot Flow?

    Thanks again for sharing your implementation!



    ------------------------------
    Phaneendra
    Technical Solutions Consultant
    ------------------------------



  • 8.  RE: Best practice for identity verification using Bot Flow + Secure Call Flow

    Posted 2 days ago

    Truthfully, I've not used Genesys Cloud functions as I'm not proficient at JS, but I understand them to be essentially compartmentalised Lambda functions inside GC, so I don't see why not.

    For us the Lambda made sense, we already have the integration, and it allows easy calls to Bedrock.

    The steps in the Lambda we are using are summarised below (used AI to document it). There is logic for handling ambiguity, exact matches, partial matches etc.

    Matching Strategy (three-stage pipeline):
        Stage 1 - Fuzzy String Matching
            Fast, deterministic, zero-cost. Handles minor transcription errors,
            punctuation differences, and character-level noise.
            e.g. "Jon Smyth" → "John Smith" (typo/transcription tolerance)

        Stage 2 - Nickname Expansion (local lookup table)
            If Stage 1 finds no confident match, the spoken first name is expanded
            into known common variants (e.g. "Robert" → ["Bob", "Rob", "Bobby"]).
            Each variant is then re-run through fuzzy matching against the contact
            list. Handles the majority of English nickname cases at zero cost/latency.
            e.g. "Robert Jones" → tries "Bob Jones", "Rob Jones" etc.

        Stage 3 - LLM Fallback via Amazon Bedrock (Nova Lite)
            Only reached if Stages 1 and 2 both fail. Invokes the Bedrock model
            with the spoken name and contact list injected into a structured prompt.
            The model is constrained to return ONLY a Contact ID from the
            provided list (or "NO_MATCH"), eliminating hallucination risk.
            e.g. unusual names, cultural variants, heavily accented transcriptions.



    ------------------------------
    James Dunn
    Telecoms Specialist
    ------------------------------