carrotjuice

An observation, and a bit of a rant.

I’ve had several interactions with the GGL helpline in recent weeks.

It’s fair that for every new interaction, I’m asked to confirm my name, BAEC number, email address, first line of my address with postcode, and last 4 digits of my saved credit card and expiry date. After all BA is presumably extra cautious after the data breach incident of some years back.

But there was an occasion, while I was mid-conversation with someone, the line got abruptly terminated, I called back right after and spoke to the SAME person (who recognised me immediately, and was fully aware that the line was dropped barely 2 minutes earlier) - yet she required me to go through the rigmarole of repeating the same verification information.

And on another occasion, after hanging up the phone with another person, I noticed that he had typed my email address for a booking incorrectly (even though my email address was recorded correctly in my BAEC account, and I had earlier confirmed that he should use that for all booking related correspondences). So I immediately called back, and got through to the SAME person, who again recognised me (after all we only just spent the past 40 minutes in a conversation to make the booking). He clearly understood that he’s made a typo error - yet required me to go through the same security verification the second time round before he would correct an error - that he had personally made!

Do operational procedures trump common sense these days?

drwook

It's possible all calls are recorded, and any call recording without identity confirmation could go against the agent if later a complaint were made or it was otherwise pulled for some kind of QA/audit/review.

IkarosBOS

NO. Common sense is not a value of our times. (and not just for poor BA, which wishes these were its bigger issues)
Same grotesque experiences here, over and over. The tedious process is a reason for me being averse to calling, ending up forgetting to even use the jokers, some years

IkarosBOS

duplicate post

carrotjuice

But surely, if someone audits the call, the agent could “link” the current conversation to a previous one, furthermore it would’ve been obvious from the conversation itself that it’s a continuation of a conversation between the same people within a short space of time.

corporate-wage-slave

BA has been fined for data protection breaches. I'm quite sure that agents have been firmly instructed to do a full Know Your Client stage at the start of each contact, so there won't be any optionality on this. Can you imagine BA setting out a Work Instruction saying "oh but don't bother with all of the above if the line drops"? Now my telephone system seems a bit more robust than some other FTers, but on the one occasion I had a dropped line, the security questions second time around took a few seconds. Personally this issue is not not a ditch in which I would be prepared to expire.

carrotjuice

It’s silly from a customer experience point of view. Systems dictating behaviour, instead of designing systems and customer experience that work with the intended spirit of the policy.

binman

It time they came up with a better system but I am full behind GDPR and data protection. The pressure should be to provide a system that is both secure and customer focused.

data protection protect me and I am grateful for it

dougzz

Agreed. I don’t like what they do now as I feel I’m gifting too much info to a random on the phone. A better system would be to offer digits from an authentication app.

Oxon Flyer

Agreed. Re-doing security after a call-centre line drops is SOP nowadays, so it's really not worth singling out BA for a rant. Rather surprised the OP hasn't encountered this already elsewhere.

Also bear in mind that your previous session with the agent would have been closed. Secure system design means that some personal information is not made available to the agent until you have 'cleared security' again with them, even if it's obvious who you are.

Kgmm77

”common sense” and “spirit of the policy” are demonstrably non-objective, unlearnable, a recipe for inconsistency and inevitably will result in further data breaches.

I do think the process could be smoother but the idea that you don’t need to re-verify is a non-runner. Not least because you are transferring the risk back to the staff member.

Greenpen

If you ring the DWP pension line more than once you will quickly realise that the security questions are always the same. Don’t do as I did once and answers the question before it’s asked, it will lead to tears and they won’t be one’s of joy!

fluffymitten

I think the lack of common sense with the KYC questions comes when they ask for a heap of personal data to be sent over unsecured email. I am most certainly NOT going to email name, dob, passport number & expiry, address, etc to them.

They should send a link to a secure form where you input that data so they can proceed with your enquiry.

South London Bon Viveur

Agree- and I am notoriously anti compliance admin, red tape, bureaucracy etc. but sometimes your damned if you do and damned if you don't and irritating as this no doubt was, I wouldn't be critical of BA here (particularly noting their recent data breach).

RichieMc

The data protection song and dance is nonsense. The lesson here is that if you want to modify, cancel or upgrade your cousin's colleagues' sister's former roommate's booking to first class, do it on the web. There you only need PNR and last name.

It's silly that I can't even just ask a general question unrelated to me or a specific booking on something like avios availibility on a given flight without giving a load of silly information. I once had to go through data protection 3 times on the same call: 1. to get the ball rolling and make changes to booking, 2. againwhen I got called back and 3. again on the call back to use a voucher that was attached to my name and BAEC number. This is a major reason that wait times have been so insane these last months, although things haave certainly gotten better lately.