In a world where remote-working is reshaping the future of hiring, trust has never been more important.
Security, privacy and fraud prevention are critical essentials for any HR team. Data gathered from hiring is sensitive and fraught with the risk of security breaches. Hence, every protective measure needs to be taken to safeguard employee and candidate data, both for legal and ethical reasons.
The right technology helps protect HR data
HR technology providers must have the right systems in place. That’s why at Xref, to protect our clients’ trust, we have a security-first mindset.
With 11 years of experience under our belt, we help organisations worldwide to gather and assess reference checking feedback that empowers hiring teams to make insightful hiring decisions. For technology to work well and seamlessly, it’s important to ensure it is well integrated with existing HR processes; it’s much like putting together the pieces of a jigsaw puzzle.
Not all system integrations are equal, sometimes technology integrates seamlessly, and sometimes it doesn’t. Here’s a blog on communication tools used when reference checking and what businesses should opt for.
Emails and why they work well
For recruiters around the world, email is the go-to channel for HR communications. Communication sent via emails can easily be monitored via IP tracking technology.
Xref's ‘Unusual Activity’ algorithm exposes IP addresses and browser choices to identify geographic locations, devices and networks. For example, we can identify if a candidate or referee opens an email; this prevents referees from emailing reference checks back to candidates for completion. Our unusual activity algorithm monitors various data points in real-time to identify candidates and referees locations, what devices they use and the times at which they carry out a step in the process.
Xref not only flags any potentially fraudulent activity, it highlights the reasons for the flag being raised, such as the IP address of a candidate being the same as their referee, and offers the employer the opportunity to explore the issue further before it’s too late.
Another feature important to customers is the multi-language option. Candidates and referees using Xref can easily change language options making the reference check accessible and convenient to use. With Xref, you can send a reference request in English to a candidate who can read it in Spanish and then send it to two referees who speak German and French. Unfortunately, SMS (Short Message Service) technology currently doesn’t allow for an easy change of language settings, reducing the accessibility we worked so hard to provide on our platform.
Why SMS is not the ideal solution for reference checks
As convenient as they are, SMS (short message service) has a few drawbacks when compared with other forms of communication.
Before worldwide compliance laws became tighter, Xref piloted the use of SMS when requesting references. We learned some valuable lessons, one of the most important insights being that SMS slowed the reference checking process by adding another step.
From a user experience, people complain about over-communication so text messages and emails are not the ideal preference of referees.
On the technical side, using the SMS function has limitations, such as:
- The sender doesn't get notified when a mobile number has been entered incorrectly.
- There is no IP, device or geo-tagging information, which makes it hard to detect suspicious activity.
- It presents a risk of imitating spam, especially because links are included in the texts.
Why SMS reference checks put employers at risk of non-compliance
Security and compliance laws vary by country or territory; SMS technology is still a long way to go when it comes to data protection and data security which can put an employer at risk of non-compliance. Here are some reasons why SMS is not data compliant:
- There is a risk of exposing a candidate's job application through on-screen alerts and notifications.
- There is a higher probability of fraudulent references with no IP tracking in place as candidates can easily copy and send the unique links to friends or respond to the check from another mobile number.
- There is little or no visibility into bounce rates and delivery success, so employers don't know if their message has been delivered.
- Text messages add to the ‘spam’ candidates, and referees receive on their mobiles.
Unlike emails, it’s hard for service providers to track reference checks and provide real-time updates.
Xref’s commitment to security and compliance
Xref is relied on by thousands of organisations worldwide, including trusted entities like government, education, healthcare and not-for-profits. We are ISO27001 certified, SSL Secure and GDPR Compliant. We also have two-factor authentication to ensure that our client’s account is safe. We frequently test our security to ensure that we are providing the safest platform globally.
We never say never when it comes to creating the best possible experience for our clients. SMS is a great feature within our new Exit Survey platform and will also be used within our soon to be released Pulse Survey tool. For current employees, it acts as a complementary communication tool. For reference checking, it serves little purpose.
Over one million people have used our platform across 195 countries this year alone. Security, privacy, and deliverability literally mean the world to us, and customers love using Xref.
A key reason so many companies trust us is our commitment to maintaining security and privacy and detecting fraud. Fraud monitoring, privacy, availability of multi-language options and deliverability are all critical, which cannot be achieved with SMS technology. With our software solution, we empower great recruitment decisions businesses can trust to verify their hires, and candidates can rely on to help them reach their potential.