A mechanism for customer service with security and privacy is provided. In a support service scenario for products or services, a determination is made based on an interaction with a customer that additional verification is needed. An authentication code is communicated to the customer via a mode chosen by the customer. At the same time, a hash of the authentication code is stored along with session and customer details. The customer is prompted to provide the authentication code and a hash of the provided authentication code is compared to the hash of the authentication code that was stored with the session and customer details. If the hashes match, it can be presumed that the agent is communicating with the correct customer and customer details are revealed. If the hashes do not match, the agent does not see any private customer details.