Thought Leadership

Why AI Support Hallucinates (And How to Prevent It)

AI support tools confidently give wrong answers. Here's exactly why it happens — token prediction, retrieval failures, context pollution — and what actually reduces it.

Omniops TeamAI Engineering Team30 January 202616 min read

The Problem Nobody Talks About

Your AI support just told a customer that returns are accepted within 90 days. Your actual policy is 30 days.

The customer believed it. Why wouldn't they? The response was confident, articulate, and completely wrong.

This is hallucination — when AI generates plausible-sounding information that isn't true. It's not a bug. It's a fundamental consequence of how large language models work. And if you're deploying customer-facing AI support, you need to understand it at a technical level — not just as a buzzword, but as a failure mode with specific causes and specific countermeasures.

What's Actually Happening Inside the Model

To understand hallucination, you need to understand what a large language model is actually doing when it generates a response. It's not looking things up. It's not reasoning from facts. It's predicting the next token.

Token Prediction: The Root Mechanism

A large language model (LLM) like GPT-4 or Claude is, at its core, a probability engine. Given a sequence of tokens (words, word fragments, or characters), it calculates the probability distribution over all possible next tokens and picks one. Then it does it again. And again. One token at a time, thousands of times per response.

When you ask "What's your return policy?", the model doesn't retrieve your return policy. It generates a sequence of tokens where each token is the statistically most likely continuation of the preceding tokens. After generating "Our return policy allows returns within," the model needs a number. It has seen thousands of return policies in its training data. "30" is common. "60" is common. "90" is common. It picks whichever continuation scores highest based on the patterns learned during training — and the patterns from your specific business are absent from that training data.

This is why hallucinated information is always fluent and never garbled. The model is excellent at producing well-formed language. It's not designed to be factually correct about your particular business — it's designed to predict plausible next tokens.

Why the Model Can't Say "I Don't Know"

This is the part that trips people up. If the model doesn't know your return policy, why doesn't it say so?

Because "I don't know" is rarely the most probable next token. In training data, questions are almost always followed by answers — not admissions of ignorance. The model has been optimised (through both training and reinforcement learning) to be helpful, which means providing answers. When it doesn't have the right answer, it provides a plausible one instead.

Think of it like a very well-read employee who's never worked at your company. Ask them your return policy and they won't say "I have no idea." They'll say something reasonable-sounding based on their general knowledge of e-commerce. That's exactly what the model does.

The Confidence Problem

Hallucinations are particularly dangerous because they're delivered with the same tone and certainty as correct responses. The model doesn't hedge. It doesn't say "I'm not sure, but maybe returns are 90 days." It says "Our return policy allows returns within 90 days" with the same syntactic confidence as "The sky is blue."

There's no internal "confidence meter" that reliably corresponds to factual accuracy. A model can be maximally confident about a completely fabricated claim. This is fundamentally different from a database lookup, where the system either has the data or returns an error. LLMs don't have a "data not found" state.

The Five Types of Hallucination in Customer Support

Not all hallucinations are the same. Understanding the specific types helps you build targeted defences.

Type 1: Fabricated Policies

The most damaging type. The model generates specific policy details — return windows, warranty terms, shipping costs, cancellation procedures — that don't exist or are wrong.

Example: "Yes, we offer free returns within 60 days, and we'll cover the return shipping cost." (Your actual policy: 30-day returns, customer pays shipping.)

Why it happens: The model has seen thousands of return policies and generates a composite. Without access to your specific policy document, it pattern-matches from training data.

Type 2: Invented Product Details

The model describes product features, specifications, or availability that are fabricated.

Example: "The Model X comes in three colours: black, silver, and midnight blue, and includes a 3-year warranty." (You don't sell a "Model X," and you've never offered midnight blue.)

Why it happens: Product names and specifications are heavily represented in training data. The model can construct plausible-sounding product descriptions for products it's never encountered.

Type 3: Confident Wrong Answers to Factual Questions

The model answers a factual question about your business with incorrect but authoritative-sounding information.

Example: "Our London office is located at 42 Baker Street." (You don't have a London office.)

Why it happens: The model fills information gaps with plausible data. London offices exist on Baker Street; the model generates a plausible address rather than admitting it doesn't know.

Type 4: Extrapolated Promises

The model makes commitments that go beyond what your business offers, extrapolating from what similar businesses do.

Example: "I've escalated your case to a senior representative who will call you within 2 hours." (Your support team doesn't make outbound calls.)

Why it happens: The model has seen thousands of support conversations where agents make such promises. It replicates the pattern without understanding whether your business operates that way.

Type 5: Blended Context Hallucination

When the model has partial information, it fills gaps by blending your actual content with training data patterns, creating responses that are partially correct and partially fabricated.

Example: Your FAQ says "Free shipping on orders over £50." The model responds: "We offer free shipping on orders over £50, and express delivery for £4.99." (The £50 threshold is correct. The £4.99 express rate is fabricated.)

Why it's the most insidious: The response contains verifiable correct information, which makes the fabricated parts harder to catch. The customer sees the correct shipping threshold, trusts the source, and accepts the fabricated express rate as fact.

Why RAG Helps — and Where It Falls Short

Retrieval-Augmented Generation (RAG) is the most effective single technique for reducing hallucination. Instead of relying on the model's training data, RAG retrieves relevant information from your actual documents before generating a response. For a deeper technical explanation, see our guide to RAG for AI chatbots.

Here's how RAG works in practice:

  1. Customer asks: "What's your return policy?"
  2. The system converts that question into a vector embedding — a mathematical representation of its meaning
  3. That embedding is compared against vector embeddings of your knowledge base content
  4. The most semantically similar content chunks are retrieved (e.g., your returns page)
  5. Those chunks are injected into the model's context alongside the customer's question
  6. The model generates a response based on the retrieved content

When RAG works well, it grounds the model's response in your actual documentation. The model sees your real return policy in its context and generates from that, not from training data patterns.

Where RAG Fails

RAG is necessary but not sufficient. Here are the specific failure modes:

Retrieval failure — wrong documents retrieved. The embedding search might return your shipping policy when the customer asked about returns. Semantic similarity is approximate; "return shipping" and "shipping returns" have very different meanings but similar embeddings. If the wrong documents are retrieved, the model will generate confident answers from irrelevant content.

Retrieval failure — no relevant documents exist. If your knowledge base doesn't cover a topic, there's nothing to retrieve. The model is back to training data patterns. A customer asking "Do you do corporate discounts?" will get a hallucinated answer if your knowledge base says nothing about corporate pricing.

Context pollution. Even when the right documents are retrieved, the model might blend retrieved content with its own training data. You retrieve a chunk saying "Returns within 30 days." The model has seen thousands of return policies with 60- and 90-day windows. It might generate "Returns within 30-60 days" — blending your actual policy with training data patterns.

Context window overflow. If too many documents are retrieved, the model's context window fills up. Research shows that models struggle to use information in the middle of long contexts (the "lost in the middle" phenomenon). Critical policy details buried in a wall of retrieved text may be ignored.

Outdated content. RAG is only as good as your knowledge base. If your return policy changed last month but the knowledge base still has the old version, RAG will ground the model in outdated information. This is technically correct retrieval but functionally a hallucination from the customer's perspective.

Cross-document contradiction. Your FAQ says "Free returns within 30 days." Your terms of service says "Returns accepted within 14 days of delivery." Which one does the model use? Often, it picks whichever appears first in context — or worse, it averages them into something neither document says.

The Retrieval Quality Threshold

Not all RAG implementations are equal. The difference between a well-tuned RAG pipeline and a naive one can be a 40-50% difference in hallucination rate. Key factors:

  • Chunk size: Too small (50 tokens) loses context. Too large (2000 tokens) dilutes relevance. Sweet spot is typically 200-500 tokens with overlap.
  • Embedding model quality: Better embedding models produce more accurate semantic matches. The difference between a basic embedding model and a state-of-the-art one is measurable in retrieval precision.
  • Re-ranking: After initial retrieval, a re-ranking model scores results for relevance. This catches cases where the embedding search returned topically related but not actually relevant content.
  • Similarity threshold: Setting a minimum similarity score prevents the system from using loosely related content. If nothing scores above 0.7, it's better to say "I don't have that information" than to generate from marginally relevant content.

For more on how vector embeddings power this retrieval process, see our vector embeddings guide.

Practical Mitigation Strategies

Strategy 1: Confidence Scoring and Thresholds

Implement a scoring system that estimates response reliability before sending it to the customer.

How it works in practice:

The system evaluates two scores: retrieval confidence (how well the retrieved documents match the question) and generation confidence (how closely the response aligns with the retrieved content). If either score falls below a threshold, the response is either suppressed, flagged for review, or replaced with a safe fallback.

Retrieval confidence: Measured by the similarity score between the question embedding and the top retrieved documents. If the best match scores 0.4 out of 1.0, the system doesn't have relevant content and shouldn't attempt an answer.

Generation confidence: Measured by checking whether claims in the response can be traced back to the retrieved documents. A response that introduces new information not found in any retrieved document is flagged as potentially hallucinated.

Setting thresholds: Start conservative (high thresholds, more escalation) and loosen over time as you observe accuracy. It's better to escalate 30% of conversations to humans than to hallucinate in 10% of them.

Strategy 2: Grounding with Source Citation

Force the model to cite which document supports each claim. This doesn't prevent hallucination, but it makes hallucination detectable.

Implementation:

  • System prompt instructs the model to reference specific sections of retrieved content
  • Post-processing checks whether cited sections actually exist and contain the claimed information
  • Responses with unverifiable citations are flagged or blocked

Why it works: When the model must cite sources, it's constrained to information that actually exists in your knowledge base. It can still misinterpret cited content, but it can't fabricate information from nothing while also producing a valid citation.

Strategy 3: Scope Limitation

Explicitly restrict the model to answering questions within defined topic boundaries. If a question falls outside the knowledge base scope, the system should acknowledge the limitation rather than attempt an answer.

Implementation:

  • Define topic categories covered by your knowledge base (products, shipping, returns, hours, contact)
  • Classify incoming questions into categories before retrieval
  • If a question doesn't match any category, respond with "I don't have information about that, but I can connect you with someone who does"
  • This prevents the model from generating answers about topics it has no source material for

Strategy 4: Human Escalation Triggers

For high-stakes topics, route to human agents automatically. This is especially critical for topics where wrong information has financial or legal consequences.

Escalation triggers should include:

  • Questions about refunds, compensation, or account credits
  • Legal or regulatory questions (GDPR requests, accessibility, complaints)
  • Questions where the model's response contradicts known policies
  • Low confidence scores on any response
  • Customer frustration signals (repeated questions, negative sentiment)

Designing effective escalation is its own discipline. Our guide on when to escalate from AI to human support covers this in detail.

Strategy 5: Claim Detection and Verification

Build automated checks that identify specific, verifiable claims in model responses before they reach the customer.

What to check:

  • Numbers: Prices, percentages, timeframes, quantities. Any number in a response should match a number in the retrieved documents.
  • Proper nouns: Product names, locations, people. Verify they exist in your catalogue or documentation.
  • Commitments: "We will," "you can," "we guarantee." These promise-language patterns should be cross-referenced against actual service capabilities.
  • Negations: "We don't charge," "there's no fee." Verify the absence claim matches your actual policies.

Automated claim detection catches the most damaging hallucination types — fabricated prices, invented products, and false promises — before they reach customers.

Strategy 6: Content Quality (The Most Underrated Factor)

The biggest factor in hallucination rate isn't the AI model — it's your content. Comprehensive, specific, up-to-date documentation gives RAG systems better material to work with.

If your FAQ says "returns accepted per our policy" instead of "returns accepted within 30 days of purchase, in original packaging, with proof of purchase," the AI has nothing specific to retrieve. Vague content leads to hallucinated specifics because the model fills in the gaps.

Content audit checklist:

  • Does every policy include specific numbers, dates, and conditions?
  • Are there any topics customers frequently ask about that aren't covered in the knowledge base?
  • Do any documents contradict each other?
  • When was each document last updated?
  • Is the content written in plain language the model can parse accurately?

Our guide to optimising your knowledge base for AI covers content structuring in detail.

The Scale of the Problem — and the Realistic Expectation

Research suggests hallucination rates vary significantly based on implementation:

  • Baseline models (no grounding): 15-25% of responses contain fabricated information
  • With basic RAG: Hallucinations drop by 42-68%
  • With advanced grounding and guardrails: Up to 89% factual accuracy in domain-specific applications
  • Combined approaches (RAG + RLHF + guardrails + claim detection): Up to 96% reduction in hallucination

For customer support specifically, even a 5% hallucination rate means 1 in 20 customers gets wrong information. At 1,000 conversations per day, that's 50 incorrect responses. Some will be harmless (wrong colour described for a product image), some will be costly (wrong refund amount promised).

The realistic expectation: With current technology, zero hallucination is not achievable. The goal is to reduce the rate below the threshold where the cost of occasional errors is outweighed by the value of AI handling the other 95%+ of conversations correctly — and to ensure that when hallucinations do occur, they're caught quickly and corrected.

Building a Defence-in-Depth System

No single technique eliminates hallucinations. The most reliable systems layer multiple strategies:

Layer 1: Content Quality

  • Complete, specific, up-to-date knowledge base
  • No contradictions between documents
  • Regular content audits

Layer 2: Retrieval (RAG)

  • High-quality embeddings with appropriate chunk sizes
  • Re-ranking for relevance precision
  • Similarity thresholds to prevent low-quality retrievals

Layer 3: Generation Constraints

  • Source citation requirements
  • Scope limitation to known topics
  • System prompts that instruct "only answer from provided context"

Layer 4: Post-Generation Verification

  • Claim detection (numbers, names, commitments)
  • Confidence scoring
  • Contradiction checking against source documents

Layer 5: Human Backup

  • Automatic escalation for high-stakes topics
  • Low-confidence response routing to human review
  • Customer-initiated escalation always available

This defence-in-depth approach catches hallucinations at multiple stages. A fabricated policy that slips past retrieval grounding gets caught by claim detection. A low-confidence response that passes claim detection gets caught by the escalation trigger. No single layer is perfect, but the combined system is substantially more reliable than any single technique.

What This Means for Your Business

Accept the Reality

If you're deploying AI customer support, some hallucinations will occur. The businesses that succeed aren't the ones who pretend hallucinations don't exist. They're the ones who build systems assuming hallucinations will happen and catch them before they cause damage.

Monitor Relentlessly

Review AI conversations regularly. Look for specific claims about policies, products, prices, or timeframes. Look for promises about what the company will do. Look for anything that sounds confident but might be wrong.

Build feedback loops: let agents flag incorrect AI responses, track correction rates, and use that data to improve both the model's prompts and your knowledge base content.

Have a Correction Process

When hallucinations happen — and they will:

  1. Acknowledge the error to the customer promptly and honestly
  2. Provide the correct information
  3. Trace why it happened (content gap? retrieval failure? model error?)
  4. Update systems to prevent recurrence
  5. Document the case for pattern analysis

The response to mistakes matters more than perfection.

Set Customer Expectations

Consider transparency about AI involvement. Customers who know they're talking to AI are more likely to verify important information independently. A simple disclosure — "I'm an AI assistant. For policy confirmation, I can connect you with our support team" — sets appropriate expectations without undermining trust.

Questions to Ask Your AI Support Vendor

If you're evaluating solutions:

  1. What RAG implementation do you use? How are documents chunked, embedded, and retrieved?
  2. What's your measured hallucination rate? On what benchmarks? With whose content?
  3. How do you handle low-confidence situations? Escalation? Refusal? Fallback response?
  4. What claim verification do you perform? How are numbers, prices, and policy details checked?
  5. How do you detect content gaps? What happens when a customer asks about something not in the knowledge base?
  6. What monitoring tools do you provide? Can you review AI conversations and flag errors?
  7. How do you prevent cross-document contradictions? What happens when two sources disagree?

Vendors who can't answer these questions clearly either don't understand the problem or haven't addressed it. Neither is acceptable for customer-facing AI.

The Path Forward

Hallucination is a manageable problem — not through elimination, but through reduction, detection, and response.

Current best practices achieve 90%+ factual accuracy. Models improve. Retrieval gets more precise. Grounding techniques mature. The trajectory is toward higher reliability, not perfection.

The question isn't whether to use AI support despite hallucination risk. It's how to deploy it responsibly: with layered safeguards, honest expectations, continuous monitoring, and a correction process for when things go wrong.

The technology is powerful. Use it with eyes open.

aihallucinationragchatbotsaccuracy

Ready to stop answering the same questions?

30-day no-contract trial. £250/month for the first 10 founding places, then £500. Setup in about a week.

See pricing