PCI Compliant Payment Processing

PCI DSS – What is it?

If you process credit card payments over the telephone in your contact centre you must comply with the Payment Card Industry Data Security Standards (PCI DSS). PCI DSS is an internationally recognised set of technical and operational requirements designed to protect cardholder data.

If your contact centre fails to comply with PCI-DSS, you run the risk of non-compliance, huge fines alongside irreparable reputational damage.

PCI DSS compliance also governs wider industry compliance such as the Financial Conduct Authority and their recent guidance on the Control of Third Party IT Suppliers, which extends to the protection of customer information, ultimately PCI DSS controls.

Failure to adequately protect customer card detail could see a fine of unlimited turnover, or even an FCA licence revoke, an even bigger issue if you are an appointed representative, as it would ultimately involve the revoke of the parent main licence, not just your own ability to operate.

What does PCI DSS mean for your contact centre?

The PCI DSS guidelines make clear that no credit card information should be stored in any format, encrypted or otherwise. Businesses are also advised to implement technologies that require no manual intervention whatsoever from staff, ensuring customer card details are protected at all times.

Business who successfully achieve above effectively remove themselves from the scope of PCI DSS.

Agentless Payment Processing for PCI DSS

Our PCI DSS compliant payment processing solution completely removes your business from the scope of PCI DSS.

Card details are never processed audibly, or made visible to your staff. They are never recorded during telephone conversations, recorded from screen recording captures, processed, stored or transmitted on your network.

Not only are customers able to process their card details from the security of their own telephone handset, staff also remain live on call to talk the customer throughout the entire process without ever having access to view any cardholder data.

For even greater security, all of the key presses at the customer side, whilst hidden from view on screen, are also masked and encrypted via suppression of the DTMF (Dual Tone Multi-Frequency) tones.

Secure your payment processing for PCI DSS ensuring customer payment card details are never disclosed, enhancing customer experience & security throughout the call

Key benefits

  • Remove your business from scope of PCI DSS
  • Low cost, pence per transaction pricing
  • Integrated with any of our wider suite of contact centre products
  • API for real-time data exchange with CRM, Finance & Accounting, ERP software
  • Card Acquirer Agnostic
  • No Agent Exposure to Customer Card Details
  • Secure Key Press Capture DTMF Tone Masking & Encryption
  • Enhanced Customer Experience & Security
  • Agent Remains Live on Call Throughout
  • No Call Recording or Screen Recording Capture of Customer Payment Details

Interactive Voice Response (IVR) Payment Processing for PCI DSS

Customers can also automate their payment processing with our Interactive Voice Response (IVR) payment solutions which allow self-serve access for customers anytime 24/7 to make payments from their telephone keypad, satisfying the needs of customers who prefer to pay by phone any time of the day, even when business is closed.

Access to make payments is immediate and easy for customers, reducing inbound wait times (“Press 1 to Pay” Options), processing costs as well as improving customer service. Self-serve, on-demand access to the payment service ensures customers can pay at any of time of day, wherever they, in any language, minimising the possibility of missed or late payments.

Information Security & Compliance

Get in touch

To enquire about our products:

Call us

0141 280 0275

or hit the button below to fill in our contact form.

Get in touch

Explore our products

See all products