PCI Compliant Payment Processing
If you process credit card payments over the telephone in your contact centre you must comply with the Payment Card Industry Data Security Standards (PCI DSS). PCI DSS is an internationally recognised set of technical and operational requirements designed to protect cardholder data.
If your contact centre fails to comply with PCI-DSS, you run the risk of non-compliance, huge fines alongside irreparable reputational damage.
PCI DSS compliance also governs wider industry compliance such as the Financial Conduct Authority and their recent guidance on the Control of Third Party IT Suppliers, which extends to the protection of customer information, ultimately PCI DSS controls.
Failure to adequately protect customer card detail could see a fine of unlimited turnover, or even an FCA licence revoke, an even bigger issue if you are an appointed representative, as it would ultimately involve the revoke of the parent main licence, not just your own ability to operate.
The PCI DSS guidelines make clear that no credit card information should be stored in any format, encrypted or otherwise. Businesses are also advised to implement technologies that require no manual intervention whatsoever from staff, ensuring customer card details are protected at all times.
Business who successfully achieve above effectively remove themselves from the scope of PCI DSS.
Agentless Payment Processing for PCI DSS
Our PCI DSS compliant payment processing solution completely removes your business from the scope of PCI DSS.
Card details are never processed audibly, or made visible to your staff. They are never recorded during telephone conversations, recorded from screen recording captures, processed, stored or transmitted on your network.
Not only are customers able to process their card details from the security of their own telephone handset, staff also remain live on call to talk the customer throughout the entire process without ever having access to view any cardholder data.
For even greater security, all of the key presses at the customer side, whilst hidden from view on screen, are also masked and encrypted via suppression of the DTMF (Dual Tone Multi-Frequency) tones.
Secure your payment processing for PCI DSS ensuring customer payment card details are never disclosed, enhancing customer experience & security throughout the call
Customers can also automate their payment processing with our Interactive Voice Response (IVR) payment solutions which allow self-serve access for customers anytime 24/7 to make payments from their telephone keypad, satisfying the needs of customers who prefer to pay by phone any time of the day, even when business is closed.
Access to make payments is immediate and easy for customers, reducing inbound wait times (“Press 1 to Pay” Options), processing costs as well as improving customer service. Self-serve, on-demand access to the payment service ensures customers can pay at any of time of day, wherever they, in any language, minimising the possibility of missed or late payments.