01Mar, 2018

Contact Centre Solutions

AgentSecure: Your key to contact centre security and PCI DSS compliance

Despite customers having multiple options to interact and communicate with contact centre agents, the phone is still king. According to Gartner Research, 90% of all customer conversations are still happening over the phone. When payments are processed over the phone from customers, efficiency and customer confidence in terms of security are critically important.

So it’s hard to understand why contact centres are often overlooked when it comes to security compliance (PCI DSS) programs. Organisations are at risk both inside and outside the contact centre. Many areas of the contact centre are within the scope of PCI DSS. This includes the physical environment, call recordings, the CRM system, payment processing and more.

What’s the solution? The key is de-scoping the call centre by ensuring payment acceptance and processing bypasses the contact centre entirely. This protects the organisation from internal and external fraud. The way to do it? Use AgentSecure.

What is PCI DSS compliance?

Payment Card Industry Data Security Standard (PCI DSS) is a set of compliance standards agreed by a consortium called the Payment Card Industry Security Standards Council, which consists of the five major credit card companies.

Any organisation/contact centre that accepts payments must comply with the standards: 12 requirements and 6 control objectives must be met.

Within the contact centre, many areas fall within the scope of PCI DSS compliance. As well as those mentioned above, these include screen recordings, the agent desktop, PBX, automated call distributors, network/VOIP, storage, the agents themselves and any other applications used as part of payment processing in the call centre.

The graphic below highlights some of these key areas:

The movement towards cloud-based contact centre technology

Traditional contact centre technology presents a roadblock to establishing the contact centre as a central part of the customer experience and achieving PCI DSS compliance.

On-premise call centre technology has its benefits when call centres are based in one location. But as business models, methods of working, the need for scalability and greater security have grown, the benefits of using cloud-based technology have become clear, and cloud-based technology is the growing trend in contact centres.

A 2017 UK report confirmed that cloud-based solutions are becoming the preferred choice for the majority of UK-based organisations. The report, “The State of the Customer Experience 2017”, reported that 39% of call centres have already moved to the cloud and 57% are planning to within the next three years. The key drivers of this change identified in the report were the needs to improve profitability, ensure technology keeps pace with customer behaviour and the need for greater security.

De-scoping for PCI DSS and improving the customer experience with AgentSecure

The AgentSecure service de-scopes your call centre for PCI DSS by ensuring no credit card data enters your call centre environment. The interaction between the agent and customer will still remain seamless with voice contact maintained throughout the call.

When payment is required, the agent directs the customer to enter the credit card details via their telephone keypad. The card data is then intercepted by the AgentSecure service with DTMF tones and card data hidden from agents.

The service notifies the agent when the required payment information has been entered, which allows the agent to confirm the transaction and trigger the payment from AgentSecure. Payments are then processed in real time to your bank as normal. 

See how it works below:

Ease of integration sets AgentSecure apart

The challenge of integrating new solutions into current infrastructure is a key challenge faced by contact centre managers.

AgentSecure provides numerous integration options off the back of a hybrid on-premise or cloud-based solutions. It is also agnostic in terms of the payment gateway used and the incumbent telcos, allowing organisations to maintain current payment and telco agreements when implementing AgentSecure.

Reduced call handling time = happier customers

With the vast majority of customer conversations still happening by phone, the contact centre plays a key role in creating a positive customer experience. One of the key measurements affecting this is call handling time. Agents want to spend less time on the phone and so do customers.

AgentSecure reduces call time as customers enter their own credit card information. This removes the need for agents to repeat back card details, and card entry errors are reduced. Why? Customers are more familiar with their own credit card information.

The combined effect of the call handling reduction, reduced operational cost and improved customer service equates to a happier customer.

Contact centres need to keep pace with customer expectations

It’s a fact that customer expectations are changing. Organisations now have to provide multiple payment options and a seamless customer experience through web, phone and mobile – while ensuring credit card information is protected from internal and external fraud.

Related: How to turn your contact centre into your competitive advantage

These expectations can be hard to meet, but in AgentSecure you have a platform that is cloud-based, easy to integrate, payment gateway and telco-agnostic and scalable to meet the needs of any organisation. Like yours.

To find out more about AgentSecure fill out our contact form or email us at [email protected]

Related Articles

The benefits of mandatory data breach notification laws in Australia

Mandatory data breach notification laws would result in greater security for Australians and improved protection of their sensitive information. And i

Read More

Cost of data breach report (with Australian Statistics)

Ponemon Institute 2013 Cost of Data Breach report The 2013 Cost of Data Breach report published by the Ponemon Institute (sponsored by Symantec) revea

Read More

How to survive a data breach

In the past two years, LinkedIn, eHarmony, Twitter, Adobe and, most recently, Target have suffered data breaches that together exposed more than 120 m

Read More

Credit card data discovery tools lay the foundation for good data security

Card Holder Data (CHD) discovery tools are becoming essential in identifying none secure sensitive data locations. Since December 2013, a series of da

Read More