Gold-standard PCI DSS compliant payment solutions for modern contact centres
You don’t have to bare the burden (and cost) of PCI DSS compliance alone
We live in a world in which personal data is constantly under threat. Contact centres that process card payments are at the frontline of this data threat and need to be more vigilant than ever to protect client data and brand reputation.
The last thing you want to find out is that you’re at more risk than you think — and, unfortunately, compliance is not always simple.
We descope your contact centre by ensuring payment data never enters your organisation, meaning you only need to meet SAQ-A compliance standards.
- Take your contact centre out of scope
- 24 audit points (SAQ-A) instead of 400 (SAQ-D)
- Reduce costs with minimal audit requirements
Remove yourself out of PCI DSS scope. Take payments while your agents stay on the line, delivering phenomenal customer experience. Our PCI DSS SAQ-A solution is the compliance gold standard , outsourcing risk and descoping your contact centre.
- Ultimate customer experience
- Better contact centre efficiency
- Less costs and no risk
Virtual agent integration
Enhance any Intelligent Virtual Agent solution with our PCI DSS SAQ-A integration. Make the payment experience as quick, engaging, intuitive as cost effective as possible.
- Optimises costs by 50% or even more
- Scales to your requirements
- Handles volume peaks with ease
We provide true omni-channel solutions, covering voice and text-based customer interactions and natively integrate with more than 15 payment gateways. Take payments in the most convenient way for your business.
- A payments service on demand
- Live tracking and feedback
- Covering all major digital channels
News, resources and analysis
Corporate telephony, unified communications and contact centres are merging, improving CX for consumers
Siloes between contact centres and the communications and telephony technologies that run them will inevitably lead to siloed approaches to delivering customer service, which is no longer a business risk leaders can afford to take.read post
Jan 22 white paper | Why voice technology excellence drives empathy and deepens customer engagement
Twenty-three months into the pandemic, a lack of physical touchpoints with brands has meant contact centres have been experiencing higher volumes of inbound enquiries than ever. AI and automation alone won’t meet rising customer expectations.The empathy that contact centre staff bring to the customer has a major impactread post
How SecureCo boosts your business
Reduce compliance cost
Spend less money and resources on PCI compliance. Move your contact centre from SAQ-D to SAQ-A, significantly reducing the PCI scope for audits.
Maximise inbound and outbound payments collection as agents are on the line to guide your customers throughout.
Lower risk of data breaches
Ensure payment card information is completely removed from your organisation.
Improve contact centre efficiency
Reduce call average handling times as well as call dropout rates.
Achieve the highest level of PCI compliance and carrier availability. Ensure company directors, officers and your overall brand are protected from the liability of data breaches and brand damage.
Maximise agent and customer experience
Give confidence to your employee and customers as they remain together on the phone while taking a payment in a safe and efficient manner.
Everything you need to know about
our compliant payment solutions
- How does SecureCo’s Contact Centre Payment platform work?
We utilise DTMF masking technology by sitting in path between our carrier providers and the customer PBX to ensure end-to-end compliance.
- How much does it cost?
Overall costs depend on the selected solution. Costs are broken down into quantity licensing of the voice channels, number of PCI Agents taking payments. Usage makes up the remainder of the monthly costs with voice minutes and number of payment transactions executed. Implementation costs are broken down into product delivery costs to implement the solution and optional project management services, where we provide a turn-key implementation of our solutions.
- How long will it take to deliver a project?
From our experience of implementing similar services, the usual project duration envelope is three months. Integration of carrier and payment provider services making up the bulk of the duration.
- Where do the credit card details go once they have entered SecureCo’s CCP platform?
Credit card data (PAN/CVC) are transiently held in the CCP solution until payment has been executed with the payment gateway. After which it is completely and securely erased. We do not hold or store any credit card data with our CCP solution.
- Do you keep record/ store data of any transactions?
All transactions are logged for audit and troubleshooting purposes, but no PAN or CVC data is ever logged. Only returned card tokens are stored as part of the logs.
- Doesn’t (Pause & Resume / Encrypted Network / Clean Room) take me out of scope?
These solutions still require compensating controls to be put in place, which are time consuming and complex as well as only providing a SAQ-D certification. Our CCP solution provides SAQ-A, which means no credit card data is present at all, significantly minimising the need for these compensating controls and reducing ongoing cost each year.
- Can I use the CCP platform in conjunction with IVR / Speech Analytics?
Yes, card details are only masked when taking payments, which means all current IVR menus will function as before. Since DTMF digits are masked during payment, call recording and speech analytics solutions are now also out of PCI scope and do not require any redaction.
- How will this impact my agent performance and productivity? e.g. AHT, CX, etc.
CCP positively contributes to a better customer experience, since the customer remains on the call with the agent while taking payments. Average handling time is generally reduced, since the agent can enter additional information while the customer is entering their card data. Our data suggests a 2-8 seconds reduction is possible.
- Do you clear or settle?
No, we do not offer merchant facilities. We only facilitate the capture of cards in a PCI DSS compliant manner.
- What is your current TX volume?
Our API facilitates the capture and execution of the payment to the upstream PSP gateways, so volumes are dependent on the number of transactions executed.
- Do you offer a solution for physically disabled people?
Currently no, although we could explore bespoke solutions on a case-by-case basis.
- Do you support overseas credit cards?
Yes, we do. We support all major credit card providers
- Can agents use SecureCo when working from home?
Absolutely! This is one of the key strengths of our solution since no credit card information is ever passed to the agent. Agents can log in from home and continue to take payments safely and securely. All our solutions ensure no credit card details are spoken, heard, or seen.
- Can any voice channel take payments?
Yes, all channels can be “protected”, which means that any channel will be able to take a payment if required. The maximum number of payments is based on the number of Agents
- What is DTMF masking?
DTMF masking involves masking the unique audible tones with flat tones so that people who hear the DTMF data cannot decipher the credit card numbers.
- What does “secure mode” mean?
It is a period during the call, where DTMF tones from the customer side of the call are masked to the agent and SecureCo for the capturing of the digits used for payment directly to the PSP gateway, on behalf of the Merchant.
- What is DTMF bleed?
DTMF bleed is the term used to describe residual DTMF tone artifacts left in the voice stream. Generally, this is not audible and only detectable via media analysers, so most carriers do not remove it. We remove DTMF bleed to ensure no residual DTMF information remains in the voice stream.
- Do I need to detokenize and re-tokenize the credit cards once I start using your contact centre payment solution?
The short answer is no. There is no need to detokenize and tokenize the existing tokens. Our scope in the contact centre payment solution is to capture the credit card details and submit the transactions to your payment gateway on your behalf. One of these transactions can be to create tokens. In this case we will capture the credit card, create the token and share the payment gateway’s card token back with you. You can then use that token for recurring payment directly by executing the transaction using the card token with your payment gateway.