About the Organization

One of the world’s leading communication services companies, BT Group PLC serves the needs of customers in the UK and 180 countries around the globe. In the UK, the company’s customer-facing businesses include Consumer (consisting of BT Enterprise, BT Consumer, EE and Plusnet), Enterprise, Openreach and elsewhere via BT Global. Committed to delivering the perfect blend of voice, e-mail, digital and web interactions that today’s customers demand, BT wanted to find a future proof and more agile way of enabling PCI DSS compliant payments across all its businesses.

Making it easier to deliver a secure, seamless, and consistent payment experience for every customer – no matter what channel they choose to engage in – was just part of the transformation vision. It would also open the door to providing an enhanced experience for agents.

By radically simplifying how it deploys a single and standardized PCI DSS omnichannel payment environment, BT would be able to enable future digital transformations quickly, and in a more sustainable and efficient way, across all its brands.

The Challenge

For a company with multiple business units serving millions of customers, enabling a common omnichannel payment processing environment represented a truly Herculean task, made even more challenging by a diverse and complex legacy IT infrastructure.

Providing bespoke capabilities to individual lines of business, these systems made it difficult to initiate new digital services or align service delivery and business processes across the group. Consequently, each line of business effectively operated as an island with its own custom built contact center processes. Similarly, each business unit was responsible for handling its own PCI DSS compliance and reporting.

“Our legacy IT environment made it difficult to deliver a common customer or agent experience, or pursue a digital innovation agenda that would revolutionize how customers transact with us today – and into the future,” said Martin Rolls, former Program Director for Global IP Voice Development at BT.

But that wasn’t the only challenge. The complexity of the organization meant that the management and oversight of PCI DSS compliance across the group was an onerous task – one that involved a significant duplication of effort and resources.

Having the ability to roll out scalable global omnichannel payment capture services across the organization would not only make it easier for any BT business, or outsourced service partners, to securely handle customer payments in any voice and/or digital engagement channel, it would also significantly streamline and unify how BT manages the governance of PCI DSS compliance across the enterprise.

With 23 contact centers employing 25,000 agents across the UK, BT needed to find a robust, scalable, and effective way to drive new omnichannel payment capabilities across all its businesses.

Evaluating the Options

Determined to utilize a single solution from one provider that would be easy to deploy across its hugely complex infrastructure and operational environment, BT began to evaluate the options.

“Early on we realized it made sense to extend Semafone’s trusted secure payment solutions into our own internal business operations to achieve our goals. Having evolved in partnership with Semafone since 2013 we were very familiar with their solutions – their technologies are embedded into BT Global Services’ hosted voice and contact center offerings that our customers have successfully been using both in the UK & globally.”
Martin Rolls – Former Program Director for Global IP Voice Development, BT

Offering a rich customer experience that includes a variety of payment capture options – voice, live chat, SMS, social media and QR codes – Semafone’s Cardprotect Voice+ and Cardprotect Relay+ solutions would enable BT to orchestrate the cross-group delivery of a new omnichannel customer service experience.

Offering an open systems and online transaction processing architecture, Semafone’s cloud-enabled solution would not only simplify the delivery of digital innovation across all of BT’s line-of-business legacy IT estates, it would also remove all BT’s networks, voice, call recording & contact center platforms, call center estates & agents from PCI DSS scope.

The Solution

Prior to creating a delivery framework for the deployment of Semafone’s solution across the multiple legacy IT estate as an end-to-end global BT strategic initiative to secure BT Enterprise, BT Consumer, EE and Plusnet, Martin Rolls spent months working with key stakeholders across the BT Group to ensure everyone was on board with the upcoming changes.

“I can’t emphasize enough how important it is to gain buy-in from board members and senior business leaders before embarking on a program of this scale. We were about to institute some radical changes that would impact the practices and processes of every business unit. That included standardizing the agent desktop interface associated with customer payment transactions,” he explains.

Martin and his Program Manager, Stephen Brown, devised an agile implementation process that would enable them to cascade the solution across the company in phases – in collaboration with Semafone and with a focus on ‘attention to detail’. Having tested the operational readiness of each business unit, an initial pilot program enabled individual business leaders to assess agent acceptance and performance before the solution was rolled out fully via a batch onboarding process using agent profiles.

“Each line of business oversaw the deployment in their own contact centers, with implementation and delivery coordinated and managed by our central project team. Throughout this process, Semafone worked collaboratively alongside our rollout teams to support every aspect of delivery – including user training.”

Making it Easy to Deliver New Digital Payment Experiences

Semafone’s cloud-based architecture made it possible for BT to overlay and integrate the solution with the varied legacy IT systems that populate its environment and deliver the same secure omnichannel payment capabilities to all its contact centers.

To initiate secure voice payments, BT implemented Semafone Voice+ via its own cloud environment that serves its contact center voice channels, while Semafone’s Cardprotect Relay+ was enabled via BT’s cloud AWS environment to deliver a host of secure digital payment options.

“We now have a single solution that sits across our entire estate and across every customer facing channel. Working with Semafone has enabled us to fulfill our ‘build once and use many times’ vision and centrally manage the evolution of our payment environment in a streamlined and highly effective way.”

Completed in under six months, the group-wide roll out meant BT was able to pivot fast when the coronavirus pandemic first hit in March 2020.

“We were able to implement new remote working models at speed, because we already had everything in place to ensure agents could securely take PCI DSS compliant payments – regardless of their location,” confirms Martin.

The Benefits

Working with Semafone has enabled BT to reinvent how it serves customers in the digital age and further increase the confidence of customers in BT as a trusted payment processor. But that’s not the only gain.

The simplified group-wide payment service environment is proving popular with call center agents and their managers too. Alongside reporting fewer payment card data entry errors and shorter average call handling times, agents say they can now focus purely on serving customer’s needs without having to worry about the stress of also managing PCI DSS compliance.

“Giving agents a simple, easy-to-use service that enables real-time and consistent interactions with customers has proved a winner with our call center teams. Plus, standardizing the payment screens all our agents work with, means we can more easily redeploy agent resources across any line of business to cope with peaks in demand in a way that simply was not possible before.”

Enabling a robust and repeatable PCI DSS compliant payment environment that is centrally managed has also simplified governance, as well as annual compliance auditing and reporting across the group’s business units. Doing so has also made it easy to handle any PCI DSS regulatory changes in an efficient and future-proof manner.

Next, BT plans to extend its hosted secure payment environment to encompass all partners and outsourced service providers who act as an extension to customer contact centre operations.

“For the future we’ll be able to flex our resources and evolve our customer experiences with confidence. Enabling anyone within the business – or working as a partner to the business – to handle the growing number of chat, SMS, and QR payments in a secure and PCI DSS compliant way that truly resonates with our customers.”