Businesses today are challenged with meeting consumers’ high expectations for fast, convenient and frictionless digital services while at the same time maintaining strong security. This is especially true when enabling payments and purchases online. Research from PYMNTS.com has shown that more than $200 billion in potential revenue was lost in 2017 alone in shopping cart abandonment due to friction within the online purchasing process. Yet at the same time, consumers expect merchants to keep their data secure. Surveys show that more than three-quarters of consumers will stop engaging with a brand online following a data breach. How can businesses balance the need for strong data security with consumer desire for fast, frictionless digital processes? Though they may seem like competing objectives, it is possible. With the right technologies, businesses can ensure strong data security while delivering the ease and convenience that are the hallmarks of an excellent customer experience.
Enabling a Frictionless Customer Experience
Today’s news cycle is dominated with headlines of data breaches nearly daily. Companies that handle consumer payment card data, especially, are aware of the need to not only follow best practices for data security and privacy, but also to meet and maintain compliance with the Payment Card Industry Data Security Standard (PCI DSS). The risk of falling short and suffering a data breach can be potentially catastrophic for an organization, resulting in not only regulatory fines but also the high costs of remediation and the potentially irreversible damage to one’s brand reputation. Moreover, the potential loss of trust among customers can have lasting effects on sales long after the initial breach.
To safeguard consumers’ sensitive data while still enabling a frictionless customer experience, organizations need to both ensure that they have the proper internal procedures and employee training in place, as well as adopt new and more secure, digital payment solutions.
Internal Controls for Strong Data Security
Ultimately, a positive customer experience depends on strong security in order to safeguard customers’ sensitive personal information and make sure it is not exposed in a breach. To ensure that they are following best practices in the handling, transmitting, processing, and storing of customer payment card data, merchants should implement PCI DSS security awareness training for all employees. This helps employees to understand the proper methods to handle sensitive customer information, as well as recognize potential threats and appreciate the risks associated with insecure practices within the contact centre. Training should be ongoing, with refreshers annually.
In addition to employee training, any business that accepts payments from customers must be sure they are following the highest level of data security procedures and controls throughout their organization. In addition to PCI DSS requirements, organizations should work to become certified against the internationally recognized ISO 27001 standard. This standard helps companies keep their data secure by following rigorous requirements for establishing, implementing, maintaining and continually improving their information security management systems and techniques. And when it comes to working with digital payments solutions providers or other partners, businesses should look for partner organizations that have attained all four of the leading accreditations pertaining to secure payments, including not only ISO 27001 but also PA DSS, PCI DSS Level 1 Service Provider and the official Visa Merchant listing.
Adopting Secure, Omnichannel Payments Solutions
In addition to implementing a robust internal security program, one of the easiest ways for businesses to balance security with customer experience is to streamline the payment process by adopting new digital payment solutions that enable secure, omnichannel payments. Consumers today expect to be able to transact with businesses through any channel or device, whether it’s over the phone, through the website, over email, online chat, social media, in-person and more. New omnichannel payments technologies make it easy for businesses to meet customers in the channel of their choice and enable a secure, seamless payment experience no matter what channel or device they choose.
For example, Semafone’s Cardprotect Relay+ enables businesses to create secure payment hyperlinks that can be used in any digital channel, including e-commerce and m-commerce, email, social media, online chat, SMS and more. Sales or customer service representatives (CSR) can even use Cardprotect Relay+ to generate and display QR codes that can be used for in-person payments by leveraging the consumers’ mobile device camera. This approach lends itself especially well in areas where lack of infrastructure may prevent the use of traditional point of sale (POS) hardware systems, such as at outdoor festivals and events. The customer simply clicks the link or points their mobile camera at the QR code, then enters their payment details for a fast, convenient, and most importantly, secure payment process.
At the same time that the customer inputs their payment data, the solution relays real-time progress updates to the sales or customer service representative, notifying them when the payment page has been accessed and payment card data has been submitted, as well as when the payment service provider (PSP) has approved the transaction. Should the customer have any trouble at any point in the process, the CSR will see this and be able to offer support to solve the issue, leading to an improved customer experience.
Because there are no apps to download and no dongles or hardware necessary for use, Cardprotect Relay+ provides an extremely easy-to-use customer experience. Moreover, it can also be deployed along with our flagship Cardprotect Voice+ solution for the telephone channel, enabling businesses to provide a unified, seamless customer experience for payments and purchases across all channels. At the same time, Semafone’s Cardprotect solutions provide a highly secure payment process. That’s because Cardprotect Relay+ and Cardprotect Voice+ keep the customer’s sensitive payment card data out of the merchant businesses’ network environment completely; securely routing the sensitive information directly to the PSP for processing. By ensuring that the merchant business does not need to process or store sensitive payment card data, Cardprotect helps reduce the risk of a data breach and streamlines PCI DSS compliance.
Today’s consumers have more choices than ever before. They have more choices of both channels and devices through which to transact with businesses, and they have more choices in terms of who they do business with. If they believe an organization is not handling their personal information securely, or if they do not have a stellar experience at every step of their customer journey, they will take their business elsewhere. Organizations that want to remain successful today must provide not only a superior experience but also ensure a high level of data security. With the right internal controls, employee training and new omnichannel payments solutions, they can balance strong security with excellent customer experience for a competitive advantage.