When it comes to tackling PCI DSS compliance and data
security, your contact centre customers need to be confident
that Gamma’s fully hosted Semafone-enabled SIP solution
ticks every box.

Our bite-sized e-guides and topic briefs below are designed to get to the heart of complex PCI DSS and data security topics quickly and easily. Designed to give you the key need-to-know facts and the know-how to tackle the questions customers ask. If you need further information or a deep dive into any of the topics below, we have provided suitable links.

Remember the Semafone Channel Team is here to help you with all the nitty-gritty of complex compliance questions.

If you would like a call to talk through any opportunities or questions you might have
contact us now and we will get back to you….

Payment Card Industry Data Security Standards
(PCI DSS) Explained

  • The Payment Card Industry Security Standards Council (PCI SSC) is a consortium comprised of all major card brands (Visa, Amex, Mastercard, etc.).
  • Organisations taking payments over the phone must comply with the PCI DSS.
  • The PCI DSS is made up of approx. 327 controls (processes, procedures and tools) imposed on any merchants who store, process or transmit cardholder information.
  • Merchants that take card details verbally (in an open environment) need to ensure that all 327 controls are implemented and followed.
  • The Semafone on Gamma SIP solution can de-scope the merchant down to as little as 6 controls for their MOTO transactions by keeping card data completely out of their environment.

Need more information?

> Information on PCI DSS
> Semafone Cardprotect
> How to Navigate PCI DSS Requirements in the Contact Center

Semafone with Gamma SIP Value Proposition

  • On-Net, carrier grade, cloud based PCI DSS DTMF masking solution.
  • Fully managed service that keeps card data from entering the merchant environment.
    “They can’t hack what you don’t hold”
  • De-scopes merchant from SAQ-D (320+ controls) to SAQ-A (14 controls).
  • Protect all numeric data and contribute significantly to EU GDPR compliance
  • 30+ Gamma customers are already using this patented DTMF masking solution.
  • 40+ Gamma SIP resellers already partner with Semafone and are…
    • Winning new customers
    • Making existing customers stickier with new services
    • Providing a reason for ISDN customers to turn to SIP

Need more information?

> Implementing Semafone

Why choose Semafone on Gamma SIP?

  • Proven solution with 30+ live customers
  • On-Net, fully managed cloud solution (no requirement for hardware on site).
  • No re-routing of calls required to 3rd party hosted suppliers.
  • No additional costs (due to additional call legs).
  • No impact to Gamma’s SLAs (due to 3rd party call routing).
  • No risk to call delivery in the event of payment solution failure.
  • No connection lag time to a 3rd party payment solution.
  • No need to change NGN’s (Non Geographical Numbers) or DDI’s (Direct Dial Inwards) for existing Gamma customers
  • Significantly contributes to EU GDPR compliance by capturing all types of numeric data securely and preventing them from entering the contact center.

How do you spot PCI DSS sales opportunities?

  • Companies that:
    • Acknowledge they are not PCI DSS compliant.
    • Have just suffered a data breach.
    • Have a PCI DSS audit approaching.
    • Use Pause and Resume call recording solutions.
    • Use or want to use home workers to take payments.
    • Take large volumes of payments over the phone.
  • Key sectors include: Debt Collection, Financial Services, Insurance, Travel & Hospitality, Public Sector, Retail.

Customers Battling with the new EU GDPR due
in May 2018?

  • Companies could face fines of up to 4% of global turnover or €20m for a data breach.
  • EU GDPR applies to all organisations handling EU citizen data; regardless of their location.
  • From May 2018, companies will be required to report a data breach within 72 hours of the breach.
  • Semafone’s patented data capture solution can secure all types of numeric data.
  • Companies risk brand and reputational damage.

Need more information?

> Semafone for EU GDPR
> Our helpful GDPR flyer
> Our blog explains the impact of the EU GDPR

Contact Centres and PCI DSS Compliance
Research Findings

  • 72% of agents in the UK still ask customers to read card numbers out loud.*
  • 9% of agents know someone personally that has unlawfully accessed or shared customer information.
  • 30% of agents have access to customers’ payment information even when not on the phone with the customer.
  • The cost of a data breach resulting in less than 100,000 records lost is $4m.*

Need More information?

> Check out our handy infographic
> Read our blog on our Contact Centre Data Security Report
> Contact Centre Data Security Report
> Ponemon Institute Report

What are the perils and pitfalls of using
“Pause and Resume”?

  • Manual pause and resume solutions go against PCI DSS compliance guidelines.
  • Automated pause and resume triggers are tricky to implement and manage.
  • Human error – agents may ask for card details before pause and resume is activated.
  • Insider Fraud – agents can still see and hear payment card details.
  • Pause and resume solutions leave 300 PCI DSS controls to implement – agents, infrastructure and other internal systems are still exposed to card data.

Need More information?

> Read our Solution brief
> Check out our handy infographic
> Review our blog
> Tune into our webinar



How can a Semafone on Gamma SIP solution improve Customer / Agent experience?

  • Customers and agents are in full verbal contact throughout the payment process.
  • Many customers have reported a reduction in Average Handling Time (AHT).
  • No need to create “locked-down” or draconian contact centre clean rooms which can lead to hostile and sterile agent working conditions.
  • Homeworkers can take payments securely as neither they or their work environment are ever exposed to card data.
  • No language or regional accent issues as customers enter their card details themselves.
  • Comprehensive card data validation reduces errors and increases 1st time capture success.

Secured by
Gamma & Semafone