Installing Semafone on your own premises ensures seamless integration with your existing infrastructure. This includes your telephony systems and any telephony integration, as well as the full range of contact centre applications, from CRM to payment processing.
Our hosted solution means that no hardware or software needs to be deployed within your organisation. Access to Semafone is granted either through your payment gateway provider or via the Internet.
Our fully managed solution drastically simplifies the approach to PCI DSS compliance and relieves you of the burden of having to manage the infrastructure on your own premises.
When Cardprotect is hosted by the chosen carrier the entire contact centre premises can be taken out of scope for PCI DSS compliance.
All Cardprotect features and functions are available when hosted, and a secured connection is used to integrate with applications in remote locations.
Semafone’s technology is supported by all carrier solutions and is designed to match each carrier’s levels of resilience and availability.
Using a hosted version of Cardprotect, the incoming calls delivered by the carrier will never contain any payment card details. Semafone’s technology integrates directly with the payment provider, keeping the contact centre – and everything associated with it – out of scope for PCI DSS compliance. This produces the greatest cost savings by not having a PCI zone on premise at all.
A simple way of deploying Semafone is to install it locally.
The ideal place to deploy the solution is the point where telephone calls enter the network. As a result, everything downstream of Cardprotect does not touch the card holder’s details, so all contact centre applications and infrastructure are kept “out of scope” for PCI DSS. This produces high cost savings while fully protecting the entire contact centre.
Semafone’s technology can be deployed with both TDM and SIP trunk types. Because Semafone only masks the DTMF tones while in Securemode as payments are taken, any IVRs or other applications used during the telephone call are unaffected.
A Flexible Approach for On-Premise Deployments
Semafone’s Managed CPE Services cut through the complexity to give you a robust and compliant infrastructure that keeps your customers’ card-not-present (CNP) transactions fully protected, while taking your network, SBC and contact centre out of scope for PCI DSS.
Our services establish a ‘security guard’ at the border of your IP network that protects against attacks, delivers secure and reliable SIP trunking services and data connections, and establishes PCI secure zones that take your entire network out of PCI DSS scope.
To maximise your opportunity for descoping all elements of your network, Semafone’s Managed CPE Services feature a choice of flexible options. Select one service, or combine, to create a solution that exactly meets your business goals.
The level of integration is entirely up to you.
If you want to install the system as quickly as possible with a minimal integration, we can do so easily and rapidly. However, this approach may leave more of your infrastructure in contact with card data, and therefore, subject to all the controls required for PCI DSS compliance.
On the other end of the scale is complete integration. This requires a more sophisticated implementation, but results in a seamless system which is easier to use and can bring significant savings in PCI DSS compliance costs.
Semafone’s technology works on standard telephony equipment from your chosen supplier, including Avaya, Cisco, Genesys, Oracle – Acme Packet and many others.
The solution can operate in a variety of environments, including Integrated Services Digital Network (ISDN) and Session Initiation Protocol (SIP). Cardprotect is fully Payment Application Data Security Standard (PA-DSS) certified; and if you choose to install it on your own premises, it can reside either in your existing or its own PCI zone.
Cardprotect is already integrated into many of the world’s best known Payment Service Providers.
This means that our solution can relieve even more of the burden of PCI DSS compliance by directly transacting on your behalf, and simply passing you back the result of a transaction with detailed results.
Cardprotect’s flexible options enable merchants to allow or restrict different payment card types or schemes, based on business rules.
Cardprotect supports all types of transaction methods including Authorisation or Authorisation and Settle, refund scenarios, Address Verification Services (AVS), tokenisation, and can separate out or aggregate as required. Cardprotect supports submissions with any combination of PAN or Token, with or without CVC – just as your PSP might.
Cardprotect works with the world’s best Tokenisation services and vaults. We support many types on PSP provided Token as well as independent or 3rd party vaults.
Semafone’s experienced team are capable of supporting our customers most advanced and multifaceted scenarios; we regularly simplify, descope and secure our customers most complex interactions, all whilst ensuring that industry best practice is followed as part of our project methodology.
We understand that our customers want to achieve many different objectives with Tokens, and understand the impact of using tokens with varying degrees of complex attributes, such as post-transaction tokens, single or multi-use, time-based expiration, or format-preserved tokens. We work with you to determine the right tokenisation process for your organisation.