More Than Half of Businesses in the US and UK Fear an Imminent Attack on Payment Data

Research from Semafone reveals that organisations are unprepared in spite of perceived risk

Guildford, UK – 11th January 2016– Research from Semafone®, which provides secure payment software for contact centres, has revealed that 60% of US and 52% of UK businesses believe an attack on payment card data to be quite likely or very likely.

Semafone conducted the survey over the summer of 2015 to discover the attitudes and practices of UK and US payments professionals.

Contrary to popular opinion, contact centres are seeing no drop in the level of payments taken over the phone. In fact 84% of US and 87% of UK respondents stated that the volume had increased or remained level over the past two years.  Only 14% of all respondents suggested that the number of telephone payments has declined.

In spite of this increase in telephone payments, and the widespread fear of attack, contact centres appear to be ill-prepared; only 46% of respondents said that they have implemented and maintain a full set of Payment Card Industry (PCI) controls to reduce the risk of an attack. More surprisingly, 81% admitted that they ask their customers to say their card details out loud.

“It’s astonishing that so many companies still ask their customers to read their card details out loud over the phone,” said Tim Critchley, CEO of Semafone. “Both card and telephone fraud are on the increase in the US and the UK, but it’s clear that there is more work to be done to put the right security measures in place. It’s good to see that organisations are waking up to the threat of attack and recognising the reputational damage a breach can bring, but we all need to move faster if we want to avoid more large-scale incidents.”

Other key findings from the research include:

  • 83% of total respondents (79% US and 86% UK) felt that loss of customers or brand/ reputational damage would be the most damaging effect of a payment card data breach.
  • 68% of UK respondents and 51% of US respondents have a crisis communication plan in place in the event of a payment card data breach.
  • 82% of US respondents and 80% of UK respondents occasionally or always ask their customers to say their card details out loud to the agent when they make payments.  52% of US respondents always ask them to do so, compared with 54% of UK respondents.

Semafone has created a report based on the research that outlines key issues within the secure voice payment industry. The report can be accessed here

Total respondents:  UK: 60, US: 61

Semafone’s patented technology allows customers to input their card details privately and securely via their telephone keypad. The numbers are then transmitted directly to the bank, so no sensitive details are held in the contact centre’s infrastructure. Card numbers are not spoken aloud and individual key tones are masked by Semafone’s software so that they cannot be recognised by their sound. Throughout the transaction, the contact centre agent can neither hear nor see sensitive card information, and remains on the call to deliver a high level of customer service.

More Than Half of Businesses in the US and UK Fear an Imminent Attack on Payment Data
Semafone