Choice of cloud-based deployments enable fast, flexible and affordable payment data security for U.S. customers while making PCI DSS compliance easy

BOSTON – June 5, 2019 – Semafone®, the leading provider of data security and compliance solutions for call and contact centers, today announced that its flagship Cardprotect™ secure payment solution is now available in the cloud for the U.S. market. The availability of pure cloud and hybrid delivery models for call and contact centers will enable faster, more scalable, cost-effective deployments that strengthen payment data security and vastly simplify compliance with the Payment Card Industry Data Security Standard (PCI DSS).

In addition, Semafone today introduced Rushmore™, an out-of-the-box and fully supported appliance for hybrid cloud that allows contact centers to experience the fast and easy deployment benefits of the cloud while keeping their telephony systems on-premises. With the new cloud delivery models, Semafone gives U.S. contact centers the freedom and flexibility to choose from a full range of deployment options and models that best meets their needs: cloud, hybrid cloud, a managed appliance, or on-premises.

“As Semafone grows rapidly in the North American market, there is an increasing desire from customers for a wider variety of deployment options,” said Gary E. Barnett, Chief Executive Officer, Semafone. “Now, our U.S. customers enjoy the greatest level of flexibility and choice, with the richest set of features. Whether they choose pure cloud, a hybrid model, managed appliance or on-premises, with Cardprotect, organizations can quickly and easily descope their contact centers from PCI DSS, while simultaneously strengthening data security and reducing the risk of data breaches and fraud.”

Enterprise contact centers may now choose from one or more Cardprotect deployment options:

  • Cloud – A pure cloud solution for organizations that want to keep sensitive payment card data out of their contact center environments completely. The cloud model enables the fastest and easiest path to deployment, without requiring capital expenditure to purchase and manage hardware.
  • Hybrid Cloud – A mixed environment solution for enterprises wanting the benefits of a cloud deployment while maintaining control over their on-premises telephony systems.
  • Hybrid Cloud with Rushmore – A pre-configured, managed appliance streamlining procurement and enabling a fast path to deployment for Hybrid Cloud, while allowing businesses to maintain on-premises telephony and infrastructure. This “plug and play” hardware option is supplied, fully installed and managed by Semafone, enabling organizations to significantly and immediately reduce expenses associated with dedicating time, staff or resources.
  • On-premises – Scalable, flexible and resilient, the on-premises software deployment option integrates seamlessly with an organization’s existing telephony environment and payment service provider (PSP) for minimal disruption to the business.

According to Gartner, Inc., enterprise IT spending on cloud-based offerings is growing nearly three times faster than spending on traditional, non-cloud solutions and more than $1.3 trillion in IT spending will shift to the cloud by 2022. Organizations across all industries increasingly embrace cloud-based operating models and services to better position themselves for cost optimization, nimbleness and scalability in an increasingly competitive and dynamic business environment being fueled by digital transformation.

“Protecting sensitive payment data and maintaining PCI DSS compliance is complex, costly and time-consuming for contact centers, but by offloading the infrastructure and network architecture onto Semafone in the cloud, organizations are reducing their operating costs and removing the contact center from the scope of PCI DSS assessments completely,” Barnett added. “Moreover, by keeping payment card data out of these environments, businesses reduce the risk of their brand being targeted by hackers and fraudsters or suffering a brand damaging data breach.”

Cardprotect enables contact centers to securely take payments over the phone using dual-tone multi-frequency (DTMF) masking. Customers simply enter their payment card numbers or other numerical personally identifiable information (PII) using their telephone keypad. The dual-tone multi-frequency (DTMF) tones are masked with flat tones so sensitive data is never exposed to customer service representatives (CSRs), nearby eavesdroppers, captured on call recordings or entered into non-payment aspects of the organization’s information systems. The payment card data is encrypted and securely routed directly to the PSP for processing, keeping this sensitive data out of the contact center’s business infrastructure entirely. CSRs remain on the line in full voice communication with the customer throughout the transaction, able to answer any questions and ensure a positive customer experience.

By deploying Cardprotect in the cloud, contact centers can reduce the number of PCI DSS requirements they must report on to prove compliance – from more than 400 requirements down to just six – and enjoy the ease of using the much shorter SAQ-A self-assessment questionnaire to demonstrate compliance rather than the more complex SAQ-D. Moreover, they can take advantage of a fast and frictionless deployment with flexible scaling options for seasonal variability in the number of channels and transactions being processed. Cardprotect works with any telephony carrier so contact centers never need to worry about changing providers or purchasing or managing equipment.

To learn more about how Cardprotect secures telephone-based payments and eases compliance for contact centers, visit

Semafone Introduces New, Cloud-Based Cardprotect™ Solution to Dramatically Streamline PCI DSS Compliance for U.S. Contact Centers

Did you find this article useful? Leave Feedback →

    1. Very Unsatisfied2. Unsatisfied3. Neutral4. Satisfied5. Very Satisfied