Cardprotect offers a simplified PCI DSS compliance solution for complex card-not-present (CNP) environments across the following channels:
Your business depends on taking payments, but without the right security controls, you could put customers’ sensitive data at risk. Data breaches, fraud and theft (from both internal and external sources) are becoming more sophisticated, frequent and costly. According to a 2018 Ponemon study, the average cost of a single data breach is nearly $4 million, which includes missed business opportunities due to reputational damage. While PCI DSS intends to help you reduce these risks and protect both your business’ and your customers’ data, it often adds complexity to an already complicated CNP payment environment.
Cardprotect allows customers to enter their payment card numbers directly and discretely into their telephone keypad instead of reading them out loud to the agent on the line.
Step 1: The customer calls the contact center and the conversation continues as normal.
Step 2: The customer chooses to input numeric data (such as a credit card number, social security number or driver’s license).
Step 3: Securemode is initiated to mask the DTMF tones with flat tones as the customer inputs in their data.
Step 4: The caller’s information is transmitted to the appropriate third party, such as a payment service provider (PSP).
Semafone’s patented data capture method uses dual tone multi frequency (DTMF) masking to replace the keypad tones with flat tones as customers input card numbers. The agent cannot decipher the numbers in any way, and is able to stay on the line in full voice communication with the customer throughout the entire transaction.
The agent is available at every step of the payment process to correct errors and help with any issues that may arise. This greatly improves customer satisfaction, reduces the number of abandoned calls and even lowers average handling time (AHT).
Customers also appreciate the added security – they know that when they see “Secured by Semafone” on your website or in their order confirmation that their payment has been taken securely and their card data is protected.
With Cardprotect, your staff no longer need to work in environments with stringent, draconian security measures, like the use of “clean rooms” where agents cannot have mobile phones, writing equipment, paper or even bags.
These restrictions have a negative effect on employee morale and job satisfaction, leading to high staff turnover.
By using Cardprotect, contact centers can take an omnichannel approach to their operations.
Because agents do not have access to sensitive payment data, they can freely access tools, like webchat and social media, that improve the working environment and help to deliver superior customer service.
Cardprotect is scalable, flexible and resilient, and can integrate seamlessly with your existing telephony. The solution’s integration with your PSP ensures rapid deployment and minimum disruption to your business, and there is no need to upgrade or change your CRM systems or call recording technology.
Cardprotect also helps with call recording dilemmas. Some industries, including the government and financial services sectors, require a complete and full recording of phone conversations. However, the PCI DSS prohibits the recording and storing of Sensitive Authentication Data (SAD), such as three- or four-digit security codes (CID, CVC2, CVV2, etc.). Using DTMF masking technology, Cardprotect shields data not only from agents, but also from recordings, so you can easily record calls without compromising regulatory compliance.