How contact centres can stop payment discrimination – Matt Bryars, CEO and Co-Founder at Aeriandi
Payment Card Industry Data Security Standard (PCI DSS) compliance is an obligation that all contact centres must adhere to if they take payments either online or over the phone. These businesses must ensure highest levels of data security possible for all of their customers.
As technologies improve, the gap between able-bodied and disabled customers shrinks. New automatic speech recognition (ASR) technology is allowing those that are unable to use a manual telephone keypad a new way to pay over the phone in a secure, PCI compliant way. Traditionally, organisations would resort to outsourcing this process to ensure compliance, or implementing expensive and difficult to manage white rooms. Increasingly, organisations operating contact centres are looking for new ways to achieve PCI compliance that reduce cost and improve customer experience.
Outsourcing and white rooms
In-house security is difficult to maintain. Some organisations outsource their customer payments to a third party contact centre to tackle PCI compliance needs. However, this is costly and can result in the caller having a poor experience. Improved customer experience is at the heart of many contact centre operations, with targets for reduced on-hold times and efficient call flow management. Routing customers out to a third party for phone payments risks damaging the overall customer experience – something that contact centres strive so hard to maintain.
The alternative is creating a ‘white room environment’, often seen in fixed location contact centre operations. This is where agents are prevented from taking phones or notepads to their desktops, and have rigorous security checks in place to eliminate the insider threat. It is much more difficult – if not impossible – to implement, especially for remote workers. It can be hard to keep ‘white room’ processes working well as it is difficult to control agent use of recording devices, paper or pens to log card data. Additionally, there may be a high staff turnover, increasing the risk of the insider threat.
Traditional methods
The most popular PCI compliant phone payment process isdual tone, multi-frequency (DTMF) technology. At the point where a payment is required, customers are routed through to a secure, cloud-hosted platform where they enter their sensitive information via their telephone keypad. The contact centre agents themselves no longer play any part in the collection or processing of the customer’s sensitive data and it never enters the call centre environment. This is as secure as it gets!
These types of cloud-based solutions are an integral part of any successful contact centre operation. Implementing a cloud platform also opens up other possibilities, such as voice biometrics, analytics and fraud detection. DTMF is an ideal solution for PCI phone payments, but what about those callers who cannot use a manual telephone keypad? How are they able to make secure phone payments without expensive outsourcing or white rooms?
Automatic speech recognition
This is where automatic speech recognition (ASR) technology comes in. It is designed to help contact centres offer a PCI compliant payment option to callers who cannot use the telephone keypad. This could include sufferers of rheumatic and musculoskeletal diseases (RMDs) such as arthritis, for whom joint pain, particularly in the hands, is a serious problem. For this group, tasks like using a manual phone keypad can be extremely painful, if not impossible.
ASR technology extends DTMF secure payment capability to callers who are unable to use the telephone keypad to enter their information.
Solutions that offer this use voice-to-text technology to capture, convert and verify the information before processing the payment. Cardholder data is then relayed to the Payment Service Provider (PSP) via a secure private cloud, without the information entering the contact centre.
The call is only muted to the operator while the caller gives their details, but strict controls ensure the customer is immediately returned into contact if they take too long, or as soon as their payment details are accepted or denied. The technology ensures a good customer experience, streamlines the payment process and achieves PCI DSS compliance.
Ending discrimination in the contact centre
Considering that up to five percent of people cannot use – or do not wish to use – manual DTMF technology to make phone payments, ASR technology is essential to avoid discrimination in the contact centre. Why should customers that are unable to make payments via a telephone keypad be discriminated against if they make a payment over the phone? Should they have their security put at risk? Companies should not be disadvantaging these customers, but this has to be balanced with protecting their data and maintaining a secure card data process. ASR technology for PCI phone payments is a necessary step for the contact centre. It may only serve a small proportion of callers, but for those who cannot use the telephone keypad, it makes a big difference.
Additional Information
Matt Bryars, CEO and Co-Founder at Aeriandi
For additional information on Aeriandi visit their Website
