Everything you need to know about securing ACH payments

By Mandy Pattenden, Marketing Communications Director

ACH payments are an easy and convenient way for consumers to pay bills or schedule recurring payments for everything from streaming video subscriptions, to their monthly mortgage or car insurance premium payments.

According to Nacha, 6.8 billion payments were made on the ACH Network during the third quarter of 2020 – up 9% over the same period in 2019.

The continued uptick in ACH use among consumers – especially in the eCommerce space – means organizations need to ensure they are set up to offer this payment option and are able to securely handle ACH payments in an appropriate and compliant way.

A quick dive into ACH

An Automated Clearing House (ACH) transfer is an electronic debit transaction that pulls money directly from a consumer’s checking account to pay for things. Also known as echeck, electronic bill payment or automatic debit, many consumers prefer to use ACH over credit cards because it makes it easier for them to manage their personal budgets – ACH payments will only clear if purchasers have the funds available in their accounts.

When it comes to paying bills, ACH direct debit is fast becoming the preferred approach for consumers that want to ensure they never miss a payment deadline. Much easier and less time consuming than writing and mailing a check, plus, depending on where you bank, ACH transfers come with an added benefit – they are often free.

Nacha (the National Automated Clearing House Association) oversees the ACH Network, which is a payment system that universally connects all US bank accounts and facilitates the movement of money.

Protecting direct debits – Nacha Governance

Responsible for the development, administration, and governance of the ACH Network, which is one of the largest electronic payment networks in the world, Nacha has stringent rules for any business that processes ACH transactions. No surprise when you consider the privacy and security issues that are at stake for consumers who initiate and authorize ACH debit payments that automatically move money directly from their checking accounts.

To process an ACH transfer, organizations create entries on the ACH Network using a customer’s bank account details. As a result, any contact center that records calls must redact or secure all protected and sensitive banking information.

Evaluating the challenge – keeping customers safe

Call center agents need to accurately capture and validate a customer’s bank account information. While this includes the routing number, which is considered to be publicly available information that does not need to be shielded, the bank account number itself represents highly sensitive banking information that needs to be secured.

For many customers, sharing these details with call center agents over the telephone can feel like a risky endeavor. For this reason, solutions like Semafone’s Bankprotect Voice+ represent an ideal way to make customers feel more secure.

Utilizing dual-tone multi-frequency (DTMF) capture and masking technology, customers are able to enter their bank account information using their telephone keypad. As well as ensuring that agents are shielded from ‘hearing’ and seeing on screen a customer’s highly sensitive bank account information, the solution automatically performs a verification process to confirm everything is valid – in line with Nacha’s requirements.

At the close of the call, all bank account and routing numbers are available for the merchant’s systems to complete the transaction.

Extending security to digital channels

Today’s consumers increasingly expect to be able to transact from anywhere and in any channel. When it comes to digital transactions, Semafone’s Bankprotect Relay+ platform makes it easy to get up and running with ACH payments without any need to invest in costly hardware in a secure and compliant way.

Dedicated to enabling organizations to reduce payment exceptions and risk, Semafone is making it easy for organizations to securely handle the payment-related information of their customers in a streamlined way that’s good for them – and good for the customers they serve.