The background.

AGL is one of Australia’s leading renewable energy companies and is Australia’s largest private owner, operator and developer of renewable generation assets. The company’s Retail Energy division sells and markets natural gas, electricity and energy related products and services to more than 3.8 million residential and small business customer accounts across New South Wales, Victoria, South Australia and Queensland.

The division receives payment from customers via a variety of methods, including direct billing, online, post and telephone. 600 dedicated agents are employed to handle the business of taking payment via AGL’s contact centers and IVR systems. The security of customer details is paramount and AGL complies fully with the Payment Card Industry Data Security Standards (PCI DSS) to protect sensitive credit and debit card details.

The challenge.

A large number of AGL’s customers opt to pay by telephone. The convenience of a quick telephone call to pay a bill, combined with the knowledge that a service agent is on hand to smooth out any problems, makes it a popular choice.

The challenge for AGL was that this resulted in large volumes of card data flowing through the company’s IT and telephony infrastructure. PCI DSS regulations require extensive security checks and controls to take place regularly wherever card details are stored, so AGL found itself spending a great deal of time and money to simply maintain compliance.

AGL uses some interactive voice recognition systems, which helped to reduce the problem by allowing customers to enter their own card details, but recognized that in many cases customers wanted to speak to a real person rather than an automated recording.

Drop-off rates for IVR are generally higher than for transactions managed by an agent, as an anomaly is likely to result in the customer ending the call. Any new system would need to be able to cope with wide fluctuations in transaction volumes; as a utility company, AGL’s business alters significantly according to seasonal variations.

The solution.

A solution was suggested by BEA Systems, AGL’s Qualified Security Assessor, who is responsible for ensuring AGL’s compliance with the PCI regulations. BEA proposed Sycurio’s secure payment method, designed specifically to protect card payments made through contact centers.

Sycurio’s solution reduces the cost of PCI DSS compliance by removing sensitive card data from the contact center environment. When paying bills over the telephone, customers can input their credit and debit card details via their telephone keypad rather than saying them aloud.

The card details are transmitted directly to the bank, avoiding the contact center infrastructure and thereby reducing the number of checks and controls necessary to meet PCI regulations.

This presented AGL with a very simple solution to the complex problem of eliminating data fraud and complying with PCI DSS.


“We’re very pleased that we have been able to help the company cut the cost of PCI DSS compliance.”

Gary E. Barnett
Chief Executive Officer

AGL was also impressed by the way in which Sycurio’s solution increased security without compromising customer service. Sycurio masks the tones made by the keypad so that numbers cannot be identified by their sound, leaving the agent free to continue the conversation with the customer throughout the transaction. Any problems, such as mis-keying of numbers, can be rectified straight away.

The implementation.

Sycurio.Voice has been installed in AGL’s contact centers in Sydney and Melbourne. Sycurio was integrated with a variety of different CRM (Customer Relationship Management) and back office systems including SAP, and with AGL’s payment gateways.

“The organization has recognized that credit card fraud is a real risk for telephone payments and taken steps to protect customers. We’re very pleased that we have been able to help the company cut the cost of PCI DSS compliance and improve customer service at the same time,” commented Gary E. Barnett, CEO of Sycurio.

The benefits.

Not only has AGL been able to make a dramatic reduction in the cost of compliance, but the company’s customers have also benefitted from Sycurio’s payment method. They no longer need to worry about the risk of saying card numbers out loud in a public place, such as an open plan office and are able to continue their conversation with the agent while they pay their utilities bills.

AGL’s customers have reacted well to the change.When agents ask a customer to enter their card number into the keypad, it’s immediately clear that this is helping to improve security. This has enabled AGL to maintain the high standard of service that it has always offered, while improving security and cutting the cost of PCI DSS compliance. Everyone is better off as a result.


“This was Sycurio’s first major implementation in Australia and we could see that AGL was leading the way in securing their payments systems.”

Gary E. Barnett
Chief Executive Officer


Download the case study PDF