The background.

Established in 1961, the British Heart Foundation (BHF) is the UK’s largest independent funder of cardiovascular research. For over 50 years the Foundation has pioneered research that has transformed the lives of people living with heart and circulatory conditions.

The BHF’s work has been central to the discoveries of vital life-changing treatments. However, many people still need its help. Each year in the UK, more than 1 in 4 people die from heart and circulatory disease, 175,000 go to hospital due to a heart attack, 235,000 due to stroke and 4,000 babies are diagnosed with a heart defect.

Call centers and payment processes are pivotal to the successful delivery of many of these services, so a fully secure and compliant call center is essential.


The challenge.

Fundraising is vital for the BHF so it’s essential that supporters are able to make donations quickly and easily. In 2015/16, the charity raised £157 million, including donations made via a range of payment methods, one of which was card payments made by telephone; the charity’s Birmingham call center handles around 50,000 calls per year.

The BHF prides itself on the fact that 77p of every pound raised is used to fight heart and circulatory disease, but complying with the regulations that govern card payments was becoming increasingly costly. It was vital for the BHF to comply with the Payment Card Industry Data Security Standard (PCI DSS), which governs the protection of customer card data. At the same time, the organization needed to maintain or even reduce its cost per transaction to ensure that donations were not eaten away by administration costs.

The charity therefore decided to research the most cost-effective and secure means of using its own call center to process donations. It is important for charities to show that they are leading by example in PCI DSS compliance. With the introduction of Semafone’s technology, the BHF is able to do this.

The solution.

In July 2016 the BHF implemented payment security software from Sycurio delivered over Gamma SIP Trunks to protect supporters of the charity as they made donations over the phone. Sycurio’s solution allows callers to input payment card details into their telephone keypad. The numbers are obscured using Dual-Tone Multi- Frequency (DTMF) masking, so the contact center agent cannot see or hear the numbers and can stay in full communication with the customer at all times to help with any issues that may arise.

Sycurio takes the card details and transfers them directly to the Payment Service Provider (PSP), bypassing the contact center environment entirely. Implementing Sycurio completely removed the BHF’s telephone card payments operations from the scope of PCI DSS.

The charity has a long standing relationship with Sycurio partner, Gamma, who provide the SIP Trunk related services for the delivery of phone calls into the BHF. Sycurio worked very closely with Gamma during the project scoping phase and were able to map the BHF’s requirements against PCI DSS compliance.

Flexibility was key to the charity. Call volume can vary widely depending on the demands of their campaign work and Sycurio technology, hosted in Gamma’s core network means it can be adapted to the charity’s need for additional contact center agents at times of peak demand.

This flexibility allows them to take full control of their call center operations, both inbound and outbound, in the most cost effective manner. The lower costs that SIP with Sycurio from Gamma can deliver, with no additional call or call-forwarding costs was an important factor given the BHF’s charitable status.


“Operationally, the whole process has been extremely smooth. The fact that there was no disruption is a huge benefit for the team. Very little additional training was required, average call handling time has been maintained at its target level, and feedback has demonstrated that donors have found the payment process very user-friendly.“

Ashley Bennett
IT Business Partner
British Heart Foundation

The results.

Becoming fully compliant with PCI DSS for telephone card payments was a challenging and complex task for the BHF, but it has been implemented effectively and efficiently and the benefits for the organization have been significant.

The introduction of Sycurio’s solution delivered over Gamma SIP Trunks means that all calls to and from all BHF offices are PCI DSS compliant. Any call can now be diverted to the call center for a donation and this greatly enhances the BHF’s flexibility. The technology is also fully scalable, meaning that call center capacity can be increased and decreased quickly and easily to deal with the peaks and troughs of campaign work. Outbound in-house call center operations can now be expanded exponentially.

It is important for charities to show that they are leading by example in PCI DSS compliance.

With the introduction of Sycurio technology, the BHF is able to do this, protecting customer card data, complying with regulations, and ensuring that the highest possible proportion of donors’ money is spent on the fight against heart and circulatory disease, the UK’s single biggest killer.


“Sycurio has made a tremendous difference to us, with no negative effects. Prior to the implementation we were concerned that having customers enter their own details might increase call handling time, but this has not been the case and agents were up to speed very quickly. The new system has also enabled us to take control of our scripting, so there is no longer any risk of ‘off script’ conversations.”

Ashley Bennett
IT Business Partner
British Heart Foundation


Download the case study PDF