One Family.
Keeping card data safe for the UK’s largest
child trust fund provider.
-
Customers
- One Family
The background.
Offering direct-to-consumer policies, the company works in affinity partnership with leading insurers and is a pioneer in the development of telematics-based products that enable insurers to calculate risk and premiums based on actual driving behaviours.
The challenge.
One Family found that its Post Office ISA customers were increasingly requesting online and telephone investment facilities. The organization already offered customers the option of setting up a direct debit in order to pay a lump sum into their account, but this inevitably involved a delay as well as the associated administrative burden and paperwork.
In some cases, customers simply abandoned the forms. The only alternative open to customers was to make payments in a branch (where applicable) using a debit card. One Family decided to look for a cost-effective debit card solution that would not involve onerous PCI DSS compliance considerations.
The solution.
One Family had already taken the decision to implement a new voice recording solution for its customer services department, so the debit card solution needed to integrate with this. Several vendors were assessed and Magnetic North was selected as the solution provider. A key element of the decision was the inclusion of Sycurio.Voice, which allowed for the entry of card data via the caller’s telephone keypad while the customer service agent remained on the line.
The Sycurio solution allowed One Family to ring-fence the Card Data Entry (CDE) environment, thereby removing the telephone calls from the scope of PCI DSS compliance requirements. Using Sycurio.Voice, customer service representatives would be unable to hear or note down card details, and no card numbers would be stored on site. Sycurio also offered compatibility with One Family’s technical strategy.
“Our employees are free from the responsibility of transcribing credit card data and our telephone system is entirely removed from the scope of PCI DSS. In our business, it’s very important to offer customers all the payment channels they require.”
“Our developers and testers were supported throughout the process by Sycurio technicians and Sycurio’s senior management team was always available if we needed them.“Head of IT and Program Office
One Family
The implementation.
The implementation was carried out by a team which included Magnetic North, Sycurio, RBS WorldPay and BT as well as One Family’s own staff. Sycurio worked closely with One Family to ensure that the technical implementation went smoothly, arranging on-site walk-throughs and explanations of the new functionality for the in-house team. This included the creation of new processes to facilitate the implementation and to ensure PCI DSS compliance, with the support of PCI DSS specialist ProCheckUp.
Sycurio provided One Family with the necessary API information for its developers to integrate Sycurio’s technology into their own application and trained One Family staff on the system. Significant testing took place in a live environment, with the One Family and Sycurio teams working closely together to resolve any project issues that arose.
The results.
“Our employees are free from the responsibility of transcribing credit card data and our telephone system is entirely removed from the scope of PCI DSS. In our business, it’s very important to offer customers all the payment channels they require, and we are delighted that the Post Office, whose product was at the forefront of the implementation, is also very happy with the solution,” said One Family’s project sponsor and Head of Marketing.
One Family plans to extend the use of debit cards and Sycurio’s technology across other products and services.
“Our customers are happy that they can now pay by debit card over the phone, and we are pleased that we don’t need to worry about the PCI DSS compliance of our call center.”
Project Sponsor and Head of Marketing
One Family
“Sycurio employees hold similar values to our own, so our two teams worked extremely well together. Our developers and testers were supported throughout the process by Sycurio technicians and Sycurio’s senior management team was always available if we needed them.
When problems were identified, Sycurio was instrumental in ensuring that everyone stayed with the project and persevered in putting it live. In the end it felt more like a coordinated team effort than a supplier/customer relationship.”
Head of IT and Program Office
One Family