Secure customer credit card data in compliance with PCI DSS Standards. Loans and mortgage company Swift needed to increase the security of customer credit card data in phone calls to meet the latest Payment Card Industry Data Security Standards (PCI DSS).
As an FSA regulated mortgage lender, Swift is required to record all phone calls including payments, and these too needed to be made secure. The Council of Mortgage Lenders (CML) encourages its members to be both FSA and PCI DSS compliant, leading to the technical challenges which Sycurio solutions have been specifically designed to tackle.
While there are various solutions available, Swift executives were concerned that they needed an electronic payment system that would be efficient and easy to manage as well as one that would be accepted by their staff of trained professionals.
The system needed to be cost-effective, and be able to integrate with Swift’s existing telephone and computer systems with a minimum of disruption.
Specialized software that significantly reduces the scope of PCI DSS compliance for credit and debit card data within the contact center.
Sycurio worked with Swift’s banking partner, Barclaycard, to provide a solution that would reduce PCI DSS compliance directives for its credit and debit card payments, removing the requirement for costly security measures. Sycurio. Voice integrates with Barclaycard’s ePDQ system and masks the Dual-Tone Multi-Frequency (DTMF) tones from a phone with flat tones. While speaking to an agent, customers input their credit and debit card details via their telephone keypad; the number is not visible (or audible) to the agent and therefore cannot be recorded.
During the transaction, the agent’s screen displays the customer’s credit and debit card number as asterisks (only the last four digits show), and the payment is processed by the agent via a Sycurio hosted web page.
After an initial period of negotiation and evaluation, Sycurio began the implementation of Sycurio.Voice. Staff were provided with full training and given a brief series of instructions to help them through the first few days working with the new functionality. Sycurio staff visited the premises and were on permanent call to deal with any potential problems during the installation period and beyond.
Sycurio has maintained a relationship with Swift and has advised the company on cost-effective strategies for dealing with its legacy data and the future development of the system.
“When we first saw Sycurio in action it was very impressive, much better than our previous system. It just works, and is very easy for our staff and customers to use.“
“I’m confident that we have future- proofed our payment system against any future changes in PCI DSS regulations.”
Reduced costs and risks, with improved efficiency.
Slashed costs: Sycurio provided a cost- effective solution that undercut many more established methods of de-scoping or securing credit card data. The average time staff spend processing payment calls was significantly reduced with potential savings for man-hours and recruitment.
Greater efficiency: The simplicity of the new system’s automatic process meant that staff had a short learning curve to undertake. In trials conducted just after the installation, managers found that the time taken to process a payment had been cut by more than half. Since completion, the new system has also proved to be stable with a minimum of downtime experienced.
Tougher security: The potential for fraud by staff is virtually eliminated, since agents no longer have any access to customers’ credit card data at the point of processing the payment.
Better for staff: Staff were impressed with the new system and said so to their managers. Staff satisfaction with Sycurio.Voice has led to a happier, more productive payment processing working environment.
Better for customers: Customers are happier because they can spend less time on the phone, and don’t need to say their credit card details aloud, especially where others might be listening. And since the system requires the presence of an agent, there’s still an opportunity for the ‘personal touch’, without the need to abandon customers to a fully automated payment system.