In 2011 TalkTalk was introduced to Sycurio and it became clear that the only guaranteed way of taking its contact center ‘out of scope’ of PCI DSS was to remove all payment card data completely, and it could do this by using Sycurio.Voice.
Sycurio.Voice uses Sycurio’s patented payment method and Dual-Tone Multi-Frequency (DTMF) masking technology to enable TalkTalk’s customers to enter their credit card details into their telephone keypad; the incoming card numbers are then intercepted, and the call center agent is presented with masked (flat tone) digits. Once the system has verified that the information entered is correct, it then seamlessly passes the payment transaction data through to the PSP for processing, by-passing the contact center and the desktop environment completely.
The solution dramatically reduces the complexity and number of controls required for PCI DSS and allows the agent and customer to remain in full voice communication throughout the entire process.
The move to a CPE solution within TalkTalk’s data center.
TalkTalk initially deployed Sycurio ‘on premises’ in its UK contact centers, later expanding the solution to serve TalkTalk’s overseas contact centers.
In its quest to protect customer data, TalkTalk continually tests and challenges its entire network to ensure that payment card data stays ‘out of scope’ of PCI DSS and remains secure. Previously, card data was transmitted to its PSP, and was potentially still at risk when it touched its systems’ network. TalkTalk worked closely with Sycurio to create a solution that primarily protected its customers by handling their card data in the best way possible, which in turn allowed the company to gain and maintain its PCI DSS accreditation.