Back to top
Sycurio Voice & Digital

Omnichannel Payment Security Solutions

Sycurio.Voice and Sycurio.Digital deliver frictionless payment and secure transaction experiences across all your customer engagement channels, whilst ensuring your organization meets regulatory and compliance obligations.

Request a demo

A comprehensive and secure payment and transaction platform.

frictionless payments

Our applications and services enable you to confidently secure and compliantly manage your entire payment and transaction environment.

Featuring powerful and flexible tools for every channel you choose to transact in, Sycurio’s solutions give you a rich choice of highly configurable features. These include:

  • Extensive Payment Service Provider (PSP) support
  • Interactive Voice Response (IVR) integration
  • Dedicated monitoring and reporting capabilities
  • Live payment process tracking
  • Transaction process insight
  • Bank account Automated Clearing House (ACH) verification and transactions
  • Full API access and intuitive user interfaces
  • Locked and hardened browsers for external system integrations

Sycurio.Voice is a globally trusted solution for automatically securing your customers’ payment card, banking, and personal data during telephone and automated IVR transactions.

As well as making payments over the phone more streamlined and secure for customers and agents, Sycurio.Voice prevents sensitive customer information from being exposed to your people, your processes, your environment, and your systems

call
customer
secure
server
call recording

Step 1:  Your customer calls the contact center and begins their conversation.

Step 2:  When the customer needs to share sensitive data, your agent initiates SecureMode. This masks the Dual-Tone Multi-Frequency (DTMF) tones as the customer inputs their data using their telephone keypad or by speech recognition.

Step 3:  The captured secure data is dynamically routed to your processor – entirely bypassing the company network. No sensitive data enters the environment, so you can record the call from start to end.

Step 4:  Sycurio.Voice removes the transaction almost entirely from the scope of your organization’s PCI DSS compliance obligations.

Benefits at a glance.

  • Cloud and flexible hybrid solution that overlays seamlessly into your existing telecoms and contact center infrastructure
  • Moves your entire contact center, remote agents and IVR out of scope of the majority of PCI DSS compliance obligations
  • Protects your brand, reputation and bottom-line
  • Creates a frictionless customer transaction experience across all your voice channels
  • Significantly reduces your risk of breach by securing sensitive customer payment, banking or personal data dynamically during the call and routing it away from your agent and infrastructure directly to the processor
  • Integrates seamlessly with Sycurio.Digital, our solution for powering secure omnichannel chat, social and email transactions
  • Reduces average handling times(AHT) and improves first time resolution (FTR) rates
  • Saves on costly PCI DSS compliance management and delivers a proven return on investment

Sycurio.Digital is an innovative easy to deploy UI and API driven omnichannel digital payments solution which powers better customer payment experiences across all your engagement channels.

Featuring powerful and flexible tools for every channel you choose to transact in, Sycurio.Digital makes it easy to unleash seamless and secure payment flows for customers via a variety of digital channels

customer
link
device
card

Payment card details never enter the contact center infrastructure or digital channel systems​

Step 1:  Customer interaction with agent or digital channel​.

Step 2:  Payment link is generated ​
via API or Agent UI.

Step 3:  The payment link is ​embedded in the channel​.

Step 4:  Customer opens and follows link, enters payment card information. The transaction progress is monitored in real-time by the merchant systems or agent.

Benefits at a glance.

  • Comprehensive and well documented API
  • Integrates with Sycurio.Voice for voice-based payment transactions
  • Integrated cloud application with clear and simple user interface (UI) for agents
  • The customer’s payment card information is secured and directly routed to the processor – it entirely bypasses your network, removing the risk of data breach
  • Removes the payment transaction almost entirely from the scope of PCI DSS compliance obligations
  • Creates the same frictionless customer payment transaction experience across all your engagement channels
  • Reduces PCI DSS compliance costs and delivers

Learn how Sycurio can help your organization.

Speak to an expert

A globally trusted
security partner.

In a world where payments and customer interactions are increasingly digitized, we help businesses put data security and protection at the heart of everything they do.

contact center

We’ve come a long way since our inception in 2009, when our pioneering technologies first revolutionized how call and contact centers enable compliant and secure telephone payments. Over the years, we’ve continued to innovate.

data

Today our best-in-class data security solutions and services help organizations transform and simplify how they manage consumer data protection, regulatory compliance and payment security. So they can safeguard every customer interaction in every channel – and deliver a standout customer experience that builds consumer trust and loyalty.

listen

By listening to our customers and partners – and anticipating their needs – we continue to enrich our portfolio of solutions. Ensuring they can transition with confidence into a digital-first world.

Reduce your PCI DSS and regulatory compliance costs.

Sycurio’s technologies automate the capture, separation and transmission of sensitive data such as card and bank payments, or health and personal information from your contact center, remote agents, web-service and applications.

The sensitive information is passed directly to your data processor through our secure infrastructure without it ever entering your environment – protecting your customers, agents and your business.

​​As well as significantly descoping your organization and reducing the cost of compliance, this approach enables you to maintain regulatory compliance in relation to privacy and security for any health or financial related transactions.​

PCI DSS (Global)

The Payment Card Industry Data Security Standard (PCI DSS)is a framework of security standards created to ensure that organisations thataccept, process, store or transmit payment card information maintain a secureenvironment.

The Payment Card Industry Security Standards Council (PCISSC) began operating in 2006 with the goal of managing the Payment CardIndustry (PCI) security standards and improving payment security throughout the entire transaction process. The PCI DSS is administered by the PCI SSC, an independent entity created by Visa, MasterCard, American Express, Discover and JCB.

pcisecuritystandards.org
PCI Security Standards Council

GDPR (EU / UK)

The European Union General Data Protection Regulation (GDPR) and the Data Protection Law Enforcement Directive align with the UK’s General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

GDPR is a wide-ranging and actively enforced legislation in both the EU and UK. It applies to almost all businesses and organisations that operate in or within the EU and the UK.

All personal data (information about a particular living individual) and its processing (collecting, recording, storing, using, analysing, combining, disclosing, transmitting, deleting) is subject to GDPR legislation.

Since GDPR became law in 2018, enforcement has led to significant fines. Recently, these have included Amazon €746/$877M in 2021, WhatsApp €225/$255M in 2021, Google Ireland €90/$102M in 2022, and Facebook €60/$68M in 2022. Fines relating to data breaches that included the potential exposure of personal and payment information have included; Ticketmaster £1.25M in 2020, British Airways £20M in 2020, and Marriott International in £18.4M 2020.

gdpr

CCPA (USA)

The California Consumer Privacy Act (CCPA) gives consumers control over the personal information that businesses collect about them, including their name, social security number, email address and biometric data.

Organisations can be sued for data breaches of non-encrypted and non-redacted data where reasonable security procedures and practices have not been in place to protect it.

oag.ca.gov
ccpa

HIPAA (USA).

The Health Insurance Portability and Accountability Act of1996 (HIPAA) is a US federal law which protects sensitive patient health information from being disclosed without the patient’s consent or knowledge.

A major element of HIPAA is the Privacy Rule, which ensures that individuals’ protected health information (PHI) is properly protected while allowing the sensitive information to flow effectively.  This rule is supported with the Security Rule, which requires all individually identifiable health information created, received, maintained, or transmitted in electronic form (electronic Protected Health Information - e-PHI) to be securely managed.

To comply with the HIPAA Security Rule, all parties must:

  • Ensure the confidentiality, integrity, and availability of all electronic protected health information
  • Detect and safeguard against anticipated threats to the security of the information
  • Protect against anticipated impermissible uses or disclosures
  • Certify compliance by their workforce
cdc.gov
hipaa

PSD2 (EU)

The European Union Payment Services (PSD 2) - Directive (EU) 2015/2366 is commonly referred to as PSD2.  This legislation is also applicable in the UK as an element of the Payment Services Regulations (PSR) 2017.

The legislation was enacted in part to require providers of payment services and third-party payment service providers to improve customer authentication processes and introduce Strong Customer Authentication (SCA) protocols, such as two factor authentication (2FA).

The widespread implementation of 3D Secure version 2 security protocol (3DS2) and other multi-factor authentication processes in consumer and business payment environments is a result of the Directive.

ec.europa.eu
psd2

FCA SYSC 10A (UK)

The UK Financial Conduct Authority’s telephone and electronic communication recording rules were derived from the EU Markets in Financial Instruments Directive (Directive 2004/65/EC).

The FCA SYSC 10A requires full and accurate records of financial service industry transactions, including telephone conversations, and electronic communications must be retained for at least six months.

fca.org.uk
Financial Conduct Authority

MiFID II (EU)

The European Securities and Markets Authority (ESMA) Markets in Financial Instruments Directive (MiFID II) and the Markets in Financial Instruments Regulation (MiFIR) are a legislative framework that covers a wide range of financial instruments and market activities.

Within this body of legislation there is an obligation to retain secure audited and accessible records for a minimum period of five years from the date of the communication.

esma.europa.eu
mifid ii

GLBA (USA)

The Gramm-Leach-Bliley Act (Financial Services Modernization Act of 1999) is a US federal law that controls the management of private consumer information by financial institutions and business that supply credit or finance as part of their offering (for example, auto dealers).

Under the GLBA Safeguards & Privacy Rules, financial institutions and businesses must control, secure and protect the non-public information (NPI) they collect, store, share and process.

The Safeguards Rule has two key elements:, financial institutions should implement both logical and physical security protocols, and provide breach notifications when NPI is compromised.

Penalties for failure to comply with GLBA are potentially severe, with civil fines of $100,000 per violation, and officers/directors may face personal liability fines per-violation of $10,000.

ftc.gov
glba

Nacha (USA)

Nacha develops, governs, manages and enforces the operating rules for the Automated Clearing House (ACH) Network which powers the Direct Deposits and Direct Payments for US banks and credit unions.

nacha.org
nacha

ISO/IEC 27001:2013 Information security management

Managed and published by the International Organization for Standardisation (ISO) in partnership with the International Electrotechnical Commission (IEC), ISO/IEC 27001 is globally recognised as the leading standard and framework for information security.

The ISO 27001 framework enables organisations to protect their information in a systematic way using an Information Security Management System (ISMS).

iso.org
iso

3DSecure2 (3DS2)

The 3D Secure version 2 security protocol aims to prevent the fraudulent use of credit cards by multi-factor authentication of cardholders in card-not-present (CNP) transactions.

It is developed and managed by EMVCo, an organisation jointly owned by major payment card brands. The three domains in which the protocol operates are the issuer, acquirer and interoperability domains (hence ‘3D’).

3dsecure2.com
3dsecure2

Features.

Learn how Sycurio can help your organization.

Speak to an expert

Integrate with confidence.

We make it straightforward to build secure and easy-to-manage enterprise-wide payment environments.

Designed to minimize disruption, Sycurio.Voice and Sycurio.Digital seamlessly integrate with your existing infrastructure; including your telephony, as well as the full range of contact center applications, from CRM to payment processing.

Deployment Options

When it comes to deployment options, our multi-instance architecture gives you a choice of cloud, hybrid or on-premises (with our dedicated appliances), so you can find the best fit for your needs.

CRM

Seamless integration for CRM platforms including Salesforce & EPIC

PSP

60+ Leading Payment Service Providers (PSPs)

IVR

Enables agentless voice-based IVR payment transactions

Telephony

Support for global Telephony & Carrier services

Deployment

Flexible Cloud, Hybrid (Cloud + On-premise) or On-Premise deployment options

CCaaS

Overlays with Contact Center Software Solutions (CCaaS)

UCaaS

Integrates with Unified Communication Software Solutions (UCaaS)

Unrivalled knowledge. Dedicated support.

As a trusted global information security company with international security and payment accreditations and Level 1 PCI DSS Service Provider status we have unrivalled experience in delivering innovative transaction solutions that protect our customers’ data and ultimately, their reputations.

Our Professional Services team can advise, design, and execute the most effective solutions to secure your payment and transaction infrastructure. Working on the frontline alongside your network, operations and security teams, our Support and Customer Success teams give you fluid and direct access to our technical resources and deep systems knowledge. Ensuring your systems stay optimized to assure delivery of a frictionless customer experience.

Speak to an expert
support

Our support and professional services options include:

  • 24/7/365 critical incident support team
  • Post-incident reviews and health checks
  • Maintenance, patch and upgrade scheduling
  • System health monitoring
  • Account reviews and customer success service management
  • Payment systems solution design and architecture
  • Customizations and change control management

Related.

Sycurio - How it works

Sycurio - How it works

PCI DSS descoping with Sycurio

PCI DSS descoping with Sycurio

Why secure payments are the key to omnichannel retail success

Why secure payments are the key to omnichannel retail success

Learn how Sycurio can help your organization.

Speak to an expert