06 July 2011: Secure customer interactions specialist The Logic Group is today announcing a partnership with Semafone that represents a new way to reduce costs and risk in card transactions by taking payment environments out of scope for the Payment Card Industry Data Security Standard (PCI DSS).
As the cost of PCI DSS compliance continues to rise, merchants are increasingly looking for ways to avoid managing card holder data internally. Combining the payment solutions offered by market leaders The Logic Group and Semafone, has provided the answer by taking the card data taken via contact centre or ecommerce channels and hosting it externally in a PCI approved, compliant environment.
Paul Russell Senior Solutions Marketing Manager at The Logic Group comments, “PCI compliance is a long term issue for any company that holds personal customer data. There are more than 220 controls to contend with; and there is no tick box approach to achieving compliance with them. The good news is that this partnership means that retailers and merchants can dramatically ease their compliance burden. By removing contact centre and ecommerce environments from PCI scope, they can help cut costs, meet compliance objectives and reduce fraud risk.”
How it Works
At the point of payment Semafone technology blocks the dial tones from both the agent and call recording system, passing the payment details directly to The Logic Group for payment, eliminating the risk of fraud as payment information is not heard by the agent or stored by the company.
Graham Thompson, Sales and Marketing Director, Semafone comments, “The vocal element of the customer engagement over the phone carries with it additional security challenges, including the recording of calls. And since call centre agents typically input cardholder data into a computer system, even their machines fall within scope of PCI DSS compliance.”
The solution is unique in that agents do not ask cardholders to share their card details verbally; instead they ask them to use their telephone keypad to enter the numbers. The system masks the tones from the cardholder’s telephone, replacing them with a flat tone that cannot be identified. The Logic Group’s Secure Payment Solutions process the payment and returns the authorisation result with a unique token. Encrypted card data is then held in The Logic Group’s PCI compliant data centres.