We notice that you’re on our UK site, the version that serves your region is the US Eckoh site.

Case Studies

Proving our solutions work

Pharmacy Retailer
User friendly secure payment solutions for leading high street retailer
User friendly secure payment solutions for leading high street retailer


Industry: Retail Pharmaceuticals    Employees: 70,000 UK   Revenue: £498 million

Business: High street pharmacy, health and beauty retailer, formed in 1849, with around 2,500 stores, a strong web presence and loyalty scheme. They operate one contact centre.

Challenge: Achieving PCI DSS compliance to secure payments and reduce risk to the business, the contact centre and the customer.   

Solution: CallGuard Hosted solution that de-scopes the contact centre from PCI DSS audit.


  • Agent and customer stay in contact throughout the call
  • PCI DSS compliant every minute, of every day
  • No sensitive data is available to steal.


This leading pharmacy-led health and beauty retailer was formed in 1849. With around 2,500 stores in the UK, ranging from local community pharmacies to large destination health and beauty stores it is part of the Retail Pharmacy International Division of a large US organisation which was the first global pharmacy-led health and wellbeing enterprise. Today the business sell their products to the UK and internationally.


Information security is a major focus for this business as they seek to address the rise in data breaches, payment card fraud and other security risks that businesses face today.

Their commitment to tightening security led to them to seek a solution to their contact centre telephone card payments where cardholder data is exposed to the agents and potentially stored in the company’s IT environment. With several hundred agents, operating from their contact centre in Nottingham, the business wanted, as well as needed, to achieve PCI DSS compliance and maintain it, year on year.


Eckoh implemented its fully managed, CallGuard Hosted solution.

When a customer keys in their card details using their phone’s keypad, audio tones (DTMF) are generated which match the card number. Eckoh’s solution instantly replaces these tones with whispered audio ‘tokens’ which are then ‘spoken’ to the agent, who types these into the payment screen. As the token data is not real card information it is completely meaningless to thieves or fraudsters and so can be stored safely. The token data will be switched for the actual cardholder data when it passes through the Eckoh secure platform.

This solution is extremely quick to implement and does not involve complex changes to databases, payment processes, security systems or other IT areas.

With information security playing an important part in this pharmacy-led health and beauty retailer’s business strategy, a PCI DSS secure payment solution was sought that would provide robust and continuous compliance.


This means that the agent never sees or hears, sees or is exposed to the real card data. Neither is the real card data held in any call recordings or storage devices. There is, in effect, nothing meaningful to steal.

  • Agent can stay in conversation with the customer
  • Customer data is protected
  • Agent is not exposed to the data
  • Reduce risk to the business, the agent and the customer
  • PCI DSS compliance achieved.


Get in touch today

Get in touch today and find out how the Eckoh Experience Portal can change your customer engagement for the better.

book a demo

Get In Touch