Industry: Retail Employees: 58,000 Revenue: £9.58 billion
Background: Leading US retailer with a growing global market seeking to secure contact centre payments
Challenge: To achieve and maintain PCI DSS compliance and to secure customer payments through their contact centre
Solution: CallGuard Audio Tokenisation On-Site & Cloud
- PCI DSS compliance
- No sensitive data is exposed to agents or call/screen recordings
- Reduced risk of card fraud
A leading US-based, global retailer of apparel and footwear, founded in 1899 and headquartered in Greensboro, North Carolina, moving to Denver in 2019. They have socially and environmentally responsible operations spanning numerous geographies, product categories and distribution channels.
The company’s more than 30 brands are organised into four categories: Outdoor, Active, Work and Jeans. And, the company controls 55% of the U.S. backpack market with the Jansport, Eastpak, Timberland and North Face brands. They have eight data centres in North Carolina, Florida, Kansas, Canada, Tennessee, Texas, the UK, & Wisconsin. They operate nine contact centres with 275 agents.
Due to the volume of calls that are made to their contact centre that requires taking a card payment over the phone, the organisation needed to comply with the Payment Card Industry Data Security Standard (PCI DSS) in order to be able to continue taking these payments for their services.
As a leading retail business, they also wanted to be able to give their customers confidence that they handle their payment card data securely. With customer service being a key element in retaining and attracting customers, the company wanted to ensure that their contact centre agents could stay in touch with the customer throughout the call.
The business originally sought an on-site solution to satisfy their PCI requirements for processing card transactions while on the phone with their contact center agents. They wanted to de-scope as much of their environment as possible. However, due to their on-premise PBX being non-compliant, the business moved one of their contact centres to the cloud.
Eckoh implemented its patented CallGuard Audio Tokenisation solution that de-scopes the contact centre agent as well as call and screen recordings.
Eckoh was chosen over its nearest competitor due to the simplicity of the CallGuard solution which requires minimal integration with existing systems and so can be easily and quickly deployed. Additional applications can be added easily, and the solution is independent of the Payment Services Provider (PSP) and involved no APIs or vast amounts of coding.
Global apparel retailer chooses Eckoh CallGuard Audio Tokenisation to secure its contact centre payments and achieve PCI DSS compliance. With increased customer confidence and reduced risks, the company is well positioned to grow.
Subsequently, due to a non-compliant PBX system, the business moved one of its contact centers to the cloud and CallGuard was able to work exactly the same in the cloud environment as it did on-site – minimising the risk to agents, customer data and the business.
During the 2020 COVID-19 pandemic the social distancing restrictions meant that the business had to close their bricks-and-mortar stores but were able to use the CallGuard solution to ensure that their agents could operate security from home and continue taking secure and compliant payments.
- Agents and customer cardholder data are protected regardless of whether the contact centre is on-premise or in a home environment
- Maintained business operations through homeworking agents during the 2020 COVID-19 pandemic
- Compliance: PCI DSS compliant secure payments and remove a substantial amount of activity from the scope of the PCI DSS audit.
- De-scoped elements: No contact centre agents are exposed to sensitive payment card data and it is not stored in, or transmitted through, the contact centre environment.
- Reduce risk: No sensitive payment card data is exposed to the agents or the call and screen recordings. This significantly reduces the risk of fraud.