Industry: Travel Employees: 120,000 Turnover: £13.65 billion
Business: Global travel organisation, based in Miami, operating one of the largest cruise fleets in the world, with a UK contact centre.
Challenge: To achieve and maintain PCI DSS compliance to reduce risk of fraud and impact of data breaches.
Solution: CallGuard for agent-assisted payments and PCI DSS compliance.
- Speedy implementation
- Sensitive data is not included in call recording
- Agent and customer remain in contact throughout the interaction.
Carnival Corporation & plc, headquartered in Miami, is a global cruise company and one of the largest leisure companies in the world. With a reputation for progression and innovation, its cruise brands include the well-known names of P&O Cruises, Cunard Line, Princess Cruises, Seabourne, P&O Cruises Australia, Holland America Line and Carnival Cruise Lines.
Their UK arm, Carnival UK, has a large call centre which regularly takes card payment details from customers and agents over the phone.
Carnival Corporation’s UK arm, Carnival UK, is based in Southampton where its large 250 seat call centre manages calls and bookings from both customers and agents, relating to several of their cruise brands.
Within this busy operation, agents take payments from customers by telephone. As Carnival UK records all of their calls and PCI DSS guidelines prevent the storage of credit card data in recorded calls, they were looking to implement a proven solution that would ensure further enhancements to customer data security.
The solution had to remove customer card details from voice system recordings and:
- be compatible with Carnival UK’s existing call recording system,
- have no effect on Carnival UK’s green-screen reservation system
- be able to manage screen recording as well as call recording
- and be rolled out quickly and smoothly, causing minimal impact on the business.
Working with Carnival UK’s IT team CallGuard was installed as an overlay to their existing IT infrastructure.
The Filter was installed alongside their existing call recording system and USB Decoders were implemented at every agent’s work terminal.
Together they allow customers to communicate their payment card details by using the telephone keypad during the course of a call.
CallGuard makes any call recording system PCI DSS compliant by stopping the recording of sensible data through detecting and blocking DTMF tones.
Datashield obscures card data with asterisks on screen which means that payment data cannot be accessed, viewed or copied in any way.
The team were responsive to our needs throughout the project. They were flexible in their approach and communicated progress at regular states, meeting all the challenges we set. Carnival UK
The solution was implemented quickly and smoothly without requiring changes to existing IT and telephony systems; furthermore, staff training was minimal and delivered remotely through WebEx.
CallGuard has further secured Carnival UK’s busy contact centre, which in turn has quickly become PCI DSS compliant, boosting customer confidence in their payment system.