Agent Assisted Payments

Eliminate fraud and PCI DSS compliance risk instantly for every payment taken over the telephone.

How Vulnerable is Your Contact Centre?

When a customer makes a payment over the phone with your agents, are you sure the process isn't at risk from hackers or other criminal activity? And how can your customers be confident that their card data is in safe hands?

More organisations are recognising the potential danger that exists within their contact centres.

But how can you fix the problem, take a huge step towards PCI DSS compliance and stop data breaches in their tracks? Now there’s a simple way.

Agent Assisted Payments

Phone Payments: Four Areas of Greatest Risk

  • A call centre agent (and anyone around the customer) will typically hear the card data as its relayed verbally over the phone
  • The agent will see their card data as they type it into the system
  • The card data is recorded and stored on a call recording system
  • The card data will have been transmitted through networks and systems

CallGuard for Secure Telephone Payments

CallGuard ensures your contact centre remains secure and PCI DSS compliant by avoiding sensitive card data from being heard or seen by your agent — and from being stored on your systems.

CallGuard also enables a better experience for customers. Easy to deploy, it's a cost-effective way to make telephone payments PCI DSS compliant.

How CallGuard Works for You and Your Customers

1. Caller Rings Agent

The caller rings the contact centre to enquire about a product or service. Call recording can continue throughout the entire conversation, including taking a payment.

2. Enter Card Details

The caller enters their card details using their telephone keypad. DTMF tones are intercepted by CallGuard and blocked from entry to the contact centre. Agents do not see the customer’s digits on screen.

3. Payment Authorisation

CallGuard sends the details directly to the Payment Service Provider. The agent is notified of payment approval or rejection. At any stage of the process, the agent or customer can start again if they wish, while remaining in full communication.

Key Benefits of CallGuard

Delivers Significant Savings

  • Any contact centre agent can take payments — no specialists needed
  • No department restructuring needed - no 'clean rooms', reconfiguration, etc.
  • Minimised/eliminated PCI Audit support
  • No expensive IT integration (with Audio Tokenisation option)

Enhanced Experience

  • Increases real and perceived security
  • No reputational/brand risk, or agent fraud
  • No affect on average handling time
  • The agent is on-hand throughout the process
  • Sensitive data cannot be overheard
  • Protection from identity/card data theft
  • Improved customer experience overall

Service and Efficiency

  • All agents can take payments regardless of physical location (office-based, home-based, or off-shore)
  • Agents do not see, hear or repeat any card data
  • Can be implemented with no change to your CRM and payment service provider
  • No need to 'lock down' agent desktops

CallGuard Can De-scope All or Parts of Your Contact Centre Environment from PCI DSS

CallGuard de-scopes your contact centre. Our products are extremely flexible and fit in seamlessly to complement your existing PCI DSS compliance, fraud risk and security measures. Our CallGuard Solution uses DTMF masking or tokenisation technology.

CallGuard Features

HostedOn-Premise
Protects call recordings by stopping DTMF tones from reaching them
Works with all premise-based call recording systems
Prevents agents from hearing any card information
Prevents agents seeing any card information on their screens
Compatible with 100% of PSPs (including multiple providers)
Works with all automated IVR self-service applications
Flexibility to handle unexpected increases in demand
Compatible with all premise-based telephone systems
Can be implemented with no changes to agent payment systems
Can be implemented with no changes to any IT infrastructure
Can remove agent desktops, agents, call recordings, IVR systems, data networks and screen recordings from PCI DSS scope
Removes the entirety of the telephony network from PCI DSS scope, meaning that SAQ-A is applicable

Removes the need for a 'clean room'

Home-working agents and premises are also completely de-scoped from PCI DSS
No changes to call routing


"Eckoh's CallGuard solution has solved the immediate and longer term economic impacts for PCI compliance, protecting businesses and their customers' cardholder data in a cost effective and unique manner. Its elegance and simplicity in design could be considered the iPhone for PCI DSS compliant solutions. Smart!"

Greg Ablett
Senior Vice President, West Corporation

Let's Talk Now

Discover how Eckoh can help you to deliver a more secure customer payment experience.

Contact our friendly experts on:

UK: 08000 630 730
+44 (0)1442 4583000

DTMF Masking

Get the facts about DTMF Masking for secure data entry, as used in our CallGuard solution.

Audio Tokenisation

Use tokens to de-value sensitive card data before it enters your contact centre and remove fraud risk entirely

Alternative Payments

Step ahead of the competition with secure payments via Apple Pay, Google Pay or PayPal over a telephone call.

Live Chat Pay

The only PCI DSS compliant Live Chat Payment solution