Posted inPCI DSS compliance
Imagine wearing a pair of flip-flops on a mountain hike! For contact centres, selecting the wrong secure payment solution can prove just as uncomfortable — and have painful consequences.
Card-Not-Present crime is set to reach £680m by 2020  in the UK and over 60% of this is happening in the contact centre. Payment security is a big issue for business and for customers.
When it comes to PCI DSS compliance, there's a big difference between apparently simple off-the-peg solutions and more tailored approach that fits all your needs and can even de-scope your whole environment.
The idea of choosing something that on the surface seems simple can be seductive. Customer service organisations can be tempted by the idea of choosing a one-size-fits-all solution, switching it on and away they go – ticking the boxes for another year.
But what seems simple today can become fiendishly tricky tomorrow and unles it removes all card data from your environment it still leaves you wide open to data breaches.
So, what might it be good to know from the outset?
What you're really buying into
There are many aspects of a PCI DSS compliant payment solution to consider. These include:
- The customer experience — what it's like when your customers make transactions over the phone, web chat, mobile or another channel
- The agent experience — how they interact with customers and the equipment they use
- The integration — with your internal processes such as billing, order fulfilment, contact history, call recording and even upselling
- The interface with your payment service provider (PSP) and the back-office processes for reconciliation, refunds and reporting
- The vital matter of how much of the PCI DSS compliance burden still sits with the contact centre
The simple truth is that a simple plu-and-play payment product will shoehorn you into uncomfortable compromises in these areas — that becomes more and more apparent over time.
Pinching in painful places
It could be that your web payments are not a problem, but you can't handle transactions during web chat sessions, while payments over the phone may be fraught with security concerns and clunky workarounds.
Then you discover that virtually all the weight of PCI DSS compliance still falls on you — your chosen solutions do not, on their own, achieve compliance. This creates a world of stress and angst - cjamges to business processes, and new rules for agents to follow. Even then, you're not really sure if your security is watertight; there's that nagging fear of possible data breaches.
To follow our footwear analogy, it's like discovering your new ‘bargain basement’ shoes have a tongue missing, a wobbly heel and not much of a sole ... which explains the 'bargain' price.
Also, maybe the solutions you’re using don't integrate easily and so your agents are constantly flipping between systems, which frustrates staff and impacts the customer experience?
In reality, 'one size fits all' can mean one size fits no-one at all.
Finding the right fit for you
Custom payment solutions are different because they fit around your needs — with the minimum effort required on your side. They can wrap around your contact centre to prevent card data enteringit, de-scoping your environment and allowing your to manage your business without constraints. The best secure payment solutions work with your existing processes and systems, to make you PCI DSS compliant without forcing you to change or restricting your future growth. There's a price tag on this, of course, but you'll find it pays off - and then some.
Remember those machines that used to measure your feet in specialist shoe shops? The best secure payment solution providers do something similar. They'll want to understand your business footprint — all the dimensions of your payments processes — so they can offer a perfect fit first time. They'll engage with your specialists to ensure they meet your business needs and expectations from day one.
Discover more today
When it comes to choosing a PCI DSS secure payment solution, why take the risk with an ‘bargain’ offering when you can have something that is made to fit you now and in the future? If you want a secure payment solution that won't give you blisters after a few days, or fall apart after a few weeks, or start to feel tight after a number of months, then take a look at the nine things you need to know about PCI DSS compliance to stay ahead of security threats and discover the most robust solutions available today for securing contact centre payments across all channels.
If you’d like to have a chat about any issues or aspects of your PCI DSS compliance then get in touch.
 National Audit Office
 Aite Group Research
Latest Blog Items
Wednesday, 01 July 2020 Remote working for contact centres: Critical next steps, beyond the crisisRemote working — is here to stay. How to make sure security is not compromised
Friday, 19 June 2020 Nine things that bug you about PCI DSS complianceCompliance with the Payment Card Industry Data Security Standard (PCI DSS) helps companies to demonstrate they can process card payments securely and reduce card fraud.
Wednesday, 10 June 2020 Contact centre resilience – 5 lessons learned from COVID-19In the words of Elvis, we’re ‘all shook up’. Not surprising after the initial reaction to the global pandemic that is COVID-19. It’s changed how we think, live and work and why it’s important to build resiliency into contact centre operations.