Is your contact centre protecting customer card data with expensive sticking plasters? If so, then don't be surprised if fraudsters tear through. You'll need a radical rethink to stop criminals.
As we saw in a recent blog, card-not-present (CNP) crime is a growing issue that's impacting contact centres.
Criminals exploit weak links. If one door locks, they'll try another. So as online and point-of-sale transactions have become more secure, criminals are now targeting the contact centre. In fact, CNP fraud is now 81% more likely than point-of-sale fraud, according to research.*
Fraudsters follow the money. So once credit card data enters the contact centre environment, the game is on. Criminal activity will most likely pop up where the system is weakest.
Fighting a losing battle
Even if you’ve achieved PCI DSS compliance on paper, your contact centre can be still at risk of a breach. That’s because some of the common methods used to achieve PCI DSS certification may be time-consuming and expensive — and yet still fail to provide security or a smooth customer experience.
Organisations often combine multiple techniques to protect card data. Let's look at two examples:
- Pause-and-resume systems are sometimes used when customers wish to make payments over the phone. But this method can still allow your agents to see and hear card information, and isn’t always reliable. Systems can be prone to agent errors or malfunctions — which can frustrate customers.
- Clean rooms environments rely on agents not using any pens, paper, phones or other recording devices of any kind. But even if you're able to enforce controls rigidly, transferring calls to a clean room can result in a poor customer experience.
As well as proving expensive, fiddly and far from watertight, these two methods can feel clunky to today's customers, who assume their financial information will be kept safe anyway and want an ultra-smooth experience when they pay.
Shifting callers to another channel such as a payment IVR or clean room environment can be irritating, . So it's no wonder if poor payment practices lead to lower satisfaction scores.
Applying a patchwork of point solutions like these is really paddling around the edges of a problem rather than getting in deep and solving it.
Tackling CNP fraud successfully requires an holistic approach. It's about:
- What customers say aloud
- What agents see
- What they hear
- What's recorded by systems
- What's stored on networks
Only when each risk is effectively reduced to zero can contact centres breath a sigh of relief. But the good news is that you don't need a mesh of systems to keep out the criminals. It's simpler than that.
How's it done?
Discover how to protect yourself against fraud in the contact centre by downloading your copy of Why you need to rethink your PCI DSS strategy.
Find out how to prevent card data from ever entering the contact centre environment, which means all of your contact centre can be removed from PCI DSS audit scope. Agents can’t see or hear it, but they can remain in constant contact with your customers during the transaction, providing reassurance.
The technology exists today — and you don't need to rip and replace existing systems. Many FTSE businesses in the retail, insurance, travel, leisure, and entertainment sectors have found a way to keep card data secure while delivering a great customer experience.
*Source: 2018 Identity Fraud Study, Javelin Strategy & Research
Latest Blog Items
Wednesday, 01 July 2020 Remote working for contact centres: Critical next steps, beyond the crisisRemote working — is here to stay. How to make sure security is not compromised
Friday, 19 June 2020 Nine things that bug you about PCI DSS complianceCompliance with the Payment Card Industry Data Security Standard (PCI DSS) helps companies to demonstrate they can process card payments securely and reduce card fraud.
Wednesday, 10 June 2020 Contact centre resilience – 5 lessons learned from COVID-19In the words of Elvis, we’re ‘all shook up’. Not surprising after the initial reaction to the global pandemic that is COVID-19. It’s changed how we think, live and work and why it’s important to build resiliency into contact centre operations.