Is your contact centre protecting customer card data with expensive sticking plasters? If so, then don't be surprised if fraudsters tear through. You'll need a radical rethink to stop criminals.
As we saw in a recent blog, card-not-present (CNP) crime is a growing issue that's impacting contact centres.
Criminals exploit weak links. If one door locks, they'll try another. So as online and point-of-sale transactions have become more secure, criminals are now targeting the contact centre. In fact, CNP fraud is now 81% more likely than point-of-sale fraud, according to research.*
Fraudsters follow the money. So once credit card data enters the contact centre environment, the game is on. Criminal activity will most likely pop up where the system is weakest.
Fighting a losing battle
Even if you’ve achieved PCI DSS compliance on paper, your contact centre can be still at risk of a breach. That’s because some of the common methods used to achieve PCI DSS certification may be time-consuming and expensive — and yet still fail to provide security or a smooth customer experience.
Organisations often combine multiple techniques to protect card data. Let's look at two examples:
- Pause-and-resume systems are sometimes used when customers wish to make payments over the phone. But this method can still allow your agents to see and hear card information, and isn’t always reliable. Systems can be prone to agent errors or malfunctions — which can frustrate customers.
- Clean rooms environments rely on agents not using any pens, paper, phones or other recording devices of any kind. But even if you're able to enforce controls rigidly, transferring calls to a clean room can result in a poor customer experience.
As well as proving expensive, fiddly and far from watertight, these two methods can feel clunky to today's customers, who assume their financial information will be kept safe anyway and want an ultra-smooth experience when they pay.
Shifting callers to another channel such as a payment IVR or clean room environment can be irritating, . So it's no wonder if poor payment practices lead to lower satisfaction scores.
Applying a patchwork of point solutions like these is really paddling around the edges of a problem rather than getting in deep and solving it.
Tackling CNP fraud successfully requires an holistic approach. It's about:
- What customers say aloud
- What agents see
- What they hear
- What's recorded by systems
- What's stored on networks
Only when each risk is effectively reduced to zero can contact centres breath a sigh of relief. But the good news is that you don't need a mesh of systems to keep out the criminals. It's simpler than that.
How's it done?
Discover how to protect yourself against fraud in the contact centre by downloading your copy of Why you need to rethink your PCI DSS strategy.
Find out how to prevent card data from ever entering the contact centre environment, which means all of your contact centre can be removed from PCI DSS audit scope. Agents can’t see or hear it, but they can remain in constant contact with your customers during the transaction, providing reassurance.
The technology exists today — and you don't need to rip and replace existing systems. Many FTSE businesses in the retail, insurance, travel, leisure, and entertainment sectors have found a way to keep card data secure while delivering a great customer experience.
*Source: 2018 Identity Fraud Study, Javelin Strategy & Research
Latest Blog Items
Tuesday, 21 January 2020 PCI DSS compliance – can you see the hidden threatsTitanic differences in de-scoping vendors
Tuesday, 14 January 2020 Challenge #4: Customers get stuck serving themselvesIf your customers hit problems that stop them from purchasing online or completing important information, can you step in heroically — and save the day? Every company needs a lifeguard.
Monday, 06 January 2020 The Contact Centre of the Future - part 1 - CustomersWhat will the Contact Centre of the Future look like? In a five-part series, Ashley Burton, Head of Product at Eckoh, explores the radical changes ahead – starting with a new breed of customer that's emerging.