Industry: Aviation Employees: 2,100 Revenue: ZAR 6.06
Business: A long established scheduled airline operating 28 aircraft to 11 destinations in South Africa. It has a contact centers with a total of 210 agent seats in Johannesburg and Cape Town.
Challenge: To achieve PCI DSS compliance to enable card payments over the phone and web. Securing payments to reduce the risk of fraud for their business, agents and customers.
Solution: CallGuard secure payment solution to prevent card details from being seen or heard by agents.
- Significant reduction in risk
- Agents remain in touch throughout the call
- Calls securely recorded for legal, training and quality.
Comair is a South African-based aviation company founded in 1946. Its headquarters are in Kempton Park, Gauteng, Johannesburg from where It operates scheduled services on domestic routes as a British Airways franchisee and part of the Oneworld Alliance. It also runs as a low-cost carrier under its own kulula.com brand. The main base is OR Tambo International Airport, Johannesburg
Comair’s main base is O.R Tambo International Airport, Johannesburg South Africa. It has a 90 seat contact centre in Johannesburg and a 120 seat contact center in Cape Town. They manage calls and bookings from both customers and agents.
Within this busy operation, thousands of calls come in from customers relaying credit card details. Comair needed a method that would comply with Payment Card Industry Data Security Standards (PCI DSS), prevent the storage of credit card data on their call recorders and maintain their high level of customer service. They wanted to change the process of capturing credit card numbers from being spoken by the caller and then entered by the agent, to being keyed into the phone’s handset by the caller.
Comair needed the solution to...
- Enable further enhancements to customer data security
- Be compatible with Comair’s existing call recording system,
- Have zero effect on Comair’s green-screen reservation system
- Manage screen recording as well as call recording
- Be quick to implement with minimal impact on the business
Comair chose Eckoh’s CallGuard to secure their agents and call recordings from being exposed to sensitive customer card data.
A Tone Device was installed on each agent desktop and phone which encrypts the card details before they enter the agent’s screen. The agent only hears the sound of the numbers being keyed in (DTMF tones).
A filter was also installed next to the call recorder to remove the DTMF tones made through the keypad and replace them with flat tones. This means call recording can continue as it only picks up the flat tones.
Finally, DataShield was uploaded onto the agents’ desktops to mask the card data from appearing on the screens as the Tone Device interprets the pressed keys into numeric data entry. These fields cannot be accessed by agents and ensures that the information cannot be communicated, stored or written down.
The biggest challenge we had to overcome was finding a solution that would allow us to continue to offer 100% caller and agent interaction as well as 100% call recording of payment calls. We found the answer in CallGuard. The solution was easy to install and the Eckoh team were responsive to our needs throughout the project. Comair
- The sensitive payment card data is completely omitted from call recordings
- The telephone call is recorded without the card data
- The agent retains full two-way control of the call
- No need to change existing telephony and IT structures
- Quick implementation
- Delivers PCI DSS compliance
- Staff training is made simpler.