PROFILE: Industry: Telecommunications Employees: 30,000 Revenue: US$ 32.18 bn
BUSINESS: Telecommunications business providing wireless and internet services.
CHALLENGE: Need for PCI DSS compliance by de-scoping as much of the contact center.
SOLUTION: CallGuard Audio Tokenization On-site.
- PCI DSS compliance achieved
- Customer payments made secure
- Robust solution that’s simple and fast to deploy.
This client is a wireless and internet service provider. They are one of the largest mobile network operators in the US with over 50 million customers. They also offer wireless voice, messaging and broadband services through various subsidiaries and wholesale access to This client is a wireless and internet service provider. They are one of the largest mobile network operators in the US with over 50 million customers. They also offer wireless voice, messaging and broadband services through various subsidiaries and wholesale access to its wireless networks. They have two data centers and 30,000 contact center agents..
As the two contact centers take card payments over the phone and via their IVR, they needed to comply with the Payment Card Industry Data Security Standard (PCI DSS) and ensure their business could grow.
They were seeking a solution that would significantly reduce the burden of compliance by removing as much of their contact center from the scope of the PCI DSS audit as possible and meet their very short production installation timelines. The client particularly wanted to include their session border controllers in the de-scoping of their contact center.
The client chose Eckoh to deliver its patented CallGuard Audio Tokenization On-site solution, with full CTI integration because it is the most secure solution available to de-scope data from PCI DSS scope. It also has zero impact on the client's internal processes and third-party token vault process.
When a customer keys in their card details using their phone keypad, audio tones (DTMF) are generated.
Eckoh’s solution instantly replaces these tones with an audio ‘token’ audio ‘token,’ which is automatically placed directly into the payment field on the agent’s screen. As the token data is not real card data it is completely meaningless and of no value a criminal.
In addition, because Eckoh does all of the “heavy lifting” for the implementation, Eckoh could guarantee their desired go-live date would be met. CallGuard is also much quicker to install as there is no need for API and application development changes.
- PCI DSS compliance – achieved and all of their call center transactions are de-scoped
- CallGuard becomes the default payment capture method input for their permanent token provider when capturing new payment data information
- No sensitive data is seen or heard by agents, captured in the call recording, stored in systems or traverses their networks – not even their session border controllers. As there’s no data in the system, there is nothing to steal.
- The contact center agents can take card payments from their customers over the telephone and via their IVR in a secure manner.