Posted inPCI DSS Compliance
Imagine wearing a pair of flip-flops on a mountain hike! For contact centers, selecting the wrong secure payment solution can prove just as uncomfortable — and have painful consequences.
Card-Not-Present crime is set to reach $7.2 billion by 2020  in the UK and over 60% of this is happening in the contact center. Payment security is a big issue for business and for customers.
When it comes to PCI DSS compliance, there's a big difference between apparently simple off-the-peg solutions and a more tailored approach that fits all your needs and can even descope your whole environment.
The idea of choosing something that on the surface seems simple can be seductive. Customer service organizations can be tempted by the idea of choosing a one-size-fits-all solution, switching it on and away they go – ticking the boxes for another year.
But what seems simple today can become fiendishly tricky tomorrow, and unless it removes all card data from your environment it still leaves you wide open to data breaches.
So, what might it be good to know from the outset?
What you're really buying into
There are many aspects of a PCI DSS compliant payment solution to consider. These include:
- The customer experience —what it's like when your customers make transactions over the phone, web chat, mobile or another channel
- The agent experience — how they interact with customers and the equipment they use
- The integration — with your internal processes such as billing, order fulfilment, contact history, call recording and even upselling
- The interface with your payment service provider (PSP) and the back-office processes for reconciliation, refunds and reporting
- The vital matter of how much of the PCI DSS compliance burden still sits with the contact center
The simple truth is that a simple plug-and-play payment product will shoehorn you into uncomfortable compromises in these areas — that become more and more apparent over time.
Pinching in painful places
It could be that your web payments are not a problem, but you can't handle transactions during web chat sessions, while payments over the phone may be fraught with security concerns and clunky workarounds.
Then you discover that virtually all the weight of PCI DSS compliance still falls on you — your chosen solutions do not, on their own, achieve compliance. This creates a world of stress and angst – changes to business processes, and new rules for agents to follow. Even then, you're not really sure if your security is watertight: there's that nagging fear of possible data breaches.
To follow our footwear analogy, it's like discovering your new ‘bargain basement’ shoes have a tongue missing, a wobbly heel and not much of a sole ... which explains the 'bargain' price.
Also, maybe the solutions you’re using don't integrate easily and so your agents are constantly flipping between screens, which frustrates staff and impacts the customer experience.
In reality, 'one size fits all' can mean one size fits no-one at all.
Finding the right fit for you
Custom payment solutions are different because they fit around your needs — with the minimum effort required on your side. They can wrap around your contact center to prevent card data entering it, descoping your environment and allowing you to manage your business without constraints. The best secure payment solutions work with your existing processes and systems, to make you PCI DSS compliant without forcing you to change or restricting your future growth. There's a price tag on this, of course, but you'll find it pays off – and then some!
Remember those machines that used to measure your feet in specialist shoe shops? The best secure payment solution providers do something similar. They'll want to understand your business footprint — all the dimensions of your payments processes — so they can offer a perfect fit first time. They'll engage with your specialists to ensure they meet your business needs and expectations from day one.
Discover more today
When it comes to choosing a PCI DSS secure payment solution, why take the risk with a ‘bargain’ offering when you can have something that is made to fit you now and in the future? If you want a secure payment solution that won't give you blisters after a few days, or fall apart after a few weeks, or start to feel tight after a number of months, then take a look at the nine things you need to know about PCI DSS compliance to stay ahead of security threats and discover the most robust solutions available today for securing contact center payments across all channels.
 Iovation and Aite Group Report
 Aite Group Research