PCI DSS Compliance | Tripudio

PCI-DSS Compliance

Credit Card Payment via the Voice Channel

Ever more rigorous PCI Compliance rules forcing companies to ring fence customer credit card data more securely and seek flexible alternatives to legacy suppliers.

How can Tripudio’s PCI solution help you?

Even if the vast majority of your business is on-line, there may well be occasion when card payment details need to be initially transmitted, processed or stored, particularly if you employ phone based sales and customer care. As such your business must comply with the Payment Card Industry Data Security Standard (PCI DSS); the scheme designed to combat fraud and protect consumer information.

Retailers that do not comply with PCI DSS (Payment Card Industry Data Security Standard) risk heavy fines, the withdrawal of merchant services and damage to business reputation. Any inability to effectively transact will destroy cash flow and inhibit sales with the obvious side effects. At a time when fraud arising from purchases made over the phone or online is growing by over 20%, it’s essential that retailers – and those that support them – have the right systems in place to manage and control payments in compliance with PCI.

Achieving and maintaining PCI DSS compliance can be complex and expensive, particularly for contact centres where sensitive payment card information can easily disseminate from agents into your general business infrastructure and the local LAN & Desktop is included as being “in-scope” from an audit perspective.

Tripudio has consolidated key solution components from specialist PCI-DSS provider Cognia to embed full compliance functions within its telecom network, pricing it on a pay-as-you-use model. In that way, its clients can quickly gain access to core capabilities and proven expertise that will remove agents and IT infrastructure from the scope of PCI-DSS assessment.
This has a clear advantage in that the costs of business-wide compliance – which are often bespoke and expensive to audit – are replaced with a simple hosted system that enables your team to maintain a flexible, customer focussed approach and give you competitive advantage.

It sounds expensive!

No, implementation can be phased on a project by project or specific end-client basis, as the solution will co-exist with current ACD infrastructure, processes, systems and incumbent PSP providers. The system also incorporates secure voice recording, storage and analytics.

How does it work?

Tripudio’s solution eradicates the issue for the call centre, be it in-house, offshore or outsourced as our solution ensures that cardholder data never enters the contact centre environment in the first place. Payments are taken securely and efficiently with the caller entering their own card details using a telephone keypad at a network level. The system masks the DTMF tones, ensuring that agents are not exposed to any card information and preventing payment details from ever entering the contact centre. This means that compliance is controlled and the cost of achieving compliance is contained. Ongoing Audit costs are also spread over a wider community of users and are no longer site specific. This is a significant difference to other products on the market today.

What about the customer experience?

Tripudio’s solution enables agents to stay in contact with customers during the payment process, monitoring their progress and answering questions without having any knowledge of card details, the customer relationship is maintained, without any need to go use “robotized voice prompts”, which many consumers feel are off-putting and prone to error.

Despite the launch of the PCI scheme several years ago, there is a surprising number of businesses that either are not aware of the risks of non-compliance or fail to take compliance measures simply because the risk of fraud is under estimated. As such the new Tripudio solution enables clients to leap-frog over older legacy products to quickly and easily gain compliance status without major expense.