Cloud mashup offloads PCI compliance

Hand holding an assortment of credit cards

Contact centre provider NewVoiceMedia has introduced a cloud-based interactive voice recognition (IVR) service which it claimed can offload the need for companies to comply with the Payment Card Industry Data Security Standard, PCI DSS. The agent dealing with the call transfers it to the IVR in mid-call to take the customer's card data; the call is then returned to the agent for completion.

The new service merges NewVoiceMedia's existing automated card payment IVR with the ability to deal with a real human for the rest of the call. As NVM CEO Jonathan Gale put it, "It is just like handing the customer the in-store chip and pin device and looking away as they put in their PIN number."

He added: "Our customers are really excited about this approach as it allows the agents to deal with callers throughout the transaction, providing a personal touch, but not having to take their sensitive card data."

Complying with PCI has been mandatory since last year for companies taking credit cards over the phone, with penalties of up to £200,000 per breach for non-compliance. Gale said that the new service offers companies an alternative to handling PCI compliance themselves, either by training and bringing in processes to enable their own agents to take payments, or by taking the "disjointed" route of using a separate IVR system for credit cards.

"“We’re now able to take payments in 25 different countries working with diverse currencies, safe in the knowledge that we are fully compliant with PCI regulations," said Jag Tucker, global front office operations manager at SHL, a NVM customer which is now using the mid-call IVR.

He said that enabling contact centre agents to process smaller payments seamlessly and compliantly has improved SHL's cash flow and freed up its credit control department to chase the larger invoices. "What’s more, we’ve made sure our customers still get the best service possible by enabling our agents to make use of the mid-call technology, meaning they can take payment as part and parcel of giving customers the support they want,” he added.

Gale noted that because the service "is completely cloud based, it can be deployed quickly, scaled up immediately and just requires an agent to have a phone line and Internet connection." He added: "Service can be more personal and agents can be turned into real ambassadors rather than be shackled by cumbersome technology."