IP Integration, a leading provider of customer engagement solutions, is addressing the complex issue of new EU General Data Protection Regulations with the launch of a dedicated Secure-Payment-on-Demand product. Designed to intercept and process sensitive customer information, including payment card details, before they enter an organisation, the cloud-based solution is ideal for contact centres which will be required to comply with Payment Card Industry Data Security Standards (PCI-DSS).
The Secure-Payment-on-Demand solution enables the outsourcing of almost all PCI-DSS obligations which will have a significant reduction on the cost and complexity of necessary system changes.
IPI’s solution is accessed by agents either through embedding the application into an existing CRM system or from a web based virtual terminal, using CTI to automatically initiate the On Demand payment process. The customer enters sensitive card information using their telephone keypad whilst still in communication with the agent, providing validations at each crucial stage of the process, which lowers failure rates and re-try attempts, and, in turn, reduces average handling time. On completion the payment is sent for processing by the Payment Service Provider, and will be duly informed once the transaction is completed. At no time do any of the card details pass through, or reside on the call centre’s systems.
Steve Murray, Director at IP Integration, said: “Secure-Payment-on-Demand means that contact centres never have to handle sensitive personal data. We intercept and manage that information, and should a data breach occur during a call, card details are never recorded, so there is zero risk to the business and customers and compliance with PCI-DSS is fully met.”
Apart from simplifying the payment process for agents and customers, call centres will also benefit from a pay-per-use charging model, and will find that the solution works with existing call and line suppliers. In addition, costs are reduced, not just on PCI compliance, but also in terms of reducing the need for expensive monitoring equipment, penetration testing and other security measure which PCI DSS dictates, whilst future regulation changes are automatically incorporated.