According to the UK Cards Association, the number of purchases using debit and credit cards has more than doubled in the past ten years.
This growth has a “spending equivalent to a third of the UK’s GDP” and proves that people just love to pay by card. It’s quick and easy, but how secure is it?
If statistics from Financial Fraud Action UK are anything to go by, the answer is not as secure as it could be.
Research indicates that security is a growing problem, with fraud losses on UK-issued cards totalling £567.5 million in 2015, an increase for the fourth consecutive year.
Perhaps even more worrying is, despite the introduction of official standards frameworks such as the Payment Card Industry Data Security Standard (PCI DSS), the threat of those gaining illegal access to sensitive customer card information looms large.
So, just how can contact centres improve security for customers?
- Organisations are exploring numerous ways of making the card payment process and storage of customer data safer.
- Methods range from improved use of passwords, encrypting traditionally weak access points to the network such as corporate social media accounts, to setting up automatic SMS alerts to detect and flag up anomalies to agents.
- Some are even experimenting with new technologies such as phoneprinting and voice biometrics.
But it doesn’t have to be that complicated. Firstly, acknowledge where the weaknesses are in your organisation, then combine people, process and technology to create a watertight security framework.
Step One: Focus on the Top Three Security Danger Spots
Take time to concentrate on the most vulnerable areas:
People – the ability for dishonest or careless employees to access call recordings or write down card details should not be ignored
Storage – contact centres understand the importance of protecting customer data from fraud and cybercrime but don’t always know how to store it correctly or even where it is stored
Infrastructure – does the technology you use to take card payments and store card details pass the test? Are you confident it can aid organisational data security and drive compliance?
Step Two: Blend People, Processes and Technology
Improve processes, educate agents – the road to effective compliance management involves so much more than technology. Remember, threats don’t necessarily come from the outside. Particularly during busy times, agents might inadvertently write down credit card details or fall prey to phishing and mistakenly click on a rogue email.
Automated processes backed up with a rigorous training programme that educates staff about the perils of mishandling sensitive or personal data are critical.
Choose the right partner – one which practises what it preaches and has followed the due diligence process to achieve PCI DSS compliance. This will signal its dedication to security, quality and customer focus, along with the knowledge and expertise to guide you through important security and PCI DSS audits.
The right partner will provide assistance by making its support staff, technicians and product managers available to discuss your specific needs, challenges and other issues.
The company should also have a dedicated customer portal providing secure access to log search, configuration, statistics and more.
Round-the-clock accessibility and online support are great comfort factors that will ultimately build confidence and reassure customers that their data is protected at all times.
The deployment of a secure cloud-based solution is one way of increasing security levels. In particular, look for a supplier that offers:
- A complete portfolio of payment solutions and anti-fraud tools
- Flexibility, visibility and high levels of integration with other payment service providers (PSPs), which means that agents can switch freely between applications without having to make changes to other payment integrations, saving time and boosting security levels
- Efficient reporting, statistics and settlement reporting for all payment channels
- Professional hosting environments that require minimal in-house technical expertise and take away the headache of managing all forms of card payment
- Stable solutions, a 24/7 duty system and continuous monitoring 365 days a year
To find out about the technology solutions that Puzzel offer, visit: www.puzzel.com