Can WFH Advisors Take Card Payments Securely Over the Phone?

Phone payment concept with mobile and credit card
Filed under - Industry Insights,

Before the pandemic there was a common misconception that contact centre homeworkers could not possibly work in a secure environment.

It’s simply not true. Organisations have been designing secure networks that include remote workers for many years.

Yet it took a full lockdown for others to see that WFH was possible and that services, such as payments, could be secure if planned correctly.

Many WFH solutions hastily created during the pandemic didn’t address key security issues. PCI DSS compliant card payment handling is a great example.

Some executives didn’t believe that PCI DSS compliance was even possible when working remotely so WFH was only ever seen as a temporary solution that couldn’t continue after the emergency period.

It is possible to create a secure WFH environment. However, you must plan and build your network correctly. It was certainly possible before the experience of lockdowns forced many companies to experiment with remote work and it remains possible now.

Sensee has almost 10 years’ experience in delivering PCI DSS compliance in a WFH setting and currently has PCI DSS Level 2 Service Provider status for a well known UK blue chip.

We also built a fit-for-purpose card payment system for the service operation of a well known financial services firm to enable homeworkers to take over the phone credit/debit card payments.

When you look at the PCI security standards website it doesn’t take long to find that they have published extensive advice and training on how to deploy their standards for a WFH environment.

It’s no secret that PCI DSS compliance is entirely possible for WFH advisers. In fact, the PCI DSS guidance on WFH advisers has been available for over a decade.

Executives that need more convincing may want to look back to the PCI blog published on March 23, 2020 – just as the Covid-19 lockdowns were starting for most companies across Europe and the US.

This blog lists the specific measures required to ensure that companies can continue to remain PCI DSS compliant even if their workers are sent home.

The requirements are broken down into People, Process, and Technology and include security training for contact centre workers with a particular focus on those that will provide service from home.

Processes such as dual-factor authentication to access corporate systems and restricting physical access to recording devices are also detailed along with technology restrictions, such as configuration and virus protection.

The security of WFH customer service teams has been a common concern of executives for a long time, but the information and examples are out there.

PCI DSS guidance and compliance has been possible for many years – it’s entirely a question of how you go about building processes and standards for your home working team.

As I mentioned, Sensee has real case studies and examples of this. WFH security is not just applicable in emergency situations, such as a pandemic lockdown.

You can design the right level of security into a WFH solution from the start and then create a far more flexible work environment for your employees – that flexibility will be reflected back in the positive experience customers report when interacting with these advisers.

Author: Guest Author

Published On: 23rd Aug 2022
Read more about - Industry Insights,

Follow Us on LinkedIn

Recommended Articles

Person with phone and credit card with lock icons
How Can IVR Payments Enhance Your Compliance?
A collection of padlocks hang from a chain
New Guidance Rings the Changes for Secure Telephone Payments
Introducing DTMF - ‘Card Payment by Phone’ Technology
Payment concept with phone and card
IVR Payments and Your Business