Agent assisted payments with Inference Card Payments for service providers


In today's world of online payments, accepting payments over the phone is still a critical requirement for many organizations. This means contact center agents and front of house staff need to process credit card payments from callers. Once an organization processes payments, they are subject to Payment Card Industry Data Security Standard (PCI DSS) standards. PCI DSS is a set of security standards created by the major credit card brands to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. These standards were created as payment fraud began to rise dramatically with the increase in e-commerce transactions. More importantly, contact centers have been a target of fraud attacks in recent years. According to a recent Gartner study, by 2020 75% of omnichannel organizations will sustain a targeted cross-channel fraud attack with the contact center as the primary point of compromise. Consumers are increasingly concerned about identify theft and the security risks of making a payment over the phone, especially if it means reading the card number to an agent. As a result of these concerns, the PCI council has made it mandatory for all organizations to comply with the PCI DSS standards. Failing to comply results in huge fines, costly audits, and potential brand damage. 

Achieving PCI DSS compliance can be quite a challenging and time consuming process as it requires securing all the systems and processes such as call logs, call recordings, and agent activities and requires a complex set of controls to be put in place. Not to mention the strict requirements placed on network security, data backups, regular penetration tests, and audits.  Maintaining these controls requires strong monitoring and ongoing staff training.

The alternative is to descope the contact center or branch from compliance requirements. This is where telecommunications service providers can assist by ensuring that sensitive credit card information never reaches the contact center or business, irrespective of the location of the agents. The simplest option is to host the entire payment application using a cloud based IVR service that is fully PCI compliant and involved no human agents.  Having no agent involvement during the entire payment process can be seen as a huge drawback as payment applications typically require agent assistance that cannot be substituted by virtual agents. Service providers do have the option of delivering agent assisted secure payments to a contact center by adding intelligent proxies into the network. Typically this solution has two key components:

  1. A virtual agent (IVR service) that processes the credit card payment.
  2. A proxy that masks the DTMF and voice signal while the customer enters their credit card information.

There are several vendors that offer secure agent assisted payments.  When selecting such a service, service providers should keep the following criteria in mind:

  1. The flexibility of the solution to deliver the call handling experience the enterprise wants for the best customer experience. This includes:
    • ability to tailor and adapt to changing needs of the enterprise.
    • cost and time involved to deploy the solution.
    • ability for the enterprise to manage their own solution.
    • support for measurement and analytics.
  2. The number of payment gateways supported and how easy is it to add new payment gateways.
  3. How natural and accurate is the speech recognition engine. Is there support for foreign languages?
  4. Are there any complex integrations required for the solution to work.
  5. Reliability of the service - does it have fail over protection?
  6. Is the service premise based or cloud based - cloud based offerings are safer from a compliance point of view whereas on-premise solutions may have some implications with respect to PCI compliance for the contact center.

With the recent launch of Inference Solution's Secure Call Proxy for Agent Assisted Payments, VP Product, Santosh Kulkarni delivered a webinar explaining our offering. Click through below to learn how Inference addresses these criteria. Learn how service providers can address payment security and offer agent assisted secure payments as part of their unified communications as a service (UCaaS) offering.


Roger Venning