Back to Blog

PCI Pal: Insider threats – is your business at risk?

After renewing his broadband subscription over the phone with a reputable internet service provider, Karl Nelson did not expect to be contacted by his bank regarding recent “fraudulent transactions” on his account…

Mr Nelson had repeatedly reached out to the broadband company, complaining that a number of unauthorised payments left his account within hours of handing over his card details to them. Money continued to leave his bank account over the new few days. It was only at this point that the broadband company begin to formerly investigate the issue, and once the severity had been established, the police were involved. A contact centre agent has been suspended whilst police continue to investigate further.

Mr Nelson feels that companies need to have a more ‚robust procedure‘ for taking credit card details over the phone, and need to react more promptly when situations like this arise. This is precisely the scenario which PCI Pal have been helping protect contact centres from for many years.

In a whitepaper that PCI Pal conducted, it was revealed that 72% of contact centres took payments by reading them out loud. This method of payment has the potential to expose personal data and card information to CRM systems, contact centre staff and perhaps people in the surrounding area. With the stake so high in doing this, any sort of breach of data is not acceptable.

This is where PCI Pal come into the equation; they support safeguarding contact centres payments so any sensitive data is never exposed to anyone. This allows everyone to feel confident and comfortable with giving card information over the phone, and rules out any insider threats.

With the high level of sensitive data that is circulating within contact centres it is a priority to safeguard both customer’s data and their trust. This is also a vital part of protecting the reputation of the organisation and to avoid getting any financial penalties for not being GDPR compliant.

72% of contact centres take payments by reading them out loud.

PCI Pal’s key recommendation to eliminate any data breaches within contact centres would be to prevent any payment data actually entering this kind of environment in the first place. It means that businesses will have to replace the usual ‚pause and resume‘ systems with ‚Dual Tone Multi-Frequency (DTMF) masking technology. This means that card payment information can be entered into the application without computer or agent access to the data inside.

Natterbox and PCI Pal work hand in hand in order to reduce the amount of breaches of security that are taking place from day to day. The most important part of this whole process is ensuring that our customers feel a sense of security within our company and trust our processes. PCI compliance helps us give reassurance to our customers and their customers too – their payment information is safe and being handled in a complaint manner.

If you’d like to find out more about how Natterbox and PCI Pal work together, there is more information available on our PCI Payments page. If you have any questions, please start a chat, fill in one of our contact forms or give us a call.

 

References:

Share this article