DTMF Masking

PCI Pal Agent Assist and IVR Payments use DTMF masking technology to suppress the telephone keypad tones entered by a customer during a financial transaction.
Computer operator

Outdated and impractical solutions for achieving compliance to the Payment Card Industry Data Security Standard (PCI DSS)  need to be replaced with customer-centric solutions.  Pause-and-resume call recording and clean room environments should be upgraded to more advanced technologies using Dual Tone Multi Frequency (DTMF) masking. This view is underlined and supported by the PCI SSC’s guidelines on ‘Protecting Telephone-Based Payment Card Data’.  PCI Pal Agent Assist and IVR Payments use DTMF masking technology to suppress the telephone keypad tones entered by a customer during a financial transaction.

What is DTMF Masking?

DTMF is the discordant two-tone signal, or sound, that is generated when you press a button on a telephone’s touch keypad.

In DTMF masking, the consumer enters their card number, expiry date and security code using their telephone keypad, rather than speaking their payment card data. These tones are intercepted by the PCI Pal system and masked with a monotone comfort beep for the agents. The captured card data is then sent straight to the Payment Service Provider (PSP) for processing. This process means the data completely bypasses the contact center environment.

The use of DTMF masking technology for PCI compliance can eliminate data breaches at the contact center level.  By preventing payment data from entering the environment in the first place, there is no data stored to breach.

DTMF masking technology for PCI compliance removes any need for the agent to see, hear or store sensitive payment data. The best solutions allow the customer and agent to speak at all times during the payment process.  The voice flow is therefore uninterrupted as the customer enters their details.

As DTMF masking technology removes spoken card data, there’s no possibility of the contact center inadvertently recording sensitive financial information. The burden of sensitive data storage rests solely with the payment provider.

Benefits of DTMF Masking technology:
  1. Improved customer experience  the customer is reassured that their data is handled securely.  They are not diverted away from the agent to a ‘payment line’ solution to complete their transaction with no support.
  2. Scope of PCI DSS is greatly reduced  as no data is being stored, processed or transmitted within the contact center, the Cardholder Data Environment (CDE) is greatly reduced.  Minimizing your risk of a data breach.
  3. Improved agent experience – As the sensitive cardholder data is removed from your contact center, your agents are not exposed to demotivating compensating controls such as clean room environments and additional security checks.  In addition, DTMF masking technology means the agent doesn’t see or hear the sensitive cardholder data reducing the company’s internal threats from bad actors.

View more technology

How can we help?

Get in touch today to discuss our technology and your requirements.

CONTACT US

Sign up for Knowledge Centre notifications

Never miss the latest blog, news, podcast or event. Sign up to be notified when we publish something new.

notify me

Learn more about payment security

PCI DSS Checklist Laptop
Blog
PCI DSS Compliance Checklist
PCI DSS Compliance Checklist
If you operate a contact center that takes card payments from customers over the phone or via SMS and web chat, there are certain checks you must perform to ensure the security of cardholder data.
Read more
podcast hero image
Podcast
Securing Contact Centers: Beyond Pause and Resume Recording
Securing Contact Centers: Beyond Pause and Resume Recording
In this episode of 'Secure Payments' PCI Pal’s CISO, Geoff Forsyth, explains the threats posed by outdated Pause and Resume call recording technology. Helping listeners find an easier path to compliance with data security regulations, and less chance of being fined for a data breach.
Read more
Pause and Resume
White paper
Pause and Resume Call Recording: Calculating the Risk
Pause and Resume Call Recording: Calculating the Risk
In this white paper, we establish and explain the threats posed by outdated call recording technology, including Pause and Resume call recording. Through it, you'll find an easier path to compliance with data security regulations, meaning less chance of being fined for a data breach.
Read more
POS malware contact centre
Blog
Security risk: Are you still using POS terminals in your contact center?
Security risk: Are you still using POS terminals in your contact center?
With news that cybercriminals have used point-of-sale (POS) malware to steal details of more than 167,000 credit cards from payment terminals, we shine a spotlight on the security shortfalls associated with processing payments via POS terminals in the contact center.
Read more

More related content

Our other technology

Explore the other technologies we utilize to secure your business communications, protect your data, and assist you in adhering to strict industry governance.

Conversational AI Payments
Conversational AI Payments

Seamless, Secure and Intelligent Payment Solutions

Read more
Digital Engagement
Digital Engagement

Secure payments via digital engagement channels such as Webchat, Whatsapp, SMS, Social Media and Email.

Read more
Speech Recognition
Voice Recognition

Voice recognition technology is a feature of our Agent Assist and IVR Payments solutions, allowing customers to speak their details in a secure way.

Read more
global cloud technology
Global Cloud

The entirety of PCI Pal’s product-base is available from our global cloud platform hosted in Amazon Web Services (AWS)

Read more
patented compliance technology
Patented & Protected

We’re proud of our global cloud, secure patented payment solutions for business communications.

Read more
Chat with us