DTMF Masking

PCI Pal Agent Assist and IVR Payments use DTMF masking technology to suppress the telephone keypad tones entered by a customer during a financial transaction.
Computer operator

Outdated and impractical solutions for achieving compliance to the Payment Card Industry Data Security Standard (PCI DSS)  need to be replaced with customer-centric solutions.  Pause-and-resume call recording and clean room environments should be upgraded to more advanced technologies using Dual Tone Multi Frequency (DTMF) masking. This view is underlined and supported by the PCI SSC’s guidelines on ‘Protecting Telephone-Based Payment Card Data’.  PCI Pal Agent Assist and IVR Payments use DTMF masking technology to suppress the telephone keypad tones entered by a customer during a financial transaction.

What is DTMF Masking?

DTMF is the discordant two-tone signal, or sound, that is generated when you press a button on a telephone’s touch keypad.

In DTMF masking, the consumer enters their card number, expiry date and security code using their telephone keypad, rather than speaking their payment card data. These tones are intercepted by the PCI Pal system and masked with a monotone comfort beep for the agents. The captured card data is then sent straight to the Payment Service Provider (PSP) for processing. This process means the data completely bypasses the contact center environment.

The use of DTMF masking technology for PCI compliance can eliminate data breaches at the contact center level.  By preventing payment data from entering the environment in the first place, there is no data stored to breach.

DTMF masking technology for PCI compliance removes any need for the agent to see, hear or store sensitive payment data. The best solutions allow the customer and agent to speak at all times during the payment process.  The voice flow is therefore uninterrupted as the customer enters their details.

As DTMF masking technology removes spoken card data, there’s no possibility of the contact center inadvertently recording sensitive financial information. The burden of sensitive data storage rests solely with the payment provider.

Benefits of DTMF Masking technology:
  1. Improved customer experience  the customer is reassured that their data is handled securely.  They are not diverted away from the agent to a ‘payment line’ solution to complete their transaction with no support.
  2. Scope of PCI DSS is greatly reduced  as no data is being stored, processed or transmitted within the contact center, the Cardholder Data Environment (CDE) is greatly reduced.  Minimizing your risk of a data breach.
  3. Improved agent experience – As the sensitive cardholder data is removed from your contact center, your agents are not exposed to demotivating compensating controls such as clean room environments and additional security checks.  In addition, DTMF masking technology means the agent doesn’t see or hear the sensitive cardholder data reducing the company’s internal threats from bad actors.

View more technology

How can we help?

Get in touch today to discuss our technology and your requirements.

CONTACT US

Sign up for Knowledge Centre notifications

Never miss the latest blog, news, podcast or event. Sign up to be notified when we publish something new.

notify me

Learn more about payment security

Pause and Resume
White paper
Pause and Resume Call Recording: Calculating the Risk
Pause and Resume Call Recording: Calculating the Risk
In this white paper, we establish and explain the threats posed by outdated call recording technology, including Pause and Resume call recording. Through it, you'll find an easier path to compliance with data security regulations, meaning less chance of being fined for a data breach.
Read more
POS malware contact centre
Blog
Security risk: Are you still using POS terminals in your contact center?
Security risk: Are you still using POS terminals in your contact center?
With news that cybercriminals have used point-of-sale (POS) malware to steal details of more than 167,000 credit cards from payment terminals, we shine a spotlight on the security shortfalls associated with processing payments via POS terminals in the contact center.
Read more
Verizon Payment Security Report Infographic
Infographic
Insights from the Verizon 2022 Payment Security Report
Insights from the Verizon 2022 Payment Security Report
Following the publication of Verizon's 2022 Payment Security Report, we have released an infographic highlighting some of the primary payment security takeaways.
Read more
Podcast mic and laptop
Podcast
Keep Calm and Simplify
Keep Calm and Simplify
In this podcast episode, Verizon’s Head of Global Business Intelligence, Ciske Van Oosten, and PCI Pal’s CISO, Geoff Forsyth, discuss the release of PCI DSS 4.0 and the significant changes and requirements it brings for organizations across the world when it comes to payment security.
Read more

More related content

Our other technology

Explore the other technologies we utilize to secure your business communications, protect your data, and assist you in adhering to strict industry governance.

Digital Engagement
Digital Engagement

Secure payments via digital engagement channels such as Webchat, Whatsapp, SMS, Social Media and Email.

Read more
Speech Recognition
Speech Recognition

Speech recognition technology is a feature of our Agent Assist and IVR Payments solutions, allowing customers to speak their details in a secure way as an alternative to using their telephone keypad.

Read more
global cloud technology
Global Cloud

The entirety of PCI Pal’s product-base is available from our global cloud platform hosted in Amazon Web Services (AWS)

Read more
patented compliance technology
Patented & Protected

We’re proud of our global cloud, secure patented payment solutions for business communications.

Read more
Chat with us