The PCI Compliance Solution for Local Authorities

Blog
11 September 2020
Flowers in front of Waltham Forest City Council.

Any organisation that handles card payments over the phone needs to comply with the PCI DSS. This is a set of 12 binding requirements, designed to ensure complete data protection for organisations that handle payment cards over the phone.

Proper compliance includes ensuring no payment card information is stored. It also means having no manual intervention to capture card details verbally during a call.

This poses a significant challenge for many organisations that are required to record telephone calls for compliance purposes with regulatory bodies.

Local Authorities Are No Exception

For councils, handling thousands of financial transactions every month is an important task. Alongside payment methods that happen face to face or via postal cheques or direct debits, telephone-based payments continue to be a popular choice. Payment via phone is one method that councils need to offer to those living in their town, district, or borough.

The difficulty arises however when payment solutions need to not only be accessible, but compliant with telephone payment security guidelines. Compliance ensures payments are handled in the most secure way. With data breaches regularly reported in the media, local authorities would not want to be exposed by non-compliance or data breaches.

At present many local authorities are heavily reliant on customers paying through Interactive Voice Response (IVR) systems. These are automated systems that allow a computer to recognise and process both speech and DTMF telephone keypad tones.

While IVR systems protect data, they sometimes offer a less-than-perfect customer experience. Some customers struggle to navigate the automated process, resulting in high levels of call – and payment – dropouts.

When customers are paying a car parking fine or something similar, they may already be frustrated or reluctant to pay. Adding complicated automation at such a time is not helpful.

A more constructive solution is to simplify the process. This reduces dropped-call rates, garners more transactions, and leaves customers happier.

Searching for Efficient Call-Handling Solutions

Councils are looking at ways to make call handling as efficient as possible, while providing a quality experience to the person at the end of the line.

The use of external APTs is becoming less popular as people are often uncomfortable being transferred elsewhere to provide payment card details. They may also not understand how to provide their details using an automated system.

The preferred solution is taking payments while keeping the customer on the phone. However, historically there have been PCI  compliance issues with this approach. In that scenario, agents are exposed to customers’ sensitive card data, which creates a potential risk.

With customers from every walk of life – from young to older people, those who are familiar with technology and those who are not – councils need to identify a payment solution that is seamless.

They need one where their trained customer service team can fully assist for an improved service while ensuring payments are taken securely.

How PCI Pal Solves the PCI Compliance Issue

PCI Pal Agent Assist fills the gap for those local authorities who are looking for an answer to the ‘customer service / payment security’ conundrum. It enables Councils’ contact centre agents to take card payments securely, while maintaining an open dialogue with the customer.

It does this by using DTMF (dual-tone multi-frequency) masking technology, so customers simply enter the card number details using their telephone keypad. Information is then anonymously processed. The agent does not see or hear any card details, and the call does not need to be placed on hold or diverted.

This eliminates the need to transfer calls away from the council’s agents. Instead, they are able to stay on the line to support customers in completing the transaction.

It also means that councils can continue using call recording software, which may have required pausing if people were providing card payment details over the phone.

Agent Assist Advantages

In conclusion, PCI Pal Agent Assist offers local authorities two great advantages:

  1. The local authority is fully PCI compliant with the solution.
  2. Customers receive an excellent customer experience, as contact centre staff remain fully in communication through the payment process.

We have also seen contact centre agent morale receive an unexpected boost when using the solution. Customers find the payment process straightforward, so agents do not have to deal with unhappy customers who are trying to navigate automated payment systems without success.

When you bring it all together, it means fewer dropped calls, reduced call lengths, more payments being processed in a timely fashion and, overall, an improved customer experience.

View more Blogs Knowledge Centre

How can we help?

Get in touch today to discuss our technology and your requirements.

CONTACT US

Sign up for Knowledge Centre notifications

Never miss the latest blog, news, podcast or event. Sign up to be notified when we publish something new.

notify me

You may also be interested in

PCI SSC PPO - global payment security
News
PCI Pal Extends Partnership with PCI Security Standards Council to Help Secure Payment Data Worldwide
PCI Pal Extends Partnership with PCI Security Standards Council to Help Secure Payment Data Worldwide
PCI Pal reinforces its commitment to global payment security by renewing its role as a Principal Participating Organisation with the PCI Security Standards Council. Through this partnership, PCI Pal will provide strategic leadership and influence, addressing emerging threats and shaping the future of data security standards worldwide.
Read more
Blog
Empowering Tomorrow’s Payments: Adapting to ‘Consumer Duty’ Legislation with PCI Pal
Empowering Tomorrow’s Payments: Adapting to ‘Consumer Duty’ Legislation with PCI Pal
As the 'Consumer Duty' legislation comes into effect, PCI Pal takes a proactive stance, offering cutting-edge payment solutions that prioritize data security, streamline compliance, and enhance customer experiences. By leading the charge towards a future of trustworthy payments, PCI Pal empowers businesses to thrive in the evolving landscape.
Read more
PCI DSS Checklist
Blog
PCI DSS Compliance Checklist
PCI DSS Compliance Checklist
If you operate a contact centre that takes card payments from customers over the phone or via SMS and web chat, there are certain checks you must perform to ensure the security of cardholder data.
Read more
Conversational AI technology
News
PCI Pal is Enhancing Contact Centre Payments Through the Power of Conversational AI
PCI Pal is Enhancing Contact Centre Payments Through the Power of Conversational AI
PCI Pal is is partnering with Conversational AI technology providers to revolutionise payment acceptance. With PCI Pal's advanced security features and Conversational AI's capabilities, businesses can deliver a personalised experience, reduce fraud risks, and ensure PCI DSS compliance
Read more

More related content

Chat with us