CNP Expo: All Our Representatives are Busy Right Now
May 20, 2015
Andi Cook of TNS led today’s panel discussion about technology available to prevent call center fraud and simplify PCI compliance. As a recent case involving AT&T has shown, she noted, call centers are vulnerable to both internal and external fraud, and merchants are looking at a potential increase in call center fraud with the arrival of EMV.
Panelists recommended implementing a DTMF solution, where the customer uses the phone keypad to type in their card number, but the tones are masked so the call center representative cannot identify the sensitive data, limiting agent fraud. This technology also blocks the data from being recorded, which prevents hackers from getting an audio recording of a customer’s sensitive data.
Iain Johnston, COO at Semafone, reminded the audience that “it is possible to be PCI compliant while still having lots of holes in their organization. Focus on risk reduction and PCI compliance will happen.” Eckoh’s Director of Payments Strategy Cameron Ross agreed: “The industry is moving away from not doing these 300 tiny things toward let’s not touch this information at all.”
Amica Mutual Insurance Senior Assistant Vice President Roberta Gosselin remarked, “In our business, stripping down desks, etc., wouldn’t work for us, because our CSRs take lots of types of calls, not just payments, so a locked down mode doesn’t work for us.” Johnston also commented that employees want to feel trusted, and so draconian security measures decrease their job satisfaction, affecting the customer experience and increasing employee turnover.
IntraNext President Patrick Brown pointed out that DTMF also decreases potential fraud on the customer’s end, saying, “fraud can happen on the customer’s end if they are on the phone with a call center in a public place with someone nearby writing down their card info. If they’re typing their number in, that won’t happen, and the customer knows you’re treating their data securely.”