News, Education and Events Decoding Digital Payments & Fraud

News, Education and Events Decoding Digital Payments & Fraud

Semafone Turns CNP Industry’s Attention Back to the Telephone

Semafone Turns CNP Industry’s Attention Back to the Telephone

By D.J. Murphy, Editor-in-Chief

Stu Carty In the CNP payments firmament, e-commerce shines brightest. But payment via telephone is entrenched firmly in CNP’s DNA and a U.K. company has introduced patented technology that helps merchants that operate call centers reduce fraud and PCI scope associated with taking payments over the phone, which still accounts for billions of dollars in potential revenue each year, according to Stu Carty, sales manager in North America for London-based Semafone.

Semafone formed in 2009 when a team of call center professionals began looking into solutions to address PCI compliance but couldn’t find any.

“As they started to embrace the PCI compliance standards, they were feeling the pain of those standards,” says Carty. “They recognized a need, looked around in the market and saw there was nothing available. They developed some technology internally, then realized they could take the technology to market.”

The company has received several rounds of financing, including from noted London investment company Octopus Ventures. The most recent in 2012 added nearly $3 million to Semafone’s coffers. Since then, the company has built up a strong customer base spanning multiple markets including government, finance, retail, insurance, debt recovery, OSP, travel & leisure and broadcast with Rupert Murdoch owned satellite broadcaster Sky.  Business up to now has been predominantly in the U.K. and Europe with inroads being made in North America. Semafone’s most significant milestone, however, came just last month when the company secured a U.K. patent on its technology.

Carty says the patent, which the company expects will be followed by another in the U.S. in 6 to 12 months, will protect Semafone’s innovative technology while it continues its expansion efforts globally.

“U.K. and U.S. patent law are very closely aligned,” he notes. “They typically go hand-in-hand with one another and once you get those two countries established you pretty much have the world locked down.”

Addressing Both Types of Fraud

Call center fraud generally comes in two major flavors, Carty explains. There are crimes of opportunity, where individual agents, for whatever reason, copy down a customer’s payment card information as they type it into their work station. This type of fraud is characterized by the perpetrator stealing one or a few card numbers and making relatively high-value purchases. The other type of fraud consists of organized attacks by sophisticated criminals who might use listening or keystroke technology or work with an internal accomplice to steal hundreds or thousands of card numbers at a time. These thefts usually result in the fraudsters making small purchases or withdrawals that cardholders might not notice on their statement for some time.

Semafone’s approach, according to Graham Thompson, the company’s sales and marketing director, is simple and elegant and prevents both types of attack.

“Our application prevents card data from entering the company’s infrastructure altogether, removing the need for almost all PCI regulatory checks and eliminating the possibility of fraud,” explains Thompson. “The customer uses a telephone handset to enter card details, which are transmitted directly to the bank. Voice contact between the customer and agent is uninterrupted so any problems can be dealt with immediately, but the sounds of the DTMF  tones (the tones on your phone keypad that sound differently for each number) are masked, to make them all sound the same, so no card data is ever heard or seen by the agent. This not only liberates organizations from the burden of PCI regulations and protects them from fraud, but also frees them from any of the reputational and financial costs that come from even a suspicion of card data theft.”

Carty says the idea is a simple one, “but what’s happening under the covers is the sophistication and the basis for the patent. There are at least three different integrations going on. It’s integrating with the CRM system, it’s integrating with the payment processing system and it’s integrating with the telephony system so it can mask the tones.”

Semafone has done extensive research to ensure that implementing the system doesn’t result in more errors or longer calls when entering card numbers by phone, Carty notes. The company found no appreciable difference in either metric when keying in the number rather than speaking it.  In fact, Carty says some of Semafone’s customer organizations have experienced an increase in customer satisfaction statistics. The number of abandoned calls in these companies has been reduced because the conversation between agent and customer is not impeded while card details are entered. Also, he says customers intuitively realize that keying in payment card numbers is safer than providing it live to a call center agent.

Another benefit is a more welcoming workplace. In the past, Thompson notes, security measures to combat call center agent fraud resulted in the elimination of pen and paper or a more draconian “clean room” approach adopted by many contact centers, which restricts agents movements as well as their use of mobile telephones and email. For many merchants, this affected the employees’ morale. Removing the opportunity to steal card numbers means organizations can relax some of the more chafing security rules.

“When you try to lock down your environment and make it sterile, it does affect morale and productivity,” he explains. “Semafone gets rid of temptation by getting rid of the opportunity to even steal the number. It takes that option away.”

Huge Market Potential

With its patent in hand, Carty says Semafone will continue marketing its technology to any merchant, large or small regardless of product or service, that takes payments over the telephone. The global nature of the PCI mandate and the well-documented issues around call center fraud in both on-shore and off-shore contexts provide a firm foundation for Semafone’s expansion, according to the company.

Semafone is profitable and, where it doesn’t have employees on the ground, is working through partners including third party telephony carriers and system integrators to expand globally. North America and Europe are the company’s main focus, but places like South Africa and Australia also are important markets.

Carty is the company’s first employee in North America and says the opportunity for Semafone in the region is huge, potentially reaching “millions of call center seats.”


  • Share this Article:

Daniel Leibovitch