PCI DSS Compliance in

Contact Centers

CX17 Indy – May 2017

Tony Smith & David Swift

Indianapolis, Indiana

Why customer experience is important

What customers demand

What PCI DSS means for your customer service operation

What you are required to do

Impact on the agent

Impact on customer experience

How technology can help you solve these challenges

Case study – A solution fit for the Queen of England

Q & A

We’ll be covering

CX17 Indy – May

2017

Stay tuned to find out how the Queen

became PCI Compliant!

The evolution of customer experience

Source: 2017 Dimension Data Global Customer Experience Benchmarking Report

CX17 Indy – May

2017

Broader and centralised

channel access options

Birth of contact center

2000s

Consistent cross-channel support

for customers, via integrated digital

channels

Omnichannel a top priority

2016 – 2018

AI enabled automation via

behavioural and profile

personalization’s

Robotics reimagining world of CX

2018 – 2020

1990s

Traditional call centers

telephone replaced

face-to-face

2010s

Multichannel the norm

telephone and digital improve

customers’ channel options and

ease of contact

2017

CX – proactive & customised

New trend towards pushed CX,

tailored and enabled by analytics

and technology

Telephone-primed CX Digital-primed CX

CUSTOMER

EXPERIENCE

Conflicting needs

CX17 Indy – May

2017

BUSINESS NEEDS

Customer loyalty

Employee engagement

IT standardization / common applications

Effective cost control

Risk management

Compliance

Businesses need?

CX17 Indy – May

2017

Popularity of channel type by age group

Mobile apps top

choice for those

under 34

Telephone preferred

for those aged over 35

Source: Dimension Data Global Contact Center Benchmarking Report 2016

CX17 Indy – May

2017

Social media

Mobile

application

Email

Telephone

Web chat

Other

2nd 30.3

1st 39.5

4th 9.2

3rd 16.0

5th 5.0

6th 0.0

4th 9.2

1st 43.8

3rd 17.7

2nd 20.8

5th 8.5

6th 0.0

5th 1.5

3rd 12.1

2nd 30.3

1st 53.8

4th 2.3

6th 0.0

4th 0.7

4th 0.7

2nd 6.6

1st 89.9

4th 0.7

3rd 1.5

5th 0.0

3rd 0.8

3rd 0.8

1st 89.4

5th 0.0

2nd 9.1

% of NUnder 25

years

Between 25

and 34 years

Between 35

and 54 years

Between 55

and 70 yearsOver 70

years

Percentage of centers that do track channel popularity by age profile

CX17 Indy – May

2017

Time to reach 50 Million users

Telephone

Radio

TV

WWW

Facebook

iPhone

Draw something

75 years

38 years

13 years

4 years

3.5 years

3 years

50 days

Compliance, the Contact Center

and Customer Experience

The phone payment security

landscape is changing due to the

PCI DSSPAYMENT CARD INDUSTRY DATA SECURITY STANDARD

CX17 Indy – May

2017

PCI Security Standards

Merchants &

Service providers

Secure

environments

PCI DSSPCI security

& compliancePCI PA-DSS

Software

Developers

Payment

applications

P2PE

PCI PTS

Manufacturers

Pin Entry Devices

*PNC Payment Solutions News - 2014

CX17 Indy – May

2017

Card use continues to grow

Card Payments by Region, 2012 – 2018

PEOPLE LIKE TO TALK…

Payment provider virtual terminals for ecom

PIN entry devices – PEDs – for cardholder present

P2P encryption

Tokenization

How do we protect Cardholder Data?

Have we given enough

consideration to moto / phone

payments?

CX17 Indy – May

2017

There are data security

risks taking payments by

phone and in contact

centers…

A reminder of the

impact of data loss

today

There are significant

implications for

businesses

Buy more

Recommend to friends, family and

colleagues

Share positive views on social media

Defend your brand

Pay more

Buy shares

Stop buying

Openly criticize you

Post negative views on social media

Complain about cost

Sell shares

Customers who

trust you will…

Customers who

lose trust in you

will…

Introduction of stricter security

procedures

Disciplinary action against employees

Increase in workloads to fix issues and

ensure it doesn’t happen again

Loss of employee motivation

Staff losses (to join other

companies/competitors)

Potential resignation of a decision

maker

Loss of customer confidence

Damage to reputation

Direct financial loss

Financial penalty from sector body

or government

Loss of shareholder value/share price

What is the true cost of a breach?

Internal costs External costs

–13% revenueThere is also likely to be a significant

revenue loss if organizations suffer

an information security breach.

78% feel their organization’s revenue

would decrease if they had an

information security breach. The

average anticipated drop is 13%.

Source: NTT Com Security – 2016 Risk: Value Report

Counting the costs…

It costs an organization around

$907,053to recover if they lose information

during a security breach

CX17 Indy – May

2017

How can businesses provide excellent

customer experience and be secure?

CX17 Indy – May

2017

Broken recordings

Complaint handling

Agent training

Other regulation

Expensive

Technically difficult

Affects all calls

Diminished morale

Impractical

Difficult to maintain

Customer care reduced

Pause / ResumeCall Recording

Pause / ResumeScreen Recording

EncryptedVoIP

Telephony

Clean RoomEnvironment

Technically difficult

Inaccurate

Agent training

Options for Phone Payment Security

…are there alternative phone payment options

available to merchants striving for security and

compliance?

Using technology to

achieve compliance

Yes…

DE-SCOPE

CX17 Indy – May

2017

“…taking the card payment

without handling the card

data…”De-scoping for ECOM payments

What is De-scoping?

CX17 Indy – May

2017

De-scoping phone payments for PCI

Windsor Castle

CX17 Indy – May

2017

Clarence House

Buckingham palace

Holyrood House

History and Reputation

Windsor Palace, Holyrood House, Buckingham Palace, Clarence House

e-commerce shop and ticket sales

Operating a contact center and taking bookings

Never had a card data breach

Want to retain the most convenient channels

An Expectation of Excellence

Contact centerCardholder is not present – difficult to secure

Website – e-comCardholder is present

Gift shopCardholder is present

No need to break the conversation

Keypad entry of card details

Nurturing and reassuring for best possible customer experience

Secure, Agent-assisted Payments

Merchant need only complete SAQ A

Consumer and merchant data is secured

Consumer confidence is enhanced

Results delivered

CX17 Indy – May

2017

Making Compliance part

of your CX strategy

Compliance is an enabler to doing

more business

Use technology to reduce risk and

de-scope your payment environment

Get your agents to promote how

serious you are about protecting

your customers’ data

is a specialist provider of secure payment solutions. A fintech business focused on the contact center market.

We’re listed on the London Stock Exchange AIM market and has been trading for more than 10 years.

Focused on the contact center space the group has evolved to be a leading pureplay security business, servicing many recognizable brands across the globe.

Questions?

Customer experience and it’s importance

What customers demand and how they reward you

What PCI DSS means for your customer service operation

-What you are required to do

-Impact on the agent

-Impact on customer experience

Technology’s part in solving these challenges

Case study – A solution fit for the Queen of England

Summary