How to ensure PCI compliance in your contact center: over the phone transactions

Kris Walls

08.02.2021

Throughout 2020 and continuing into 2021, in-person purchases have been far less popular than in previous years. Businesses, whether they were prepared to or not, were faced with finding a way to adopt remote-friendly methods of reaching their customers in the wake of the pandemic.

While e-commerce businesses might have been ready for this transition and able to use existing payment processors and APIs that were ready-made for online transactions, the next steps for companies who accepted payments over the phone weren’t as clear.

Some businesses allowed agents to collect customers’ payment information as it was dictated over the phone by the customer. But, this puts contact center agents and businesses at risk of mismanaging sensitive data that exists in a less than secure environment. Luckily, there’s a better way of doing things.

What goes into becoming PCI compliant?

PCI compliant payments allow businesses to collect and process payments in a secure, scalable manner that puts less stress and risk on contact center staff and instills more trust in customers.

To avoid fielding sensitive payment information directly, a PCI compliant payment flow keeps a digital wall between customer and contact center agent. In this flow, the customer enters their payment information themselves either while on a call with an agent or through a web-based experience. The agent will be able to see if the customer has completed the payment successfully but have access to their actual payment data.

Companies like ERC, who adopted Airkit’s PCI compliant payment flow, are now able to serve more customers in the same amount of time, without putting their business or contact center agents at risk.

This flow is ideal for security and customer experience. However, it can be difficult to build the cultural and digital infrastructure required to be PCI compliant.

Businesses must invest time and resources into training staff, building out security procedures, scheduling quarterly security reviews, and more. While it’s a worthwhile pursuit, setting up PCI compliance can distract businesses from what they’re best at.

Airkit gives companies a flexible PCI compliant platform on which to build so they can create more secure payment practices without losing their focus on their core business.

So what does building a PCI compliant payment flow with Airkit look like in action?

How a PCI compliant payment works with Airkit

Airkit is PCI compliant out of the box. So, when you integrate with Airkit’s digital customer experience platform, your payments are secure right from the start.

Airkit allows companies who are accepting customer payments and transactions over the phone to do so in a more secure, seamless manner.

When a customer calls into your business, they can opt-in to receive an email, SMS, or chat during their conversation with an agent. The secure link the customer is sent via the medium of their choice will route them to a self-service payment flow. As they move through the flow, they can ask the agent on the line any additional questions they have, reducing the need for post-call follow-ups and/or support and increasing CSAT.

As a whole, customer experiences like payments are only getting faster and more flexible to a customer’s preferences. To continue meeting the needs of your customers, you must use tools that help you operate in a digital, more efficient manner without sacrificing security. Airkit’s PCI compliant payment flows give you the power to continue to exceed customer expectations while bolstering security.