White Paper takes a look into card payments taken over the telephone, industry requirements and the merchant’s responsibilities
Encoded, a provider of secure automated payment solutions, has published an easy to read white paper on the responsibilities of organisations and their contact centres when taking credit and debit card payments by telephone. The paper covers the requirements of the Payment Card Industry Data Security Standard (PCI DSS), the real threats, payment products available to organisations, who is ultimately responsible for the loss of card data and the future of card payments.
Robert Crutchington, director of Encoded and main author of the white paper said, “Currently there is no equivalent to Chip & PIN or 3D secure for payments made over the telephone. It is seen as the Achilles heel of the industry and fraudsters will use automated phone systems to test recently stolen cards with small transactions to identify active cards prior to making larger purchases. Organisations or merchants, as they are known in the payments industry, have a duty of care to their customers to ensure that card details are not misused, lost or stolen. This paper outlines the risks, PCI DSS requirements and myths facing merchants’ contact centres accepting card payments.”
Contributors to the white paper include Matthew Tyler, co-founder and chief executive of Blackfoot UK a leading information security, risk and compliance consultancy which provides Qualified Security Assessors (QSAs) to establish an organisation’s level of PCI DSS compliance. Matthew said, “There is often confusion around what PCI compliance involves. For example there is no such thing as a compliant solution, only companies and other legal entities can be described as PCI DSS compliant. Merchants can be mislead into thinking that buying an incorrectly named PCI compliant solution will protect them in the event of security breach – this most definitely isn’t the case. This white paper explains in clear language what organisations accepting telephone payments need to know.”
The white paper includes a section entitled “Four things you probably don’t know about PCI DSS” covering where responsibility lies, who in the payment chain will get fined and by whom, there is no such thing as a PCI DSS compliant solution and the significance of the VISA Merchant Agent List.
To receive a copy of the white paper please call Encoded on 0845 120 9790 or download a copy at www.encoded.co.uk/whitepaper-request/
Encoded is a leading provider of interactive voice response solutions and automated payment solutions. Encoded has invested in achieving the highest level of PCI DSS compliance. It has a Level 1 Attestation of Compliance (AOC) which applies to organisations that store, process and/or transmit more than 300,000 Visa transactions per year it also appears on the Visa Europe Merchant Agents List http://www.visasmerchantslist.com
All the company’s services are designed to fulfil three key objectives:
• Reduce costs by automating business processes
• Increase sales by offering new fulfilment channels
• Improve customer service by maximising resource efficiency
Encoded was established in 2001 to offer affordable, pay-as-you-go solutions to the growing payment handling requirements of small and large businesses. Today, the company’s software regularly supports 30 million customers and 10 million calls globally and automates £100 million of secure payments without operator intervention.
For more information please visit www.encoded.co.uk
Mary Phillips/Andreina West
PR Artistry Limited
T: 01491 639500