Consumer concern about payment card security is global
Syntec Press Release, 14th September 2016
Consumers in the USA and Australia agree with the UK
- contact centres should use new technology to shield payment card data from call centre agents & call recordings to stop fraud.
Syntec’s latest annual consumer survey has been expanded to include the USA and Australia, revealing that consumer concern about fraud in call centres is a global phenomenon.
Indeed, 4 out of 5 consumers across all three continents agree that:
“As a general rule, I don’t think organisations should be allowed to keep my payment card details in their databases”
(74% of UK, 78% US and 80% Australian consumers)
There are approximately 5,000 contact centres in the UK, 44,000 in the USA and 2,500 in Australia according to industry associations, employing some 3.3.m staff between them, yet the majority of consumers view the agents in these call centres as a source of potential fraud (77% in the UK, 55% in the USA and 43% in Australia), influenced by reports in the media about major data breaches which have affected the reputations as well as customers of household name brands worldwide.
As a result, over half of UK consumers (54%), over two thirds in the USA (69%) and 60% in Australia now say they are becoming reluctant to make payments by phone at all.
This reticence is clearly a barrier to sales and something that contact centre managers must work to overcome. Shockingly, 36% of UK consumers agree (53% in USA and 44% in Australia) that “There have been several occasions in the past year when I have not bought something due to being worried about the security of my payment card or ID details when buying over the phone”.
Even IT managers and operations managers in contact centres admit to being reluctant to make payments over the phone in their personal lives, due to the possibility of data breaches, as reported in Syntec’s annual research survey and white paper (conducted and reported by Davies Hickman), which continues to pinpoint contact centres as a weak link for payment security around the world.
Sophie Wapshott, Business Engagement Manager from UK anti-fraud body Cifas describes how “32% of the internal fraud cases reported by Cifas members in 2015 were committed in contact centres with many of these offences involving staff disclosing customer or commercial data to organised criminal, third parties”.
Consumers in the Syntec survey express a clear preference regarding how to overcome this, with 49% in the UK, 60% in the USA and 54% in Australia saying that secure technology should be used to hide the credit card details from the contact centre agent, and with only 14% or less in each country able to agree that “Organisations I buy from over the phone will keep my personal and card payment details secure”.
Simon Beeching, Business Development Director of Syntec, says, “This representative survey of consumers is now in its 5th year and continues to show that the worldwide contact centre industry, in consumers’ eyes and by its own admission, is still not keeping up with demands to tackle this area of fraud and customer distrust. Furthermore, the latest PCI DSS v 3.2 regulations require the merchant’s senior management to take direct responsibility for ensuring compliance, including where 3rd parties such as outsourcers or remote/homeworkers handle card payments on their behalf. So delegating the problem away or using half measures such as ‘pause and resume call recording’ will no longer do”.
The recommended approach to resolving this is ‘de-scoping’ technology, where consumers can use the touchtone signals of their own phone keypad (DTMF, or ‘dual tone multi-frequency’) to convey their card numbers for payment authorisation, either live in mid-conversation with the agent or using an automated customer self-service (IVR) solution. In both scenarios the sensitive card data bypasses the call centre and any call recordings altogether, thus de-scoping the contact centre environment from most PCI DSS regulations and audit requirments, as the data is no longer there to capture or potentially compromise.
Over twice as many consumers in Syntec’s research rate this DTMF technology compared with ‘pause & resume call’ recording, with respectively 78%, 79% and 69% of consumers in the UK, USA & Australia preferring this solution, described as ‘Using the keypad on your phone or smartphone to enter your credit/debit card details while the agent remains on the call to help (but the agent can’t see the card details)’.
Simon Beeching from Syntec adds, “A DTMF solution such as Syntec’s CardEasy ‘keypad payment by phone’ is a win-win, preventing the sensitive data from entering the contact centre environment and thus improving customer trust as well as reducing compliance hassle and costs for the merchant”.
Simon Kerry, Chief Information Officer of Syntec’s long-standing client Charles Tyrwhitt Shirts explains, “We wanted to further enhance data security in our call centre and decided to use Syntec’s secure phone keypad payment (DTMF), as it’s important to our customers that our payment solution is safe and easy to use. CardEasy works just as effectively for callers in the USA, Germany and Australia as in the UK”.
The free Syntec research White Paper with this year’s survey results also includes further tips and recommendations for Contact Centre leaders and can be downloaded at https://www.syntec.co.uk/product/pci-dss-in-contact-centres/
- Ends -
Notes for editors
*PCI DSS = Payment Card Industry Data Security Standards
Syntec is one of the UK’s leading contact centre systems specialists, providing managed services to clients internationally.
Syntec is a participating member of the global Payment Card Industry Security Standards Council (PCI SSC) and a PCI DSS level 1 Visa Merchant Agent.
CardEasy is Syntec’s proprietary cloud based ‘keypad payment by phone’ managed service.
CardEasy is integrated with Payment Service Providers (PSPs) internationally and marketed in partnership with them as an integrated service as well as directly by Syntec.
Syntec’s clients include public and private sector merchants across diverse sectors including banks, insurance companies, utilities, travel, charities, retailers and outsourcers, many with multi- site international operations and outsourcers.
Syntec will be exhibiting and demonstrating the CardEasy system at:
• PCI SSC Vendor Showcase, North American Community Meeting, 20-22 September 2016 (Las Vegas, Nevada, USA)
• Customer Contact Expo, Olympia, London UK, 28-29 September 2016
• PCI SSC Vendor Showcase, Europe Community Meeting, Edinburgh, Scotland, 18-20 October 2016
For more information www.syntec.co.uk , @synteccontact or contact:
Simon Beeching e. simon.beeching@syntec.co.uk m. + 44 (0)7973 384496
For more information on Davies Hickman Customer Experience Research Consultancy,
please call +44 (0)1189 403523 or visit www.davieshickman.com