Using Syntec’s patented CardEasy managed service, your customers enter their card numbers using the touchtone keypad (DTMF) of their own phone, mid-call with the agent or using customer self-service autopay (IVR).
This descopes your call center and call recordings from PCI DSS, reducing the risk and costs associated with managing card payments in your contact center, whilst improving customer trust, call handling times and lost transaction rates.
Watch our demo to see how CardEasy works.
CardEasy enables you to comply fully with PCI DSS as follows:
- Your agents will not be exposed to callers’ sensitive card numbers
- Card numbers will not be stored in your call recordings or captured in screen recordings
- As the sensitive card numbers do not enter your contact center or network, this de-scopes this environment almost completely from PCI DSS regulations and audit requirements
Your agents can talk to the caller throughout to control the call and transaction.
CardEasy also offers a customer self-service autopay option (IVR) for when no agent assistance is required, such as balances payable, utility bills, charity donations and subscriptions.
Note that ‘pause and resume’ solutions for call recording – which cut the call recording at the point at which the agent asks for the card details – will still leave the agent exposed to them and so the contact center environment and agents still remain in scope of the PCI regulations and open to fraud.
How does CardEasy work?
- A caller wishes to pay by card over the phone
- The contact center agent initiates a request for card authorization in mid-conversation with the caller
- The caller is prompted to enter their card number via their telephone keypad (DTMF/ dual tone multi frequency touchtones)
- Audio from the agent to the caller remains open throughout
- Audio from the caller to the agent is cut briefly while they enter the middle six digits of their long card number (PAN) and CV2 on their phone keypad, to ensure that the agent (and call recording) cannot be exposed to the card numbers even if the caller reads out the numbers whilst entering them
- The complete call can be recorded but the sensitive DTMF tones are masked from the recording as well
- The agent is alerted via their screen when payment has been authorized
- Tokenisation, card scheme surcharging, BIN look-up, recurring & multiple payments and multiple currencies are all supported.
Taking payment using CardEasy
CardEasy live video demo
Using CardEasy saves you time and money by taking your call center operations out of scope from PCI DSS controls, whilst removing the need for time consuming oversight and PCI audits. Set up costs are low and ongoing managed service costs are ‘per agent’ or ‘per channel’ depending on your organization’s requirements, so can be linked directly with your channel/agent utilisation.
Syntec is the managed service provider
CardEasy is Syntec’s proprietary and patented system. Syntec is a PCI DSS level 1 service provider, a Visa Merchant Agent and a participating member of the global PCI Security Standards Council.
What our customers say
What our partners say
Find out more about our integrated Payment Gateway partners.