Press release

Consumers in the USA and Australia agree that contact centres should use new technology to shield payment card data from call centre agents & call recordings to stop fraud

Syntec’s latest annual consumer survey has been expanded to include the USA and Australia, revealing that consumer concern about fraud in call centres is a global phenomenon. Indeed, 4 out of 5 consumers across all three continents agree that:

“As a general rule, I don’t think organisations should be allowed to keep my payment card details in their databases”

(74% of UK, 78% US and 80% Australian consumers)

There are approximately 5,000 contact centres in the UK, 44,000 in the USA and 2,500 in Australia according to industry associations, employing some 3.3.m staff between them, yet the majority of consumers view the agents in these call centres as a source of potential fraud (77% in the UK, 55% in the USA and 43% in Australia), influenced by reports in the media about major data breaches which have affected the reputations as well as customers of household name brands worldwide.

Customers reluctant to make payments by phone

As a result, over half of UK consumers (54%), over two thirds in the USA (69%) and 60% in Australia now say they are becoming reluctant to make payments by phone at all.

This reticence is clearly a barrier to sales and something that contact centre managers must work to overcome. Shockingly 36% of UK consumers agree (53% in USA and 44% in Australia) that “There have been several occasions in the past year when I have not bought something due to being worried about the security of my payment card or ID details when buying over the phone”.

Call centre managers worried about card security

Even IT managers and operations managers in contact centres admit to being reluctant to make payments over the phone in their personal lives, due to the possibility of data breaches, as reported in Syntec’s annual research survey and white paper (conducted and reported by Davies Hickman), which continues to pinpoint contact centres as a weak link for payment security around the world.

“32% of the internal fraud cases reported by Cifas members in 2015 were committed in contact centres with many of these offences involving staff disclosing customer or commercial data to organised criminal, third parties”.

Sophie Wapshott, Business Engagement Manager from UK anti-fraud body Cifas

Consumers want card details hidden from agents

Consumers in the Syntec survey express a clear preference regarding how to overcome this, with 49% in the UK, 60% in the USA and 54% in Australia saying that secure technology should be used to hide the credit card details from the contact centre agent, and with only 14% or less in each country able to agree that “organisations I buy from over the phone will keep my personal and card payment details secure”.

“This representative survey of consumers is now in its 5th year and continues to show that the worldwide contact centre industry, in consumers’ eyes and by its own admission, is still not keeping up with demands to tackle this area of fraud and customer distrust. Furthermore, the latest PCI DSS v 3.2 regulations require the merchant’s senior management to take direct responsibility for ensuring compliance, including where 3rd parties such as outsourcers or remote/homeworkers handle card payments on their behalf. So delegating the problem away or using half measures such as ‘pause and resume call recording’ will no longer do.”

Simon Beeching, Business Development Director, Syntec

De-scoping the contact centre from PCI DSS regulations

The recommended approach to resolving this, as highlighted in the Syntec report, is ‘de-scoping’ technology, where consumers can use the touchtone signals of their own phone keypad (DTMF, or ‘dual tone multi-frequency’) to convey their card numbers for payment authorisation, either live in mid-conversation with the agent or using an automated customer self-service (IVR) solution. In both scenarios the sensitive card data bypasses the call centre and any call recordings altogether, thus de-scoping the contact centre environment from most PCI DSS regulations, as the data is no longer there to capture, compromise or audit.

Over twice as many consumers in Syntec’s research rate this DTMF technology compared with ‘pause & resume call’ recording, with respectively 78%, 79% and 69% of consumers in the UK, USA & Australia preferring this solution, described in the research as ‘Using the keypad on your phone or smartphone to enter your credit/debit card details while the agent remains on the call to help (but the agent can’t see the card details)’.

“A DTMF solution such as Syntec’s CardEasy ‘keypad payment by phone’ is a win-win, by preventing the sensitive data from entering the contact centre environment at all, improving customer trust as well as reducing compliance hassle and costs for the merchant.”

Simon Beeching, Business Development Director

Simon Kerry, Chief Information Officer of Syntec’s long-standing client Charles Tyrwhitt Shirts explains:

“We wanted to further enhance data security in our call centre and decided to use Syntec’s secure phone keypad payment (DTMF), as it’s important to our customers that our payment solution is safe and easy to use. CardEasy works just as effectively for callers in the USA, Germany and Australia as in the UK”.

Find out more

For more information download the free Syntec research White Paper with this year’s survey results, which also includes further tips and recommendations for contact centre leaders.

View our archive of previous press releases here.