Semafone, a payment security and compliance provider has partnered with cloud-based company Avaya to provide secure payments for call centers during work-from-home conditions.
Semafone’s platform secures sensitive information like a customer's card details for payments. These details are then encrypted or tokenized and transactions are processed without the call center representative ever receiving customers' details.
Colorado this month introduced a comprehensive consumer privacy bill, following the lead of California’s Consumer Privacy Act. Colorado's bill requires businesses that deal with Personal Identifiable Information (PII) and payment details to do so securely and with compliance measures in mind.
Semafone’s partnership with Avaya will allow call center representatives to process payments over the phone securely.
“When the time comes for consumers to provide card details over the phone, they are sharing sensitive data to the representative which can be stolen or misused,” Iain Regan, chief revenue officer of Semafone said. “With our platform, customers can punch in their card number from their phone without sharing such sensitive information with the representatives.”
Semafone’s DevConnect platform will integrate Avaya’s OneCloud enterprise. Customer-facing businesses that use Avaya’s communication channels to connect to consumers can use Semafone’s Cardprotect Voice+ through the partnership.
“Semafone’s Voice+ sits directly in front of the merchant as a protective barrier,” Regan said in an interview. “The card details are masked and tokenized; it's effectively a random jumble of numbers. We then make the payment to the payment service provider or the acquiring bank and pass that completed payment into the merchant.”
With many states adopting versions of California’s Consumer Privacy Act, many businesses have to be cautious about following government compliance mandates. Virginia, Texas, and Colorado have introduced bills that ask businesses to store consumer data safely and allow consumers to be informed and provide the option to opt-out of data collection services. Businesses have to follow Payment Card Industry Data Security Standards (PCI DSS), a framework established by major payment industry leaders like Visa, Amex and Mastercard to protect consumers’ details.
Securing a customer's sensitive information also helps businesses follow compliance protocols while reducing the burden to create infrastructure to keep consumer data safely.
Semafone’s payment platform also integrates with the e-commerce payments gateway as well. The platform is able to add a data protective layer on top of chatbot sessions to mask sensitive information while a customer is making payments.
As transactions are becoming more digital, Semafone is expanding its payment security platform to channels like short message service, email, and QR code-based payments.
“When a customer scans a QR code for payment, a link pops up on their screen which takes them to a secured payment portal,” Regan said. “It allows businesses to accept payments without having to manage or deal with any of the PCI or any of the credit card data headache of having credit card data in those channels.”
Bluefin, a payment company that specializes in encryption and tokenization technologies to secure PII and payment data, is also working towards reducing payment friction and increasing payment security for over-the-phone transactions.
“We have USB keypads that sit on the representative’s desk while they are taking in the card number,” said Ruston Miles, Bluefin's founder and an advisor to the company. “The keypad is encrypted and will mask card details wherever you put them, thus requiring low software integration costs.”
With the pandemic, merchants are going to see a lot of card-not-present transactions happening and need to process them securely, Miles said. Consumers will be looking for frictionless payments while merchants would be looking to secure digital transactions which used to make up a small percentage of total transactions.
"The omnichannel revolution is here and it's never going to go back to normal. Customers would want easy payment journeys” Miles said. “Businesses are going to have to re-address their security budget and their security focus. Payment technologies are very different online than they are in person, and they're going to have to rethink that because the fraud shifted from mostly being retail to now being retail and mobile.”