Taking Card Payments Over the Phone—Finding A Secure Approach

Credit card fraud is widespread—and costly. A recent survey found that 65% of Americans with credit or debit cards have experienced credit card fraud at least once. Not surprisingly, 52% of U.S. bill payers rank security as a top feature in the digital bill payment process.

One area of heightened risk is taking credit card payments from your customers over the phone. Your organization needs to get paid and you can leverage tools to make taking phone and call center payments more secure.

Merchants who accept credit card payments must comply with the Payment Card Industry Data Security Standard (PCI DSS). Payment card brands may fine merchants up to $500,000 per incident if they aren’t PCI compliant at the time of a data breach.


Taking Credit Card Payments by Phone Is Risky Business

When consumers think of how contact center agents take payments, they often think of being asked to read off their credit card number, expiration date and CSV code over the phone.

If that doesn’t make you a little nervous—it should. That method of sharing card information may increase the risk of credit card fraud for several reasons:

  • A contact center agent may write the credit card information down on a piece of paper or somewhere visible where another person could walk by and steal the information.
  • A disgruntled employee taking the payment may steal the credit card information, using it to make unauthorized purchases or obtain funds from the account.
  • The customer may be in a public place when reciting credit card details. Someone may overhear the conversation and jot down the credit card information.
  • Reading out a CSV code negates the reason for having it—it’s used to prove the payer has possession of the card at the point of payment. Someone who overhears and captures that CSV can use it to make card-not-present charges.


2 Better, More Secure Ways to Take Credit Card Payments Over the Phone

  1. Inbound and Outbound IVR — Customers pay via IVR (interactive voice response) with automated voice prompts and keypad inputs. This eliminates all three problems listed above. The contact center agent transfers the caller to the payment IVR system. The customer enters the card number, expiration date and CSV on their phone keypad when prompted to do so. The IVR system is integrated into a payment gateway to make the transaction. The system then gives the customer a receipt number and the option to receive the receipt by email. To make it even more convenient for your customer, you can leverage an outbound IVR, where a customer can schedule a time to receive an automated call to make their payment.
  2. Live Agent Assist Technology — Businesses can leverage payments technology to have contact center agents quickly send customers a link to a custom online payment page for payment. By using a solution like CSG Forte’s Payer Engagement Platform, contact center agents can easily create an invoice with a few clicks of a mouse and send it to the customer via email or text message. This allows customers to pay promptly and securely—without sharing their credit card information with the agent. This method of payment greatly reduces the risk for fraud and the business’ PII data exposure.

The Payer Engagement Platform is a secure digital payment solution that enables customers to make payments using their preferred channel and payment method, at any time. Its Live Agent Assist feature allows call center agents to quickly create custom invoices to be sent to customers to complete transactions, eliminating the need for agents to collect sensitive information.

Contact us to learn how the Payer Engagement Platform simplifies bill payment, improves the customer experience and reduces fraud exposure.