Protecting your customer data without losing the trust of your customers


Share on LinkedIn

Earlier this month an unfortunate incident regarding customer data made the headlines. A contact centre agent was caught sending customer data to his personal email address. Luckily, the data was eventually recovered and the accused pleaded guilty to a charge under the Data Protection Act.

The story should make contact centre managers think though. Data theft (especially financial) is big business and contact centres need to ensure they are not putting their customer’s data at risk. Meanwhile customers today are alert to the potentials of fraud, and increasingly aware of the rules with regard to the protection of their data, particularly when it comes to payment cards.

So what are contact centres doing to protect our personal information? Some contact centres have introduced a ‘clean room’ policy where agents are not allowed to have pens, paper or mobile devices on their person, or in the building at all to try and avoid details being stolen.

Other contact centres have put restrictions on which agents are able to take card payments over the phone. But this approach is not often ideal, as it reduces the number of agents available to help customers.

Stop/start recording is another technique that many contact centres have used to ensure card details are not recorded to minimise fraud. This works by physically stopping the recording for the section of the live call where the customer is speaking their card details. However, this method is fraught with problems – it doesn’t give you a continuous recording of the call, which many industries (such as financial institutions) require and it also means, although the details are not recorded, an agent could still write down or record the details on a portable device.

IP whitelisting can also be an effective way to keep your contact centre secure; an IP-whitelisting feature only allows login access from approved IP addresses to help prevent unauthorised logins from different locations. For example you can set a rule so that all office based employees are permitted to login into the system but remote agents can’t unless it’s from a specific IP address.

While these methods may help to increase security, some of them may create negative feelings of mistrust among agents and their employers, and none of them are entirely secure.

So how do you prevent data loss and fraud, whilst keeping the trust of your employees?

Today’s contact centres have access to enough modern technology to ensure security breaches aren’t an issue. Cloud technology offers an affordable yet totally secure solution. Cloud-based PCI compliance solutions can ensure that card data is never even heard let alone recorded or stored but that the call is still recorded in its entirety, with no reliance on stop/start recording.

An advanced PCI solution removes the need for customers to speak their card details aloud to your agents at all. Customers simply enter their payment details using the telephone keypad when prompted – even the sound of the buttons they press are masked! This means that the agent never hears the card details, but also never leaves the call, allowing them to assist the customer at all times. Importantly, at no point does the customer need to recite their confidential data.

This means the risk of card fraud is greatly reduced. It’s a great customer experience, but importantly there is still an agent present on hand to help the customer through the entire call journey.

Customers can rest assured that their payment card data is secure, agents are trusted in taking payments and a load is taken off contact centre managers. A simple, yet completely secure method.

David Ford
I am an experienced engineer, director and corporate adviser with focus on technology sector. I now work as the Managing Director of Magnetic North. Magnetic North is leading the contact centre in the cloud revolution by providing organisations of every size with a high-availability, secure, enterprise-class solution at a fraction of the cost of the cost of traditional systems, together with transparent pricing, out-of-the-box integration and continuous product innovation.


Please use comments to add value to the discussion. Maximum one link to an educational blog post or article. We will NOT PUBLISH brief comments like "good post," comments that mainly promote links, or comments with links to companies, products, or services.

Please enter your comment!
Please enter your name here