You are currently viewing Protecting phone payments as criminals switch focus to card-not-present.

Protecting phone payments as criminals switch focus to card-not-present.

With the adoption of telephony cloud solutions and the increasing use of call recordings for training purposes in many companies, there is a greater risk that credit card information, shared between the card owner and the merchant during the call, will get stored on insecure servers in the cloud.

As a reaction to this development, the PCI SSC recently published new guidance on how merchants should accept payment information from customers over the telephone. The Protecting Telephone-Based Payment Card Data guide highlights both the risks involved, and the areas that require the attention of merchants if they are to adequately protect customers payment details.
This raises the question for merchants: what is the most secure and easiest way to accept card details over the phone? PCI Booking’s Card Over The Phone answers the concerns raised by the PCI SSC for our customers.

Card Over The Phone allows merchants to send a link to the card owner in an email or SMS message. Through the link, the card owner is redirected to a secure, and mobile-friendly, PCI Booking card capture page where they can enter their card details. The card details are then stored in PCI Booking and the token is sent to the merchant.

Personal details and booking information are taken during the phone call, as is currently the case, with the payment details now submitted by the customers themselves. Both the merchant and customer receive a notification confirming the successful transaction.

Card Over The Phone is a feature that is available to all PCI Booking customers, and is a straightforward and quick integration.

Interested in adding Card Over The Phone to your account?