Meet your PCI Compliance needs with our contact centre solution.

Protect your customers, contact centres and your company from fraud and identity theft with our PCI DSS compliant solution.

When done the traditional way, if a customer pays an agent over the phone there’s a few key risks when it comes to data security:

Both the agent themselves, and anybody around the customer at the time hear their sensitive information such as card data as it’s relayed, the agent gets to see the payment information on their screen as they enter it, if the call is being recorded, that sensitive information is now also stored as part of the recording, the data is then transmitted through various networks and systems to action the payment, visible to all of those as it’s being processed.

It would be impossible to guarantee the safety of this data, and when a busy call centre goes through this process countless times a day that means there’s potentially a huge risk. But don’t panic – we have the solution!


Our CallGuard offering stops sensitive card information being passed to your agents and from being stored on your systems, putting you a lot closer to being PCI DSS compliant. They’re also nice and flexible, designed to fit in around all existing compliance, fraud, risk and security procedures. Here’s how it works:

Step 1

The caller rings the contact centre to enquire about a product or service. Call recording can continue throughout the entire conversation, including taking a payment.

Step 2

The caller enters their card details using their telephone keypad. DTMF tones are intercepted by CallGuard and changed to monotones. The web screen masks the digits from the agent as the customer presses the buttons.

Step 3

The agent is notified of payment approval or rejection. At any stage of the process, the agent can cancel and start again while the customer is on the phone.

Tell Me More

PCI DSS Compliance: Risk Free Payments

With our secure payment suite, you can keep your customers’ card data separated from your staff and systems.

Keep card data out of your environment and ensure it can make its way directly to the payment provider.

By avoiding attracting the attention of hackers and fraudsters, our payment suite can save you any legal headaches. De-scope your contact centre and card-not-present channels for PCI DSS compliance, and stop worrying about audits and the associated risks and costs.

PCI Compliance
PCI DSS Payments in the Contact Centre

Want more?

PCI Compliant Payment Solutions

IVR Payments

Enable secure, multi-channel, automated payments for every customer over the phone, web and mobile device.

Help your customers to make card payments conveniently and securely over the phone, via the web, using SMS or with mobile apps. Our automated, self-service payment solution is PCI DSS compliant and optimised to be quick and easy. It gives your customers the freedom to pay for goods and services whenever they want — in safety.

Alternative Payments

Improve customer experience | Maintain data integrity | Stay ahead of the competition

Stay ahead of your competition with secure payments via Apple Pay, Google Pay or PayPal over a telephone call. Let your customers pay their way, using the method they prefer. Offer the opportunity to make telephone payments by Apple Pay, Google Pay or PayPal and exceed your customers’ expectations while keeping their data secure. Your agents can stay in contact with your customers throughout the transaction but are not exposed to the sensitive card data.

PCI Compliant Payment Solutions

DTMF Masking & Audio Tokenisation

Look, you can’t just ask your customers to tell you their details over the phone anymore. It’s too risky. Someone could overhear them, you’re dependent on agents (who are complete strangers) hearing and typing in the info, and at the end of it, you’re left with call recordings storing the conversation in its entirety. It’s just not secure.

Instead of asking your customers to read out card details over the phone, they could type this information into their phone keypad (meaning their details aren’t in danger of being overheard).  The agent can stay on the phone with the customer during the whole transaction process as tones made by your customer’s telephone keypad are ‘masked’ and cannot be identified by their sound. Then, as the information is tapped in, it populates fields on the agent’s screen. The agent only sees asterisks and the last four digits of the card number as an identifier.

Need Help With your PCI Compliance?

Compliance with the Payment Industry Data Security Standards (PCI DSS) is essential for contact centres that handle personal customer data, including payment card information. You need to ensure your organisation takes steps to prevent this data from getting into the wrong hands. PCI compliance is not just about securing your systems and encrypting your data. It’s also about having the right infrastructure set up for when your systems and data come into contact with people. We can help — by offering PCI DSS compliant solutions for your contact centre.

How our solution can help you with PCI Compliance: 

 1. Help you to select options to fit your needs

2. Safeguarding your payment channels – and your reputation!

3. Delivering one of the best security and payment solutions available

4. Deploy alongside your existing systems with no changes or integration

5. Secure voice transactions

6. Keep data completely out of your IT networks and systems

Want to take a look?


Our PCI Compliant payment solutions are powered by Eckoh.