Over half percent of UK consumers, 69 percent of U.S. consumers, and 60 percent of Australian consumers say they are becoming hesitant to make payments by phone.
A consumer survey by Syntec, one of the UK’s leading call center systems specialists, reveals that consumers in the U.S.and Australia agree with UK consumers: to decrease fraud, call centers should use the latest technology to hide payment card data from call center agents and call recordings.
Syntec’s latest annual consumer survey expanded to include the USA and Australia, and indicates that consumer worry about fraud in call centers is worldwide. Thirty six percent of UK consumers, 53 percent of U.S. consumers and 44 percent of Australian consumers agreed with the survey statement “There have been several occasions in the past year when I have not bought something due to being worried about the security of my payment card or ID details when buying over the phone.”
Four of five consumers over all three continents agreed with the survey statement “As a general rule, I don’t think organizations should be allowed to keep my payment card details in their databases.”
There are about 5,000 call centers in the UK, 44,000 in the U.S. and 2,500 in Australia, according to industry associations. They employ around 3.3 million people among them, and the majority of consumers (77 percent in the UK, 55 percent in the U.S. and 43 percent in Australia) see the agents in these call centers as potential fraudsters. They are influenced by media reports about the major data breaches that have affected the reputations as well as customers of household name brands.
Even IT managers and operations managers in call centers admit to being reluctant to make payments over the phone in their personal lives, due to the possibility of data breaches, says Syntec’s annual research survey and white paper, which continue to finger call centers as weak links for global payment security.
An executive with UK anti-fraud body Cifas says 32 percent of the internal fraud cases reported by Cifas members in 2015 were committed in call centers, with many of these offenses involving staff disclosing customer or commercial data to organized criminal third parties.
Simon Beeching, business development director of Syntec, says, “This representative survey of consumers is now in its fifth year and continues to show that the worldwide call center industry, in consumers’ eyes and by its own admission, is still not keeping up with demands to tackle this area of fraud and customer distrust. Furthermore, the latest PCI DSS v 3.2 regulations require the merchant’s senior management to take direct responsibility for ensuring compliance, including where third parties such as outsourcers or remote/homeworkers handle card payments on their behalf. So delegating the problem away or using half measures such as ‘pause and resume call recording’ will no longer do.”
The recommended approach to resolving this is de-scoping technology, where consumers can use the touchtone signals of their own phone keypad (DTMF, or ‘dual tone multi-frequency’) to convey their card numbers for payment authorization, either live in mid-conversation with the agent or using an automated customer self-service solution.
In both cases the card data bypasses the call center and any call recordings altogether, thus de-scoping the call center environment from most PCI DSS regulations and audit requirements, as the data is no longer there to capture or potentially compromise.