PCI Compliance Can Lead To Hidden Cost Savings

By Barnard Crespi

Everything we hear about PCI compliance is about how expensive and time consuming it can be. However, what we don’t hear is how it can lead to cost savings when innovation is brought in to the equation.

Companies across a wide range of industries employ live agents to interact with their customers. Although technologies that enable self-service have shifted many customer interactions to technologies that are secure and safeguard customer privacy, customers still like being able to talk to a live person when dealing with companies they buy from. This includes handing over their credit card information to an agent on the other side of the phone.

In recent years, new and evolving credit card security regulations, PCI-DSS, have placed the risk and financial burden on companies of maintaining tighter security measures to protect their customers credit card information.

Companies must navigate the maze of PCI guidelines to be compliant and this becomes even more complex when running operations where their employees are in constant interaction with customers where anyone can be handling customer credit card information at any given time. Ensuring that every customer touchpoint is secure has no doubt increased the costs to companies of delivering Live service to their customers. There are no guidelines what companies can expect PCI compliance will cost to achieve and to maintain, as this largely depends on the technology and people infrastructure, and how they do business with their customers.

Many PCI experts will suggest reducing the PCI scope by implementing technologies such as payment webpages offered by many payment gateways and processors. However for many companies who pride themselves in proving a seamless customer service experience, pushing a customer to a web page to make a payment while speaking to an agent on the telephone is not an acceptable option. So why not transfer customers to an automated Interactive Voice Response system which can collect the customers credit card information. Most current phone systems offer IVR as a built in feature which can be programmed to collect credit card information. However, this also falls in scope of PCI-DSS, and does not remove the complexity and costs associated to compliance.

So what other options are there?

  • IVR on the Cloud: An option is to implement an IVR service on the cloud whose infrastructure is already PCI compliant. Some vendors provide tools which companies can use to build IVR applications in their PCI compliant infrastructure. However building and maintaining your own system, even in the vendors platform, will require that you dedicate resources to build, test and maintain the software which you have built or paid someone else to build for you. PCI-DSS also dictates how you need to manage code that collects and transmits credit card information. This approach can remove much of the PCI scope away from your infrastructure to your vendors, however you are still in the hook to ensure your developers follow the guidelines, and you have the resources to maintain what you have built.
  • On-Demand Pay-By-Phone: There is also the option to subscribe to an On-Demand Pay-By-Phone Software service, which provides you a pre-packaged configurable solution which you can plug in to, leaving all the building, maintaining and PCI compliance to the service provider. This can remove a significant amount of effort and financial burden from the company to the service provider.

You still have to go through the cost modeling to arrive to how your dollars are best spent. It’s a better investment to make your call center PCI compliant, use technology you have already paid for and maintain it to the most current PCI standards, build your own in a PCI compliant infrastructure or shift this part of customer interactions to an application already built specifically to process payments.

This is an exercise that every company must go through and can take people and financial resources to arrive to a conclusion. Keep in mind that PCI compliance is not optional and you need to be PCI complaint whether you process 100 payments or 100,000 payments a year.

The Silver Lining

Disguised in this maze of analysis, evaluations and decisions that managers must make, is the potential of exponential cost savings. With On-Demand Pay-By-Phone you can shift agent time to automation time. Provided that the On-Demand Pay-By-Phone cost is lower than your live agent time and by implementing efficient processes you can realize significant cost savings. For example a company who processes 10,000 payments a year implementing On-Demand Pay-By-Phone can save approximately 500 hours a year of agent time. By factoring in labor costs, training, IT, overhead, this can result in thousands of dollars in monthly savings when implementing an On-Demand Pay-By-Phone solution.

We’re Here to Help

What our clients are saying about us

“Never any issues with you guys! Things just work.”

Gerry Henstra, CEO, Henstra Business Solutions

“Customer service is a really big deal to us, and I am glad to do business with a company that obviously takes it as seriously as we do.”

Jeff Boatman, Global Client Solutions

“We’re happy with the IVR Payment system and it has been working well for us. Recently we also setup your newest SMS (text) receipts and found it to work great.”

IT Manager

“I want to command you and your team at Datatel on the job just completed for Tele-Response Center. The attention to detail and professionalism with which you approached the project was exemplary and greatly appreciated especially considering the several applications that needed to be implemented on short notice. Thanks again for your assistance getting this project off the ground so smoothly.”

Joe Grossman, Sr. Vice President, 121 Direct Response

“My team and I would like to commend Datatel on creating an IVR application that adds great value to our new Travel product. Your knowledge, input and expertise in IVR scripting, call flow management and overall IVR logistics made the development and implementation stages extremely easy to manage. Thank you for a well executed campaign that was launched on time and on budget.”

Ryan McCullough, Marketing Manager, Aegon Direct

“Great team to work with. I look forward to utilizing some additional capabilities in the future.”

Bob Griffin, VP of Operations, MedA/Rx

“We are very grateful for many years of mutually beneficial business relationship with Datatel and for impeccable customer service we have received during these years.”

Director of Student Accounts

“We, Standard Life, very much appreciated Datatel’s expertise, knowledge and support as we worked through the development and implementation stages. Our Clients appreciate the simplicity of the capability, while gathering very valuable feedback. Thanks for making this a very positive experience.”

Anne Pennell, VP, Customer Services Operations, Standard Life

“This was one of the best implementations I have been a part of. The communication was excellent and everything was responded to and dealt with swiftly. A real pleasure. We are looking forward to the impact this will have on our patient payments! Thank you!”

Kim Pace, Director Patient Accounts and Revenue, Chatham-Kent Health Alliance