An Introduction to DTMF Payments
DTMF stands for “Dual Tone Multi Frequency”, and it is a telecommunications system that uses the voice-frequency over telephone lines. When you press a button on your phone pad a sound will be generated which is DTMF signalling. The sound transmitted allows equipment than can interpret the tone to know which button was pressed.
In essence, DTMF allows people to interact with automated systems over a telephone line, such as an interactive menu, IVR, or dialling an extension for instance. When the DTMF tones are muted or masked, companies can use DTMF to process sensitive information without it being handled directly by the staff member on the phone, which can reduce the risk of data interception.
Without the implementation of DTMF masking technology to transmit sensitive information, organisations could face the risk of malicious attacks targeting their data. This includes the potential for internal attacks from ‘rogue agents’ within their contact centres or customer service teams. By having the ability to ‘mask’ the numerical input of card details for example, it significantly reduces the risk both of internal and external malicious attacks, and therefore significantly protects the sensitive data of customers.
How DTMF Masking helps with PCI Compliance
The PCI-DSS is a set of security standards that are designed to make sure that all companies are accepting, processing, storing or transmitting credit card details within a secure environment. This was a standardised compliance practice introduced in 2004.
Companies taking telephone payments, often referred to as MOTO (Mail Order Telephone Order) transactions can find fulfilling the PCI DSS requirements very difficult. This is due to both their phone system, their internal IT network and their staff being exposed to the sensitive card information read out by the payer. This makes it next to impossible for companies to achieve compliance.
Many companies turn to DTMF and use automated payment lines to process phone payments. Here a customer would type their sensitive card information, such as their long card number, their expiry date and their security code, into the telephone keypad. This in turn sends DTMF signals to a payment application that processes the payment.
The problem with an automated payment line is that the customer experience can be poor, as it is an automated system. This is where payment applications that use DTMF masking can really help. Phone payment apps like PayGuard® allow the payer to enter in their card information, then subsequently blocking, muting or manipulating the DTMF signal after it has been received by the application, in order to prevent it from travelling further down the phone line.
Utilising DTMF Masking technology eliminates data breaches in businesses and Contact Centres. By preventing any numerical data from entering the environment to begin with, there is no data stored on the server, and also becomes very difficult for any hacker to access information if intercepting a phone call.
From a PCI compliance perspective, this removes significant risk, as it additionally removes any need for the agent on the other end of the phone to see, hear or store any sensitive data. It also means there is no need for the caller to pause the call recording to enter details and the agent can remain on the line the whole time.
With further technological and compliance challenges arising each year due to an increase of financial risk on a daily basis, there has been significant pressure from banks, regulators and GDPR to be PCI Compliance. DTMF masking and suppression has become a favourite addition to the phone payment process due to its cost-effective manner of reducing risks involved with taking card payments over the phone.
DTMF Payment Data Breach Reduction
There is no way that any sensitive data could be compromised by ‘rogue agents’ who may be looking to steal the information for malicious purposes, due to the way that any sensitive information is intercepted by the system and masked.
The Financial Conduct Authority (FCA) specifies that any financial company that provides a service to customers and takes payments over the phone must record their calls for monitoring and audit purposes.
DTMF masking really helps here, because when a payment is taken no sensitive data is present on the phone line, so cannot be recorded. The call recording is not paused at any point, making it a true and accurate reflection of the call. Even if call recording data is breached, there will be no sensitive card information to be used maliciously, which further reduces the risk behind any cyber-attacks.
There is a general trust obtained by the utilisation of DTMF between customers and businesses, as the perception is that they are taking care of the personal information of their customers. This is especially important due to the rise in awareness of data breaches in media reporting. Many consumers are becoming more sceptical and cautious as to who they state their card details to.
Customer Experience Improvements
Historically, when making payments over a phone call, the agent on the other side of the phone may have asked you to read the details of your card aloud to them. This has been deemed to be an unprofessional and risky approach which could lead to your card details to being stolen. Since then, many solutions have been suggested and used by companies worldwide.
One of the solutions is to transfer your call to an automated input system while you state your details, in an attempt to mask your details from both the agent and the IT system. However, this can interrupt the conversation with your agent as well as lead to difficulties if you have a question, or an error with the system.
The benefit of DTMF masking is that it allows you to maintain a full conversation with the agent throughout your purchase, allowing you to make sure that your payment has gone through and that there are no issues. This also allows the agent to guide you through the process. This can be of significant benefit to those who may not be particularly technologically savvy.
A core benefit to the customer experience when making a DTMF payment is that it is perfect for all demographics. Especially those who require any extra assistance during the process of taking payment. Also with data breaches becoming a common occurrence, those who are more risk-averse can rest assured knowing their sensitive data is well protected.
In summary, DTMF is a huge part of the lives of individuals processing payment details over a phone call. Many may not even be aware of the technology or how it works. However, the core benefit of concealing private details during the payment process, as well as the side-benefits of how beneficial it can be to the customer experience during payment processing means that DTMF is likely to be a mainstay and primary addition to the processing technology of companies throughout the world.
PayGuard as A DTMF Payment Solution
In the below video, you can see just how simple PayGuard® works as a complete DTMF Payment Solution, not just a DTMF masking solution. This allows your customers to conveniently use their telephone to enter their card details to make a payment. In the demonstration, we show how you can set up a recurring payment, but it is just as easy to create a one-off payment or refund.
- Your agent will simply select a phone keypad as the process to make a payment.
- Enter the payment amount and details.
- Select a payment gateway (PayGuard® allows easy selection of multiple gateways).
- The customer is then asked to use their keypad to enter their details, at no point is your agent exposed to this sensitive data. Making you PCI DSS compliant and secure with minimal effort.
- The agent then simply reviews the final payment details and submits the DTMF payment. Alternatively, if there is an error they can easily edit payment information on this screen.
- Payment is now complete, and the agent can move on quickly and stress-free to serve your next customer. In fact, it all takes less than a minute.
PayGuard®’s technology includes this DTMF Payment Solution as just one of its many innovative features. All these features significantly reduce your PCI DSS scope, risk of breaches and fraud.
Feel free to fill out the contact form below and we will happily arrange a personal demonstration on DTMF payment processing with PayGuard®.