Boston, MA, USA and Guilford, UK, May 7, 2019 -- Semafone, a provider of data security and compliance solutions for call and contact centers, announced that their flagship solution, Cardprotect (version 4), is now validated by the Payment Card Industry Security Standards Council (PCI SSC) against the latest version of the Payment Application Data Security Standard (PA-DSS).
Data security is one of the most important considerations for any company that has a call or contact center that takes and handles payment card transactions. Payment card data breaches, fraud and theft have become pervasive issues, and for most organizations, it's no longer a question of if they will be breached, but when. The Ponemon Institute's 2018 Cost of a Data Breach Study found that the average global probability of a material breach occurring in the next 24 months is 27.9 percent, an increase over previous years. At the same time, the average total cost of a data breach is $3.86 million.
"We are pleased to be able to provide our expert guidance to support Semafone in their bid to help protect customers when making payments," says Bryan Scaife, Managing Consultant, NCC Group. "Semafone's PA-DSS certification provides assurance of investment in the continuous maintenance against cyber threats, which helps to reduce the risk for end users."
In addition to PA-DSS certification and being a Level 1 PCI DSS Service Provider, Semafone is also certified for ISO27001 and is a Level 1 Visa Listed Merchant Agent.
"Semafone has been PA-DSS certified since 2012, which demonstrates our consistent commitment to achieving the highest possible standards in payment data security. By consistently obtaining a PA-DSS certification, we're providing an unmatched level of security and peace of mind, not only for our direct customers but also for our partners," said Gary E. Barnett, CEO, Semafone. "PA-DSS certification is a requirement for any maker, developer and integrator of payment applications that use credit card information for payment authorization and settlement, and that are sold, distributed or licensed to third parties. We are literally saving our payment application partners valuable time and costs that would otherwise have gone towards achieving the certification themselves. For our customers, they can rest assured that by selecting Semafone they will be taking every measure possible to protect their consumers' sensitive information and reduce the risk of a data breach."
Posted by Veronica Silva Cusi, news correspondent
Semafone provides secure voice transactions for contact centres and retailers taking Cardholder Not Present (CNP) payments. The solution allows a call - and the call recording - to continue as normal whilst the customer enters their credit card information using their telephone keypad. For complete security, Semafone's patented technology masks the Dual Tone Multi-Frequency (DTMF) tones from the cardholder's telephone and replaces them with a flat tone so they can't be recognised by the call centre agent or recorded on the call recording system. By ensuring all card data remains segregated and by removing Sensitive Authentication Data (SAD) before it hits the call recorder and the contact centre infrastructure, the contact centre is taken out of the scope of PCI DSS, protected against the risk of opportunistic agent fraud and the associated reputational risk.
Published: Thursday, May 9, 2019
Contact center quality assurance training and certification