Our transition from Payment Service to Payment Gateway Provider

We’ve been going through a period of change here at PCI Telecom, developing the business to create stronger, more robust payment solutions for our existing and future clients.

Since our acquisition of RealCredit, we’ve adapted our services to become a Payment Gateway Provider (PGP). What does this mean? We will continue to deliver bespoke card payment gateways – the secure system into which card details are inputted when a customer makes a payment over the phone or online – created to meet the exact needs, specification and branding of our client businesses and their customers. But rather than us processing the payment through our own system, this move to Payment Gateway Provider means that we have the flexibility to work with any Payment Service Provider (PSP) our clients prefer, into whose secure transaction environment the card details will be seamlessly transmitted for processing.

Our solutions will continue to deliver for those businesses looking to accept card payments securely over the phone to a live agent, via an automated IVR system and/or through online platforms and weblinks – all compliant with Level 1 PCI DSS. The system remains cloud-based, so there is no need for intrusive fixtures or equipment on site. Most excitingly, for those that require the full card payment processing package, we’ve built a partnership with UK Payment Service Provider Opayo to create a resilient and cost-effective solution that can grow and adapt as businesses change over time.

If you would like to know more about how PCI Telecom can support your business with accepting card payments, whether you’re starting from scratch or looking to adapt your existing system, please do get in touch via the website, webchat, email or give us a call on 0330 022 0660.

The new PCI DSS v4.0 has arrived

31 March saw the long-awaited launch of PCI Data Security Standard v4.0. Having been developed over the last few years, with much collaboration with members of the card payment industry, the launch of the new standards was delayed from autumn last year due to the pandemic.

A lot has changed since the original standards were created in 2004, with the most recent update taking place in 2015. Major developments in payment channels, smart devices, and open banking as well as new legislation including Strong Customer Authentication (SCA) and GDPR have completely changed the payment landscape and eco-system for consumers as well as businesses.

What is different about PCI DSS v4.0?

The standards have been revised to better align with the developing nature of the payments industry and the fast-changing behaviours and threats posed by cyber criminals. The main aims of PCI DSS v.4.0, compared to previous versions, are:

  • To meet the security needs of the payment industry – expanding requirements to implement multi-factor authentication (MFA) and to update password requirements for all access into the cardholder data environment.
  • To promote security as continuous process– with clearly defined roles and responsibilities to address each of the standards.
  • To add flexibility for different methodologies – to increase flexibility for organisations using different methods to achieve security objectives, adopting payment technology innovation.
  • To enhance validation methods and procedures – making the process of reporting on compliance easier and more transparent.

What does your business need to do to comply with new PCI DSS v4.0?

Many businesses opt for self-assessment when it comes to PCI compliance. For those businesses that handle this process internally, the onus will be on them to ensure that their card payment systems adhere to the new standards, which may require technical expertise depending on resources available. The good news is that the PCI SSC are allowing time for organisations to get to grips with the changes and implement updates, with existing standards remaining active and running concurrently with v.4.0 until March 2024.

For businesses that have chosen to outsource their card processing to a third-party Service Provider (like PCI Telecom), the process is a lot more simple. The service provider, with responsibility for PCI compliance, will update their systems accordingly, in line with the new standards, with little input and resource required by the business.

At PCI Telecom we create card payment processing solutions that meet the needs of your business, whatever its size and budget. Our solutions are cloud-based so there’s no need for expensive equipment, and they can be used for all card-not-present payment channels including over the phone to a live agent, via auto IVR, online and webchat. Most importantly, our solutions are PCI DSS v.4.0 ready, with end-to-end encryption, so you can rest in the knowledge that your payment process is always adhering to the guidelines, even when changes are made to them, and protecting the business and your customers from cyber-attack and data breach. Find out more by visiting our Solutions page or get in touch with us here.

How can businesses bolster their cyber security?

Recent instability in Europe has brought with it the increased threat of cybercrime that has resulted in the UK government advising many businesses to step up their cyber security measures as a precautionary measure. With that in mind, we take a look at steps that businesses can take to protect themselves and their customers.

Understand where the vulnerabilities are

Identifying where weaknesses exist in your IT network is the first step towards being able to secure your systems against the risk of cyber-attack. Through external penetration testing, businesses can view and test their security measures through the eyes of a cybercriminal, replicating the tactics and practices of hackers to highlight flaws and gaps in the network that could be taken advantage of, with particular focus on areas where the most common weaknesses occur, usually at the point that two systems integrate. In addition to this, the process tests the efficiency of firewalls and anti-virus software, and how easy it is to access sensitive data such as customers’ personal information and card payment details.

Invest in strengthened technology

For businesses, particularly those that are smaller, the cost of updating IT systems and networks can be a barrier, with many relying on out-of-date technology and patching when necessary. This creates weaker and more vulnerable systems that are easy to target. Adequate budgeting for regular IT maintenance and updates should be a priority – cost will inevitably be less than the damage caused by cyber-attack.

Plan and implement policies and procedures

Do your employees understand their role in helping to prevent cyber-attacks and know what to do if they see anything suspicious? Setting out clear guidelines and company policies – on topics such as the use of personal IT equipment and mobile devices, the need for strong passwords/multi-factor authentication and ensuring software is up to date – is required to ensure that there is a coordinated approach to maintaining robust systems and that a clear and concise process is in place should these be infiltrated.

These policies and procedures are only effective if they are widely communicated throughout the organisation – ongoing engagement and education of employees will reinforce how their actions make all the difference.

Comply with data protection guidelines and PCI DSS

Data protection legislation and guidelines such as PCI DSS are designed to prevent sensitive personal and payment data getting into the wrong hands and to help you stay one step ahead of the hackers by creating barriers to make their target much harder to reach. Going through the process of achieving compliance will undoubtedly result in the creation of more robust systems and networks, protecting your business and your customers from the threat of cyber-attack.

At PCI Telecom we create bespoke, cloud-based card payment processing solutions that interface seamlessly and securely with other IT functions, enabling you to accept and process payments safely and swiftly over the phone, via IVR and online. Because our solutions are accredited to a PCI Level 1 standard, they provide the highest level of compliance regardless of the size of the organisation. Contact us today to find out more about how we can support your business.

SCA enforcement deadline fast approaching

The enforcement date for the implementation of Strong Customer Authentication (SCA) in the UK is coming up very soon – 14 March 2022. By this date, which was delayed from last year due to coronavirus, all payments made online will need to comply with the new set of rules, introduced as part of the EU Payments Services Directive (PSD2) launched in January 2018. While the roll-out took place across the EU last year, in the UK the Financial Conduct Authority (FCA) provided a longer lead time for enforcement to minimise the impact on both consumers and businesses.

What are the SCA requirements?

SCA is a set of rules that strengthen the process of confirming the customer’s identity when making purchases online with the aim of reducing the risk of card fraud. It requires ‘multi-factor’ authentication to be applied to all transactions over the value of €30, using at least two of the following:

  • Something the customer knows – a PIN or password
  • Something the customer has such – smart phone or card reader
  • Something the customer is – biometric data such as fingerprint or facial recognition

What should businesses do?

To confirm that SCA has been applied, businesses will need to check with their payment gateway service provider that their system technology has been upgraded with 3D Secure versions 2.1 or 2.2 that enable the two-factor authentication at the time of the transaction. While the prevention of card fraud is important, so too is ensuring a positive customer experience so is also worth exploring which exemptions could be applied to certain payments and also making sure that the correct flagging of transactions (for example, those that are exempt or out of scope) is in place to avoid any unnecessary payment declines.

It’s worth also noting that SCA does not apply to payments made over the phone.

What happens if your system isn’t ready for SCA?

Non-compliant e-commerce transactions that are attempted after 14 March 2022 will be declined, causing inconvenience to the customer and an unnecessary cost to your business. Ensure the smooth transition to multi-factor authentication by checking that your processes and technology are ready today.

Here at PCI Telecom, we create bespoke card payment processing solutions that meet the needs of businesses whatever their shape and size. Our solutions are not only accredited to a Level 1 standard for PCI DSS compliance but are also compatible to meet the requirements of SCA for online transactions.

You can find out more about our online payment processing solutions as well as our over the phone card payment systems by visiting our Solutions page or get in touch to discuss your requirements in more detail.

What have we learned about card payments in 2021?

It’s been another challenging year for businesses, compounded by on/off lockdowns and travel restrictions as well as working-from-home advice, the implications from which have led to substantial changes in working practices and consumer behaviour. So, what have we learned from our experiences in 2021 and what can we take forward as we move into the new year?

1. That having agile systems and processes is key to business continuity

As businesses dashed to adapt their systems to remote working, those who already used cloud-based and online networks were able to make the move a lot quicker with minimal disruption to services and enabling them to continue to process transactions despite staff and call handlers being either home-based, office-based or a mixture of the two. For those that didn’t have such agile systems in place, there was a race to set them up, in some cases to the detriment of card and data security and often costing the business in resources and lost sales.

Many organisations are now looking at longer term mixed remote and office-based working so the need for agile and flexible systems continues as we move into 2022.

2. That cyber criminals are always ready to take advantage

While the move to internet-connected networks and systems proved invaluable for business continuity, malicious cyber attackers were ready to take advantage of weaknesses in systems that had been speedily patched together. According to the DCMS Cyber Security Breaches Survey published in March 2021, 39% of all UK businesses reported a cyber breach or attack in 2020/21. The move to home working initiated substantial changes to digital infrastructure with many businesses issuing laptops or tablets to staff. But this has created more endpoints for organisations to monitor leading to difficulties in upgrading hardware and security protection.

These challenges highlight the need for businesses to invest in adequate security measures that are easily adapted to different working practices as well as increase efforts to comply with guidelines such as PCI DSS. Working through these requirements ensures that sufficient policies and procedures are in place to prevent a data breach occurring in the payment process and card transaction environment.

3. That offering omni-channel payment methods is essential

While the working practices of many businesses have changed, so too have the shopping behaviours of the consumer, with a move away from visiting physical shops to making purchases online or over the phone. Forward-thinking organisations have taken this further by expanding to other secure payment channels such as email, webchat and social media as well as using IVR technology to accept and process payments made over the phone 24/7 and without the need for a call operator. Creating new payment channels expands the reach to more customers and in turn generates competitive advantage and, while there are perceived challenges in maintaining consistent customer service, this move to multi-channel payment offering looks set to continue and grow as we move into 2022 and beyond.

At PCI Telecom, we create flexible, bespoke card payment processing solutions that are cloud-based and therefore agile to adapt to whatever changes in working practices or consumer behaviours businesses are faced with. Our solutions are compliant with the latest PCI DSS and can be used for payments made over the phone – either to a live agent or via IVR – as well as online, via email, webchat and social media. For more information, visit our Solutions page or get in touch here to discuss your requirements.

MOTO payments and PCI compliance: in-scope vs descope

MOTO payments continue to be an essential piece of the card payment landscape, with around half a billion MOTO payments processed in the UK each year. For many businesses, particularly retailers and food outlets, MOTO payments offer an essential alternative to online channels, enabling more customers to access their products and services. Despite the continued reliance on this payment method, there remain many challenges for businesses in addressing card security, protecting data and complying with PCI DSS.

What is a MOTO payment?

A MOTO (Mail Order/Telephone Order) payment is a debit or credit card payment that is taken over the phone or via postal mail and email. Because the cardholder is not visible to the business, MOTO payments are considered a ‘Card-Not-Present’ (CNP) transaction and, by their very nature, involve risk through the passing of card data from customer to call handler. This type of payment is exempt from the recently introduced SCA (Strong Customer Authentication) requirements because of the limitations of being able to confirm the identity of the customer at the time of the transaction.

When it comes to addressing PCI DSS in MOTO payments, businesses have two options. They can choose to remain ‘in-scope’, retaining responsibility for ensuring that their transaction environment and processing complies with PCI guidelines. Alternatively, they can look to install an external card payment processing solution that handles and manages transactions outside of the business, removing (or ‘descoping’) the whole process from the business’s PCI obligations.

Remaining in-scope

The benefits of keeping card payments in-scope for PCI DSS compliance include keeping costs low and maintaining complete control of the transaction environment. But, without in-house expertise, that does mean increased risk. MOTO payments require cardholders to read sensitive payment card details over the phone that are then either written down or entered directly into a physical terminal by the call handler for processing. To make this process compliant with PCI DSS, the business must demonstrate that it has procedures in place to alleviate the possibility of those card details being lost or stolen. This could include ensuring that any written record of card details is destroyed and prohibiting the storage of data once the transaction is complete.  For larger call centres, a ban on using pens and writing implements while on calls is sometimes put in place.

Having these procedures demonstrates the business’s intent to protect card data that will enable it to achieve PCI compliance via annual self-assessment. However, what they don’t do is offer significant protection and security from human error, malicious intent or cyber-attack. With even the strictest of procedures in place, if a business falls victim to attack that results in a breach of customer card data, it will still be liable for a financial fine and suffer the resulting reputational damage.

Descope from PCI compliance

While there is an obvious appeal to remaining in-scope – reducing cost outlay and keeping control – it is worthwhile considering an external card payment processing solution that ‘descopes’ the transaction environment from within the business’s PCI obligations, onto that of a service provider. This not only cuts out the pressure and resources required to achieve compliance but also significantly increases security, ensuring that customer card data is less likely to fall into the hands of fraudsters. While there is a financial commitment involved in installing the technology, this is offset by a huge reduction in risk.

At PCI Telecom, our PCI Agent solution allows businesses to accept and process card payments over the phone via a uniquely secure and PCI compliant system. The customer is asked to enter their card details via their phone keypad that connects directly with our cloud-based system, with DTMF masking to hide the tones and at no point being visible to the business. The call handler remains on the line to the customer throughout the entire transaction, maintaining personalised interaction and a positive customer experience. Being cloud-based, our PCI Agent solution requires no expensive or intrusive equipment to be installed on site and it can work independently or as part of our wider suite of multi-channel solutions, including AUTO IVR and Online.

You can start the process of descoping your business from PCI DSS and securing your card payments by contacting us today.

The rise of ‘soft declines’: what they are and how to prevent them

‘Soft declines’ of card payments have become more common of late, causing a bit of a headache for businesses and frustration for customers. So, what is the reason for this rise in soft declines and how can you try to prevent them from happening?

‘Soft’ declines vs ‘hard’ declines

Hard declines of card payments occur due to a permanent authorisation failure. This could be because the bank account has been closed, the card stolen or an invalid card number has been entered. There is no point in retrying these payments as the failure cannot be rectified.

Soft declines, on the other hand, are those that have failed because of something that can be rectified. This could be insufficient funds, details not matching up, unusual activity or the card having expired. The good news is that these failures are usually temporary and can be reattempted for the payment to be processed, occasionally requiring some actions by the customer beforehand.

Why are soft declines on the rise?

Recently there has been rise in the number of soft declines taking place, particularly with recurring payments (also known as ‘continuous authority payments’). This is largely due to new Strong Customer Authentication (SCA) coming into force as of September 2021, applying new requirements across all electronic card payments made in the EEA and the UK. It adds extra layers of security, requiring banks to perform additional checks when consumers make card payments to confirm their identity, usually in the form of two of the following – something they know (such as a password or PIN), something they have (such as a mobile phone, card reader or other device that can generate a one-time passcode) or something they are (such as a fingerprint or facial recognition).

For recurring payments where the amount is always the same, for example monthly subscriptions, only the first payment is subject to SCA. However, if the amount or frequency of the recurring payment differs, then each transaction is subject to the authentication requirements. And this is causing the problem – as the recurring payment is processed, a red flag is waving at the issuing bank that SCA requirements haven’t been met leading to a soft decline.

How can you prevent soft declines?

Soft declines aren’t as problematic as hard declines – the payments generally make it through eventually. But they can be a bit of a pain and a drain on a business’ resources. So, what can be done to prevent them?

SCA is easy to implement on initial payments that are set up online, simply adding a step to the payment process. Added to that, card payments that are made over the phone are out of scope for the regulations. Recurring payments, however, will remain an issue for some businesses. The solution is to implement a means of authentication with the customer to avoid the payment being flagged with the issuing bank.

At PCI Telecom, our Paylink service offers a solution to this problem, enabling customers to confirm their identity when payments are due. This is achieved through a unique URL sent to the customer via email or SMS through which they can authenticate their identity, in the long run saving both the business and the customer the time and hassle of dealing with a soft decline.

The Paylink service forms part of our suite of card payment processing solutions for payments made over-the-phone, IVR, online and via webchat. Our solutions are cloud-based, built to meet the specific needs of your business and compliant with the very latest PCI standards. For more information, visit our Solutions page or get in touch to talk through your requirements.

Too early to mention Christmas?

If you’re a retailer, you’ll no doubt have begun planning your Christmas sales period. For many, the busiest time of year requires months of organisation to ensure that products and stock are ready and teams fully prepared. But what about your card payment processing?

The number of card-not-present (or CNP) transactions has been on the rise for many years, further compounded more recently by the Covid pandemic forcing consumers away from physical shops to online and mail order/telephone order retailers and service providers. Despite the lifting of Covid restrictions, it is likely that many will choose to continue purchasing over the phone or internet as this Christmas approaches.

With this in mind, does your business have the systems and processes in place to handle this change in consumer behaviour? Is your card payment process fit for purpose and able to adapt to the busy period and the rise in demand? If you’re not sure it is, then now is the time to upgrade it, and here’s why.

Support omni-channel sales

Expand your reach to more customers by increasing the number of ways that they can access and pay for your goods and services. We’ve recently worked with a number of new clients looking at additional and alternative card payment methods such as over webchat and social media as a means of gaining that competitive edge by making your business more easily accessible and improving customer satisfaction. Linking these payment channels under one umbrella system makes them easier to manage, increases the number of transactions processed at a time and ensures the delivery of a standardised, consistent service to customers across the board.

Improve efficiency and productivity

In addition to expanding your reach, you can improve your productivity and efficiency by using your card payment process to integrate with back-end systems such as CRM database, stock monitoring and accounting. This saves you time to focus your attention on delivery of high standard customer service.

Protect your customers from data breach and your business from card fraud

The surge in transactions and sales brings with it increased risk of falling victim to cyber crime. Hackers are on the prowl for weaknesses appearing in systems, taking advantage of businesses that are both too busy and distracted and/or with inexperienced or temporary seasonal staff in place.  According to UK Finance, online fraud against UK retailers totalled an estimated £262.3 million in 2020 while mail or telephone order (MOTO) fraud against retailers totalled £63.7 million. You can protect your business from card fraud and data breach by ensuring that you adhere to guidelines set out in the PCI DSS, or better still, implement a PCI compliant external processing system to make your transaction environment even more robust.


At PCI Telecom, we create card payment processing solutions that are bespoke to the needs of your business, be it for single or multi-channel payment methods – over the phone, auto IVR, online, via webchat, social media or email. Being cloud-based, our solutions are flexible, simple to install and easy to use, plus being PCI compliant to Level 1 standard, you can rest assured that your customers’ card data is protected. And there’s still time to get sorted for Christmas! For more information, visit our Solutions page or get in touch to discuss your needs.

Start-ups: speed up the launch of your business by outsourcing PCI compliance

When you are in the process of starting up a business, it’s understandable that you will be giving most of your attention to developing your product/service and keen to get out there to meet your customers. But as eager as you are, there are background functions to get sorted, one of which being the accepting and processing of card payments, both effectively and securely, while complying with data protection and other regulations, such as PCI DSS.

The good news is that there are options out there that mean you don’t have to let these hold you back or slow you down. One of which is outsourcing your card payment processing to an external service provider, such as us.

What is PCI compliance?

PCI DSS is a set of requirements established by the major global payment card brands and applies to every business that accepts, stores, processes or transmits cardholder data, regardless of its size or industry – so every retailer or online seller of goods or services, whether they are based in a shop, an office, at home or in a contact centre, should have policies and procedures in place to secure the transaction environment and protect customer card data.

Compliance with PCI is essential to keep card payment data secure and out of the reaches of cyber criminals, to reduce the risk of a data breach. Crucially for start ups, having this reassurance in place will help to build trust with customers from the outset.

Why you should consider outsourcing your PCI compliance

Building and maintaining PCI compliant card payment processing infrastructure can take a lot of time, expertise and resources, not only in the initial set up but also with ongoing monitoring and penetration testing – something that start-ups often don’t have. You can get your product/service to market faster by employing a provider to do it for you, faster and more effectively and reducing your PCI compliance scope, moving the obligation from you to them.

While outsourcing requires an initial investment, it will enable you to focus on developing your product or service and, in time, save you money. A more efficient system that works exactly how you need it to will in the long run allow you to function in the most productive way. And while your card payment processing needs to be robust, a good system will allow for flexibility and be adaptable as your business grows and changes over time, avoiding the need for regular updates and expensive overhauls.

Most importantly, investing in the right system early on will reduce the risk of becoming a victim of cyber attack resulting in a breach of data. There is a common perception that cyber criminals more often target bigger companies when in fact smaller businesses are just as vulnerable to attack, particularly those with weaker, less established systems in place. A breach of data, for a business at any age or stage, could have a devastating effect on brand reputation.

At PCI Telecom, we create bespoke card payment solutions that suit the needs of businesses of every shape and size and are accredited to a PCI Level 1 standard of compliance. Our solutions are robust, reliable and secure and, being cloud-based, they are flexible and easy to adapt as your business grows. Visit our Solutions page to find out more or alternatively give us a call to talk through your requirements.

The dos and don’ts of PCI DSS compliance

Despite being introduced nearly 15 years ago, PCI DSS, for many businesses, continues to be clouded in mystery and confusion. A lack of time and resources, paired with limited understanding of cybercrime and the risks associated with a data breach, mean that many business owners and managers have chosen to bury their head in the sand and avoid putting the necessary processes in place to secure their transaction environment. So, this month, we attempt to debunk a few of the myths surrounding PCI DSS with a list of Dos and Don’ts of compliance, to help you make the right choices for your business…


DO understand that if you accept payments by card then PCI DSS compliance applies to you. There are no exceptions to this!

DON’T assume that this means costly investment in equipment and extra resources. The extent of your compliance obligations is based on your transaction volume over a 12-month period. This determines which ‘merchant level’ category you fall into and therefore what actions need to be taken to become compliant. While getting the right procedures in place can take time, for many businesses, the compliance process itself simply involves completing an annual Self-Assessment Questionnaire (SAQ).


DO educate yourself and your colleagues on the need for compliance and know the implications if you do not. The more that staff understand and are engaged, the more likely it is that policies will be adhered to.

DON’T assume that you will get away with pleading ignorance should a data breach occur! Without compliance procedures and cyber protection in place, a breach will most certainly lead to a fine for failing to comply, from which the reputational damage to your business could be irreversible. Going through the steps to become compliant will give you a good understanding of the card payment process so you have a better chance of being able to identify gaps and fix weaknesses, making that dreaded data breach much less likely.


DO make compliance and card security a priority and identify an individual or a core team of people responsible for its planning and implementation.

DON’T expect compliance to be achieved in a day. New systems and ways of working take time to bed in, particularly in larger organisations. PCI DSS compliance should be considered as an ongoing exercise and not a one-off tick box so ensure that adequate resources are allocated each year.


DO implement technology and systems that limit the amount of card data visible to staff. Reducing the scope for human error will greatly improve your chances of resisting a data breach.

DON’T assume that because there is human involvement in the payment process that you will not achieve compliance. There are plenty of ways to adhere to PCI DSS while maintaining human interaction and personalised service for your customers. Systems that encrypt card details help to prevent data falling into the wrong hands and there is a wealth of technologies available to support this.


DO investigate ways to outsource your PCI DSS compliance to an external provider. Investing in a PCI compliant card payment solution descopes your businesses from the compliance requirements and moves the obligation and risk from you to them. Not only that, but a new system might also just be what you need to streamline your payment process, increase productivity and, in the long run, cut costs.

DON’T waste money on an off-the-shelf system that does not fit the needs of your business. It is crucial to find the right solution that has the flexibility to integrate with other processes and allows for future changes and growth.


At PCI Telecom we create bespoke card payment processing solutions for businesses of every shape, size, and sector. Our cloud-based solutions are flexible, robust, and cost-effective and enable businesses to accept and process card transactions – over the phone, via IVR, online and over webchat – in a secure environment, compliant with PCI DSS with Level 1 accreditation.  For more information, visit our Solutions page or give us a call to talk through your requirements.

Could PCI Webchat be the missing piece of your card payment puzzle?

Are you looking for ways to expand your reach to customers without having to invest heavily in equipment or extra resources? Or maybe you’re considering ways to maintain customer engagement when your staff are mixing office and remote working? Whatever your current conundrum, PCI Webchat could be the solution that you’re looking for.

The development of online payment technology over the last two decades has changed the way that consumers shop, but for some customers, particularly when buying goods or services that are complicated by nature, the lack of human interaction, can be barrier. PCI Webchat allows customers the convenience of paying online while receiving a personalised, tailored service and communication with a live representative of the business, enabling them to ask questions and receive the reassurance they need.

How does PCI Webchat work?

The PCI Webchat solution is super easy. After engaging with the customer via live chat, the agent simply launches the PCI Webchat solution and populates it with the sales information (or this can be pre-populated by your CRM). The system then generates a unique URL that can be sent to the customer, into which they enter their card details for the payment to be processed quickly and securely. A new encrypted chat window opens so that the customer and agent can continue to ‘chat’ whilst the payment goes through, maintaining live interaction and personalised service throughout.

And it’s not just over standard webchat that this solution can be used.  Agents can use the same method to engage and send payment links via SMS as well as social media, further expanding reach to even more customers.

What are the benefits?

The benefits are many! Firstly, because PCI Webchat utilises your business’ existing website and our cloud-based processing software, there’s no need for additional equipment so the cost outlay remains low. And while staff resource is required to monitor the live chat function, the system enables multiple payments to be processed quickly, effectively and efficiently, improving productivity and saving money in the long run.

As customers remain in contact with the sales representative from the beginning to the end of the transaction, a high standard of customer service can be maintained throughout. This helps to improve the rates of conversion from enquiries through to sales and ensures that customer satisfaction remains high, increasing the possibility of return custom further down the line.

Most importantly, our PCI Webchat, like all of our solutions, is fully compliant with PCI DSS to a Level 1 standard so you and your customers can rest in the knowledge that card payment data is protected. Card details remain hidden from the agent’s view and are processed through our system with end-to-end encryption. PCI Webchat interfaces seamlessly and securely with other payment channels as well as with back-end systems such as stock monitoring and your CRM.

If you’d like to know more about our PCI Webchat solution, or any other of our card payment processing solutions, please do get in touch. Our card payment processing systems are built on a bespoke basis to suit the needs of businesses regardless of their type and size and our clients to date have represented a range of sectors, from tourist attractions and retailers to train companies and insurance brokers.

Could IVR technology support changes to your post-Covid business operations?

In the post-Covid context, many businesses are looking at how to manage operations, juggling staffing schedules and hybrid office/remote working practices. We’ve noticed an upsurge of interest in our IVR solutions recently, with businesses searching for more automated systems to help them adapt to these new work patterns, while also reducing costs and providing more flexible options to their customers. So, what is IVR and how could it help your business?

What is IVR?

In short, IVR (or Interactive Voice Response) technology enables callers to interact with and purchase through an automated phone system. The system directs callers through a series of options using voice prompts or their phone keypad to reach the service that they require. At the point of payment, the customer is guided through the process of entering their card details into a secure transaction environment.

What are the benefits of IVR?

Undoubtedly, the biggest benefit of IVR is that no call handler is required, freeing up staff resource to work elsewhere in the business while continuing to maintain a consistent and high standard customer experience. The use of IVR for payments improves efficiency, allowing multiple calls and transactions to be handled and processed at the same time while reducing the risk of human error leading to security breaches and maintaining compliance with data protection and PCI DSS.

From the customers’ perspective, IVR offers convenience and flexibility, enabling them to interact and pay outside of usual opening hours and without having to endure a frustrating wait in a caller queue.

How we can help

Here at PCI Telecom, we create bespoke card payment processing solutions that enable businesses to accept and process card-not-present transactions effectively and securely, be it over the phone, online, via webchat and email. Our AUTO IVR™ is cloud based, cost-effective, easy to set up and simple to use, with the added benefit of integrating seamlessly with your database or CRM and other back-end systems. Whatever the size of your business, AUTO IVR™ enables you to capture, integrate and process card payment information with Level 1 PCI DSS compliance accreditation, closing any potential cracks and weaknesses in the payment process and descoping your business from its PCI DSS responsibilities.

For those looking at implementing IVR as part of an omnichannel payment set-up, AUTO IVR™ works effectively as part of our suite of solutions, with ongoing monitoring of transactions across all channels and removing the risk of duplication – particularly useful if you’re dealing with items of limited stock.

If you would like to know more about our AUTO IVR™, visit our Solutions page. Alternatively, get in touch here to talk through your requirements.

Is your business ready for the new PCI DSS v4.0? Here are some handy tips on how you can prepare.

PCI DSS is having a shake up this year with the release of PCI DSS v4.0 expected later in 2021. Final details are still to be announced but are expected to include requirements for more frequent testing and more rigorous authentication.

With these changes on the horizon, businesses might be wondering what they can do to prepare. Here we have some handy tips.

Why is a new standard needed?

The card payment landscape has changed dramatically since PCI DSS was launched by the major card providers back in 2006. Contactless payments, most recently via smartphone, as well as advancements in global internet speeds, open banking and cloud-based technologies has revolutionised the industry. While these developments have been great for both businesses and consumers, they have also opened the door to greater risks and vulnerabilities that cyber criminals are exploiting, finding weaknesses in interfacing systems to access personal and payment data.

PCI DSS v4.0 is the first major revision to the standards since 2013.  It’s expected that the 12 core requirements will remain the same with updates to reflect changes in technologies and cyber threats. These include the following high level objectives:

  • To ensure the standard continues to meet the security needs of the payments industry and the businesses that use it.
  • To add flexibility and support that will enable the standard to be applied across the variety of payment methods now available.
  • To promote and encourage businesses to see security and PCI DSS compliance as an ongoing process rather than a one-off tick box exercise.
  • To enhance validation methods and procedures – enforcing encryption and authentication processes to card payments.

What can you do to prepare?

The good news is that the PCI SSC have stated that there will be an extended transition period for organisations to update their systems to PCI DSS v4.0. For 18 months post launch, both PCI DSS v3.2.1 and v4.0 will be active followed by a further period of time (yet to be confirmed) for phasing in new requirements.

However, while 18 months might seem long enough, we all know how time flies by, especially when juggling other roles and responsibilities. There’s no harm in getting a few things in place now to ensure the transition to the new framework is as smooth as it can be. Here are just a few ideas of how you can prepare:

Identify who will be responsible.

A multi-discipline approach including every level of the business from senior management through to IT, HR, sales and marketing, is essential for an effective roll out of revised PCI DSS policies and practices. Assigning responsibility to one person or team early on in the process to oversee the implementation will make this process a whole lot smoother, identifying where expertise and technology is needed and minimising the risk of critical tasks falling through gaps between departments.

What budget is available?

How much you need will depend on the state of your existing card payment processing systems and policies. Investing now to upgrade your systems – improving encryption and authentication and applying it across all payment channels – will better prepare your business for the transition to the new guidelines. At the very least you should be ensuring that budget is allocated to the roll out of updated processes further down the line.

Explore your options

Have you considered investing in an external card payment solution to manage payments? Outsourcing your payment processing to an outside provider descopes your business from PCI compliance, placing responsibility onto the provider instead, including updating to the new v4.0. Explore your options now and get ahead of the game.


At PCI Telecom we create card payment processing solutions that meet the needs of your business, whatever its size and budget. Our solutions are cloud-based so there’s no need for expensive equipment, and they can be used for all card-not-present payment channels including over the phone to a live agent, via auto IVR, online, email and webchat. Most importantly, our solutions are PCI DSS compliant, accredited to Level 1 standard and with end-to-end encryption, so you can rest in the knowledge that your payment process is always adhering to the guidelines, even when changes are made to them, and protecting the business and your customers from cyber attack and data breach.  Find out more by visiting our Solutions page or get in touch with us here.

Worried about the cost of PCI compliance?

In these challenging times many businesses will be looking to cut costs where possible, putting planned expenditure on the back burner and tightening future budgets until Covid disruption blows over.

We know that card payment security and PCI compliance aren’t always at the forefront of minds and therefore have the potential to be on the list of spend items that could be side-lined. But this strategy has its risks – at a time when cyber crime is at an all time high due to weaknesses appearing in IT networks in the move to remote working, as well as the significant increase in card-not-present transactions because of the temporary closure of stores, the need for robust card payment security has never been more vital.

What is it that costs money in achieving compliance? Firstly, the time resource needed to create adequate procedures that set out how card data will be securely handled and establishing them across the organisation. The forthcoming launch of PCI DSS v4.0 moves towards ongoing monitoring of security measures, rather than an annual tick box exercise, so a person’s time will be required on a continual basis to ensure that these procedures are relevant and being adhered to. For those that do not have this time or know-how in-house, buying in expertise from outside the organisation may be needed. Also, investing in new, or improving existing, IT infrastructure will ensure that systems are robust enough to store and process card data securely.

While these might seem like expensive outgoings, they are nothing compared to the financial gamble in side-lining compliance, with potential fines of up to £50,000 per infringement plus the cost of an invasive forensic investigation should a data breach take place.  And, added to this is the inestimable price of potentially irreversible damage to your brand.

The good news is that there are solutions out there that combine all of the costs, protect your business and your customers from cyber criminals AND enable you to increase efficiency and improve customer service all at the same time. Which is exactly what we do here at PCI Telecom, creating and installing card payment processing solutions that are:

  • Bespoke – Our solutions are built to suit the exact needs of our customers, unlike those of other service providers who offer an off-the-shelf, one-size-fits-all product. This represents great value for money as you only pay for what you need rather than paying a premium for functions that you won’t use.
  • Affordable – To suit the needs of all budgets. We offer affordable monthly license fees and make sure that there is no charge for declined or refunded payments.
  • Cloud-based – There is no need to invest in any expensive bits of IT equipment. This also means that staff working at home can access and process payments remotely.
  • Omni-channel – Our solutions can be used to process payments made over the phone to a live agent or via an automated IVR as well as online, and via webchat and email so you can offer a variety of payment options to your clients.
  • Flexible – Can be adapted for busier periods, new payment channels and products. Our solutions are also fully interactable with other business functions such as your CRM, accounting and stock control.
  • Secure – Accredited to the highest Level 1 PCI DSS compliance standard. And by using our solutions, your payment process is descoped from your business’s compliance obligations and placed onto us instead.

You can find out more by visiting our Solutions page or alternatively, give us a call or send us a message to talk through your specific requirements.

Don’t let your card payment process get in the way of business success in 2021

Are you setting your sights on business growth in 2021? Or is your aim to simply to ride out the coronavirus storm? Whatever your objectives, if you’re using an out-of-date card payment processing system, it could hold you back or worse, lead to loss of sales and reputation damage.

Future-proof your business

Your old system might still be working, but is it fit for the future? Card payments are evolving constantly – the progression accelerating because of the pandemic creating new consumer habits and pushing them to alternative remote, or ‘card-not-present’ (CNP), transactions. Recent research predicts that CNP transactions will overtake in-person payments by 2023 – can your existing system handle this adjustment?

And it’s not just CNP transactions that are growing – the choice of payment methods has also increased. In this era of multi-channel communication, the likelihood is that your customers will engage with you through a variety of platforms – and your payment channels need to replicate this. Limiting to one channel might seem like a simpler way to manage payments but it seriously restricts your reach by excluding potential customers who may not have the time or the facilities for your single channel.  You can read more on the benefits of omni-channel payments here.

Advances in payment technology have enabled omni-channel transactions to be processed through one system, making it easier for you to manage and monitor sales while ensuring that the customer experience is consistent across the board, in turn improving satisfaction and brand awareness . This could include payments to a live agent over the phone or via an auto IVR working side by side with online options via your ecommerce site, webchat and email.

Be flexible to adapt to changes in demand and working practices

The ups and downs of the last year highlighted more than ever the need where possible for flexible business practices and processes. With the mass move to remote working, brought on by lockdown restrictions, businesses with cloud-based systems in place fared better, being able to move swiftly to alternative working practices with little interruption to service delivery.

Choosing a flexible, cloud-based card payment system that enables remote access for your staff and that can be adjusted to meet an increase in demand, whether that be adding agents or processing more transactions, will ensure that your business can adapt to whatever sits on the horizon in the post-covid context.

Security is key

The speedy introduction of new working practices unfortunately opened up vulnerabilities and weaknesses in many IT systems and networks and cyber criminals were quick to jump on the chance to take advantage. There was a significant rise in the number of cyberattacks on businesses of every size, compromising the card data and personal details of millions of individuals.

Data protection legislation and guidance, such as PCI DSS, aim to encourage businesses to have effective policies and procedures in place for accepting and processing personal data and card payments securely, whether staff are based in the office or remotely. Failure to follow the guidelines which then results in a breach of data can lead to a substantial fine and, probably worse, irreparable damage to the brand. Opting for a card payment system that adheres to the standards ensures that connections between the transaction environment and the rest of the IT network are secure and robust. And with PCI DSS v4.0 anticipated to be released in mid-2021, introducing greater focus on security as a continuous process rather than a one-off or annual tick box exercise, it’s more important than ever to make sure that adequate processes are in place.

Installing a new system doesn’t need to be complicated or costly. At PCI Telecom, we offer affordable bespoke card payment solutions that fit the needs of your business whatever its shape or size and for a variety of channels. Our solutions are cloud-based, so there’s no need for investment in expensive bits of equipment, and fully integrate with other back end systems such as accountancy and stock monitoring. They’re also compliant to the highest level of PCI DSS, protecting your business and your customers from data breach. For more information, visit our Solutions page or get in touch with us to discuss your requirements.

Deal or no deal Brexit, PCI DSS compliance remains the same

With the UK’s departure from the EU just around the corner, many businesses are wondering with uncertainty what future trading of goods and services with European customers will entail. As talks between leaders continue (at the time of writing), businesses are being advised to put in place procedures and practices to ensure a smooth transition to a new trading and operating environment, whatever it may be.

But while much will change for those businesses that trade overseas, whatever the outcome, be it a deal or no deal scenario, there are some systems, requirements and responsibilities that will remain the same – PCI DSS compliance being one of them. Here’s a reminder of the key points you need to remember:

  1. PCI DSS compliance was established by the major global payment card brands and applies to every business that stores, processes or transmits cardholder data, regardless of its size or industry – so every retailer, online seller, service provider and contact centre should have policies and procedures in place to protect their clients – whether they are from the UK or beyond – from the risks associated with card fraud and data theft.
  2. The extent of your business’s PCI compliance obligations is based on the number of transactions it processes annually. There are four levels of compliance, with Level 4 applying to merchants that process fewer than 20,000 transactions annually, up to Level 1 applying to those that process over six million. For those businesses that fall within Levels 2 to 4, compliance is achieved through a process of self-assessment. For those that fall into the Level 1 category, more rigorous and in-depth assessments take place involving external audits and reporting.
  3. Being PCI compliant is an ongoing process, not an annual tick box exercise. It includes the frequent monitoring and testing of systems and networks, ongoing training for employees on security policies and protecting cardholder data and ensuring that anti-virus software or programs are updated regularly.
  4. Failure to comply with PCI DSS which then results in a data breach will undoubtedly result in a substantial fine and more seriously, cause irreversible damage to your brand. Today’s consumers have high expectations when it comes to the protection of their personal and payment data – a breakdown of trust between your business and your customers will ultimately lead them to your competitors.

Here at PCI Telecom, we create and maintain card payment processing solutions, for card-not-present transactions made over the phone or online, that are bespoke to your business whatever its shape and size. Our solutions are cost effective, flexible, robust and cloud-based so there is no need for bulky bits of equipment to be installed. They are also accredited to a PCI DSS Level 1 standard so you can descope your business of much of its PCI compliance requirements leaving you the time and resources to focus on managing the day-to-day running of your business and delivery to your customer. For more information, visit our Solutions page or alternatively get in touch here or by using our webchat function over on the right.

You can find out more about the Brexit transition and what your business needs to do to prepare by visiting www.gov.uk/transition

More information on PCI DSS compliance can be obtained by visiting the Payment Card Industry Security Standards Council (PCI SSC) website here.

The cost benefits of outsourcing your PCI DSS compliance

There is no doubt that British businesses are currently facing unprecedented uncertainty as the Covid-19 pandemic continues and Brexit appears on the near horizon. It’s a challenging time and with a steep climb to recovery ahead, many businesses are cutting costs and tightening their belts. Finding the balance between managing income and overheads with putting money towards expansion and future growth can be a challenge when you don’t know what lies in the future.

While an outsourced card payment processing system that addresses PCI DSS compliance may appear like unnecessary spend at this time, it could, in fact, save you money in the long run. Retaining processes in-house can seem like a safer option but there are many advantages to choosing an external solution.

Here are three ways that outsourcing to a PCI DSS compliance specialist and card payment processing provider could be an advantage rather than a cost burden.

Reduced need for specialist staff

The complexities of accepting, transferring and storing card payment data and the resulting compliance obligations such as GDPR and PCI DSS require experienced and specialised staff that can be hard to source and retain. Outsourcing to an external payment processing service removes this need, cuts payroll costs and ensures your transaction environment remains secure and protected against problems created by staff turnover or absence.

PCI DSS compliance requires ongoing management rather than an annual tick box exercise. By outsourcing the whole process to an external provider, you remove the business from the compliance scope so more time can be spent on day to day tasks and future growth.

Increase staff productivity

With a purpose-built external system in place, that securely integrates with other functions such as your CRM database, your employees will have the ability to process transactions more quickly and efficiently, meaning a smaller team can handle more calls and generate more sales while maintaining a high standard of service.

Protect from card fraud

There were over two million cases of card-not-present fraud in 2019, with a total value of over £470m*. You can reduce your vulnerability to card fraud by implementing a secure card payment system that not only protects your business but also your customers from data breach.

Over recent months, as lockdown restrictions were implemented, many businesses were quick to pivot to remote sales online and over the phone. The speed of implementing these new processes resulted in the exposure of weaknesses in IT systems and networks which cyber criminals have been quick to pounce on. The investment in an external, cloud-based card payment processing solution removes these weaknesses and strengthens processes by securing the transaction environment and enabling employees to access the system and process payments wherever they are working, be it remotely or in the office.

At PCI Telecom, we create bespoke, card payment processing solutions to suit the needs of your business. Our solutions are cloud-based, secure and reliable and can be used independently or as part of an omnichannel payment suite. And because our solutions are accredited to PCI DSS Level 1 standard, you not only benefit from a simplified transaction process, but also from descoping your business of its compliance obligations and passing that responsibility to us, saving you time, staff resource and money. Visit our Solutions page for more information or alternatively contact us to discuss your needs or drop us a note on webchat over on the right – we reply immediately!

* According to UK Finance

Is your business ready for the increase in card-not-present (CNP) transactions this Christmas?

Shopping on the high street remains anything but ‘normal’. Tighter lockdown restrictions, social distancing measures, face masks and queues mean many consumers are shifting their shopping habits to buy online or over the phone from the comfort and safety of their own home. And as we enter the busy pre-Christmas build up, retailers will be looking at how they can prepare for this increase in card-not-present (CNP) transactions to create the best possible customer experience without the face to face interaction.

With this in mind, does your business have the systems and processes in place to make the most of this expected change in consumer behaviour? Here, we look at questions that retailers should be asking themselves.

Can your business handle the fluctuations in sales?

For smaller retailers with limited budget and resources to hand, the continued Covid-related uncertainty makes planning for the future a challenge. Implementing CNP payment channels that require limited staff resource can assist with ensuring that customers can always access your goods and services even at the busiest times. The ecommerce option is the obvious choice for many but an IVR service, interacting and accepting payments over the phone, offers an additional channel for reaching customers.

Can your payment processing system be accessed remotely?

It’s reassuring to know that your business can stay open and maintain a high standard of service, even when your staff are working from home. Implementing a sales and payment processing solution that can be easily rolled out and accessed remotely is critical for this purpose, enabling communication with the customer while being able to SECURELY accept and process payments made over the phone as well as via alternative interactive CNP channels such as webchat.

Does your payment processing system integrate with back-end functions?

Busier periods can mean less time being available to monitor stock levels or update customer records, in some cases leading to disrupted service delivery. Having a payment processing solution that integrates with back-end functions such as your CRM database and accounting system, saves time and resources and supports the delivery of seamless, glitch-free customer service.

Are you and your customers protected from card fraud and data breaches?

Unfortunately, the rise in CNP transactions will inevitably bring with it an increase in card fraud and cyber-attacks. While you want to protect your business and your customers from this risk, you’ll also want to minimise the impact of fraud management and cyber security policies on the customer experience. Opting for a card payment processing solution that complies with the latest in PCI DSS guidelines will ensure that both parties are protected and by choosing one that delivers an efficient transaction process, you’ll also maintain customer confidence and satisfaction.

Here are PCI Telecom, we build and implement card payment solutions for businesses of every shape and size, taking into consideration their needs and their budgets so that they end up with the solution that does exactly what they want it to. We create solutions for individual sales channels or as part of a wider omni-channel provision and these integrate seamlessly with other areas of the business. Our Level 1 PCI DSS accreditation means that data and card payment security is at the heart of everything we deliver. For more information, visit our Solutions page or get in touch here.

European cyber security month

European Cyber Security Month – three steps to improve your cyber security

October is European Cyber Security Month – the EU’s annual campaign dedicated to promoting cyber security to individuals and organisations and providing up-to-date online security information through awareness-raising and sharing of good practices.
The arrival of Covid-19 brought with it significant challenges for businesses, with many moving from physical to digital, in some cases overnight. The speed at which these changes to working practices occurred impacted the nature and priorities of IT services, exposing weaknesses resulting in a significant rise in cyber security incidents, with hackers exploiting gaps in systems and seizing on the opportunity to capture valuable data.

So, with this in mind, this European Cyber Security Month, we look at three steps that businesses can take to improve their chances in the fight against cyber crime:

Penetration testing

Identifying and understanding the vulnerabilities in your IT network is the first step towards securing your systems and protecting your business from the threat of cyber attack. External penetration testing enables you to view and test security measures through the eyes of a cyber criminal, replicating the tactics and practices of hackers to identify weaknesses and flaws that could be taken advantage of. The process focuses on areas where the most common weaknesses occur, usually at the point that two systems integrate, alongside the efficiency of firewalls and, once within interior networks, how easy it is to access sensitive data such as customers’ personal information and card payment details.

Develop policies and educate staff

With staff working from home and accessing networks remotely, clearer guidelines and tighter restrictions are needed to protect systems from new risks and vulnerabilities. Policies and procedures require updates such as limiting the use of personal laptops and mobile devices for work purposes and enhanced guidelines on multi-factor authentication and passwords, alongside ensuring that sufficient firewalls are in place and that software updates are made.

Developing the policies and procedures is the easy bit. They are only effective if they are widely communicated throughout the organisation, engaging staff to highlight the risks and the role they play in protecting the business from cyber attack. Educating and informing employees of where the threats lie will reinforce how their actions make all the difference.

Work through PCI DSS compliance

While PCI DSS might seem like a task too far for some, going through the process of achieving compliance will undoubtedly result in the creation and maintenance of robust systems and networks. PCI DSS compliance is designed to help you stay one step ahead of the hackers, protecting your business from cyber criminals by creating barriers to make their target much harder to reach.


At PCI Telecom we create bespoke, secure, cloud-based card payment processing solutions that interface seamlessly with other IT functions and, because they’re accredited to a PCI Level 1 standard, provide the highest level of compliance regardless of the size of your business. Contact us today to find out more about how we can support your business with accepting and processing card payments securely, be it over the phone or online.

What our PCI DSS Level 1 accredited solutions mean for your business

Being an integrated solutions partner of an accredited PCI DSS Level 1 provider is something that we regularly mention to highlight the reliability and robustness of the card payment solutions that we provide.  But what does it mean for the businesses that we work with and their customers?

What are the PCI DSS levels?

PCI DSS are a set of technical and operational requirements, established by the major payment card brands, that help organisations to maintain payment security, prevent card fraud and protect against data breaches. They apply to any organisation that stores, processes or transmits cardholder data regardless of the size or type of organisation – from small retailers through to large contact centres. The standards are made up of 12 components ranging from building a secure network to developing organisational data policy; the requirements for which varies depending on the number of transactions processed by the organisation each year. There are four levels of compliance, with Level 4 applying to merchants that process fewer than 20,000 transactions annually, up to Level 1 applying to those that process over six million.

For those businesses that fall within Levels 2 and 4, compliance is achieved through a process of self-assessment. For those that fall into the Level 1 category, more rigorous and in-depth assessments take place involving external audits and reporting.

As a service provider, it is this PCI DSS Level 1 assessment that is undertaken every 12 months along with added requirements including penetration testing and internal scans, to ensure that the solutions we provide via our integrated partner remain robust and inaccessible to data hackers scouring for weaknesses in IT networks.

What this means for your business

Our solutions have been through the highest degree of card security testing and scrutiny to achieve the Level 1 standard of compliance. Our clients are therefore reassured that their transaction environment is secure and provides them with confidence that they are protected against credit card fraud and breaches of cardholder data; a comfort that they can pass on to their customers.

In addition to this, many organisations view the process of becoming compliant with PCI DSS, even at the self-assessment levels, as complex and resource intensive. Moving to our external card payment processing solutions, takes away this headache by removing the transaction environment from your scope into ours, giving you the benefit of a higher level of compliance without the stress or expense.

Our suite of solutions – PCI Agent (for attended, over-the-phone transactions), Auto IVR, Online and PCI Webchat – are all adaptable to suit the needs of any business, whatever its type, shape and size. Being cloud-based they are simple to install, without the need for equipment on-site, and are easy to use both in the office and when accessed remotely.

Visit our Solutions page to find out more about our PCI DSS Level 1 accredited products or alternatively get in touch with us here to talk through your requirements.