Take on any CX challenge with Pipeline+ Subscribe today.

Protecting Data, Payments, Providing Positive CX

Protecting Data, Payments, Providing Positive CX

Protecting Data, Payments, Providing Positive CX

Companies must walk a fine line between adopting new technology and maintaining consumer trust.

The COVID-19 pandemic introduced a new age of remote work and accelerated digital innovation in several industries – contact centers were not exempt.

But even before the virus struck, there were some undeniable changes brewing for contact centers, especially as it pertained to payments security, technology, and customer experience (CX).

The rapid evolution of technology has become somewhat of a double-edged sword.

For a while now, contact center professionals have been walking the fine line between adopting cutting edge technology and maintaining a positive CX specifically around data and payments security.

However, the rapid evolution of technology has become somewhat of a double-edged sword. While companies can adopt technology to combat payments fraud, criminals can also use it to find weak points in a company’s security and exploit unsuspecting victims.

Amidst this constant push-and-pull between threat mongers and fraud prevention, contact centers are faced with a unique set of challenges.

In this day and age, customer concerns include everything from how data is being handled to fear surrounding the security of online purchases - all of which need to be addressed in the constant pursuit of a positive CX.


During the pandemic, contact centers across quite a few industries were inundated with huge influxes of calls from people attempting to reach financial institutions, government offices, and other related organizations.

All the while, these same contact centers worked to protect their own employees by orienting them to remote work. Managers and agents had to learn new remote systems and operating processes during a massive public health crisis.

Even now, with the increase in card-not-present (CNP) payments, maintaining a positive CX has become exceptionally difficult as callers encounter busy signals and long wait times as a result of the influx of calls in conjunction with a lack of flexible tech as workers shifted to remote work.

Let’s look at these challenges in greater depth:

Remote Work

To make matters worse, according to a recent PCI Pal survey, more than half of consumers (52%) believe their information is less secure now that agents are working remotely from home.

It’s true that hybrid and remote work environments created a precarious situation as contact centers struggled to protect consumer data outside the traditional four walls.

Many organizations had compensating controls in place previously that didn’t translate to remote or hybrid models.

For example, clean-room environments are in office workstations that are completely scrubbed of all personal items, but this is nearly impossible to do when working from a personal residence.

When unable to monitor agents remotely, contact centers had to sacrifice either payment security, CX, or remove CNP payments from their offerings altogether.

This problem echoed through nearly all contact centers. In fact, Michelin, the largest tire manufacturer in the world, wanted to ensure PCI compliance was maintained when its team started working from home.

The immediate solution was to video record agents at all times to ensure they were keeping customer data secure. However, it quickly became clear a more tailored tech solution would be needed to sustainably maintain PCI compliance.

Michelin adopted a solution for remote workers that utilized dual tone multi-frequency (DTMF) masking technology, which allowed agents to remain in constant contact with the customers without allowing them to see, hear, or record payment information.

This solution not only ensured Michelin remained PCI-compliant, but it also helped improve the CX by making the payments process smoother and reducing average handling time.

Meeting the customer where they are

Consumers became highly dependent on contact centers and other forms of digital payments because they couldn’t go shopping in person for fear of contracting the deadly virus.

For this reason, companies increased their eCommerce options in an attempt to meet customers where they were - which was at home. This practice allowed customers to essentially shop from anywhere at any point in time because they were no longer tethered to brick-and-mortar locations.

To keep up and survive this massive shift in consumer behavior, contact centers upgraded their tech stacks to make sure payments security was still a priority among the rising digital fraud associated with this increase in eCommerce.

Adoption of new tech

Before the pandemic, many contact centers were innovating, but it wasn’t until COVID-19 sent the industry into chaos that many contact center professionals realized they weren’t using the right tech to help them through this difficult time.

In worst-case scenarios, some contact centers had to stop taking payments altogether, so they could ensure the safety of their customers’ information.

Already dealing with employee safety and an avalanche of other problems caused by the pandemic, contact center professionals had to research and adopt new, robust solutions that would solve the unique situation in which they found themselves.

On a positive note, many companies helped by tailoring their solutions to this new predicament, and the adoption of technology in the contact center is continuing to grow at an accelerated rate.

For example, according to our research, 55% of contact center professionals envision increased adoption of chatbots and other CX-focused technologies within contact centers in the next five years.

What Consumers Want

Even with the increased innovation across the board, consumers still have varying preferences.

As examples, 35% of consumers said they would prefer to speak to a customer service representative over the phone, 17% preferred to use a live chat with a real operative on the other end, and 25% preferred to use an online self-service tool to independently answer their own queries.

In addition, 59% of consumers said they preferred to pay using online links because the method seemed more secure as opposed to other methods of payment like phone and social media.

Our research clearly indicates that the bottom line is people like options, and how they engage in one scenario may differ from how they engage in the next. It is therefore important that organizations deliver a truly omnichannel service to give consumers choice in how and when they connect and communicate with organizations, as this is clearly what consumers expect today.

With the introduction of new channels and tools for communication and payment, we’re not seeing analog options disappear anytime soon. Rather, we’re seeing more of a distribution across different communication methods.

If a customer can interact through multiple channels with the organization, they desire a similar process and functionality through each. It is up to the contact center to ensure a seamless and consistent payment process through all channels offered.

Although expanding technology has its benefits, including more options for consumers, 61% of those same consumers are worried that implementing new technology might open the organization up to increased risk when it comes to payments security.

In fact, although this new technology is meant to help organizations improve security alongside the CX, consumers still worry they sacrifice payment security for convenience. For this reason, technology like self-service tools and chatbots still have long ways to go before they gain full consumer trust.


As companies continue to carefully balance the adoption of technology with elevated interest in consumer experience, they will need to carefully evaluate what technology will make the biggest impact across the board.

To start, companies should look into solutions that are adaptable and can flex with the times. Just as this pandemic was unexpected, we don’t truly know what’s around the corner.

As companies adopt new tech strategies, they must also adhere to the new standards. In March 2022 the PCI SSC announced the roll out of version 4.0.

Organizations have 18 months to comply with the updated guidance.

To maintain PCI compliance, organizations can adopt technology that will bypass direct exposure with the customer’s data (like the Michelin example).

This investment will ensure there is no direct interface with the payment card information, thus keeping the proprietary info safe from even the contact center workers. It can also free up organizational resources by improving operational efficiency, allowing companies to allocate more time and money to other aspects of their businesses.

It’s important companies not only adopt new technology, but also embrace and promote it within their organizations.

Making sure their employees are armed with the knowledge to use these new tools will instill confidence and improve team morale.

In fact, 22% of contact center employees reported not being completely confident about one or more aspects of their organization’s data security. Of that, a surprising 54% felt that was due in part to lack of, infrequent, or inefficient training when it came to the use of newly adopted technology.

Meanwhile another 35% suggested that ambiguous direction and leadership when it came to data security policies and procedures was the main problem.

From this, we know organizations need to not only implement adaptable technology to prevent payment fraud, but they also need to put resources into training employees how to use this technology correctly.

Overall, technology has shifted how contact centers operate day-to-day, but that doesn’t mean it can’t make it all around easier for contact center professionals.

If done correctly, the adoption of technology should save a company time, resources and money. In this constant game of cat-and-mouse, with the right technology and knowledge to use it, companies should be able to stay ahead of fraudsters and protect customer data while maintaining trust and a positive customer experience.

Geoff Forsyth

Geoff Forsyth

Geoff Forsyth, BEng, CEng, FBCS, CITP, FRSA is Chief Information Security Officer, PCI Pal - the global provider of secure payment solutions, dedicated to maintaining the Group’s existing information security strategy and standards to protect customers’ data as the organization expands its operations and works with more enterprise-sized channel partners.

Contact author



Can Contact Centers Mitigate Fraud Risks?

View Digital Issue


Most Read

UltimateCX Microsite 20240418
Upland 20231115
Cloud Racers
Interactions NK 20240429
Verint CX Automation
Forrester GenAI Essentials Report 20240818