Fortune 50, US home improvement retailer with a strong online presence and high performing contact center operation.

Fortune 50, US home improvement retailer with a strong online presence and high performing contact center operation.

Profile

Industry: Retail - DIY Employees: 400,000 Revenue: $101.97 billion

Background: Major US home improvement retailer with a strong online presence and contact center operation.

Challenge: Easing the demands of PCI DSS compliance and reducing the risks involved in taking customer payments over the phone via their contact center — without compromising CX.

Solution: CallGuard Hosted for simplified PCI DSS compliance and payment security assurance.

Benefit:

  • The entire contact center is de-scoped from the PCI DSS audit, easing the compliance burden
  • Agents are able to remain in contact with the customer throughout the call
  • It's quick and simple to install needing no system changes

Background

Founded in 1978 and headquartered in Atlanta, Georgia, this Fortune 50 US retailer, dedicated to home improvement supplies, provides tools, construction products and services. It is the world's largest home improvement retailer with more than 2,200 stores across North America.

Challenge

With a strong web presence and a large contact center, this retailer needed to lock down their contact center payments to ensure the security of data, reduce risk and achieve compliance with the Payment Card Industry Data Security Standard (PCI DSS).

The solution would need to work with their existing internal payment vault because many of the orders received over the phone are shipped at a later date and so important order information was contained in the vault. It would also need to work seamlessly with their newly implemented two-factor authentication provider, Pindrop.

With a number of different stakeholders involved, there was a range of different requirements, such as:

Customer Experience Manager: Maintaining a great customer experience and demanded that the contact center agents are able to stay in touch with the customer throughout the entire call, including the payment interaction.

Head of Compliance: Required that the solution would significantly ease the demands of the PCI DSS audit to avoid continuing to adapt to the environment every time there was a change. The team also wanted to demonstrate that it had addressed "the last mile" when it came to securing contact center agent payments.

Head of IT: Needed a solution that ensured the infrastructure was completely flexible so that they can make changes as needed without disrupting the secure payment solution or process. It was also important to free up valuable in-house resources that had so far been tied up on managing their existing solution's implementation or management.

Head of Finance: Wanted a solution that didn't dictate that they change their current payment pages or processes. They wanted the solution to fit with their business, not with the suppliers.

Solution

Eckoh delivered its patented, hosted CallGuard Audio Tokenization solution because it fully removes the contact center from the scope of PCI DSS audit, making their total compliance burden much simpler and ensuring that they remain compliant every minute of every day.

When a customer keys in their card details using their phone keypad, audio tones (DTMF) are generated to match the card number. This could be interpreted by an agent or call recording. So, Eckoh's solution instantly replaces these tones with different, flat tones known as an audio token. The token data is entered directly into the agent's screen. As the token data is not real card data is it completely meaningless and of no value to a thief or fraudster. The data is not seen, heard, stored or transmitted by the business.

The solution removes the whole of the contact center from PCI DSS scope - Call Recording; Screen Recording; Agents and Desktops; IT Systems; Data LAN; Physical Environment; Internet access restrictions; Building (CCTV, etc.); PBX/ACD/CTI; Telephony Network (Digital or VoiceLAN).

CallGuard ensures that while cardholder data remains isolated from the contact center environment, the agent and caller can continue the dialogue, providing a seamless customer experience.

With several different stakeholders, the secure payment and PCI DSS compliance needs for this retailer were complex. With Eckoh's CallGuard solution, they can meet every one of these demands and be reassured of payment security and compliance — every minute of every day.

Value

Eckoh was able to deliver on all counts and in the timeframe the customer needed. Comments from contact center agents as well as customers are all positive.

  • The entire contact center is de-scoped from the PCI DSS audit, easing the compliance burden
  • Agents are able to remain in contact with the customer throughout the call
  • Reduced risk of fraud and impact of a data breach
  • No data is seen, heard, stored or transmitted by the business
  • Their customers are reassured that all payments made are done so in a secure manner
  • It's quick and simple to install needing no system changes

Looking Forward

As a solution unique to Eckoh, we recognize that this example is likely a challenge many other enterprise organizations struggle with when they begin tackling payment security within their contact centers. Some organizations may even feel like their only option is to either deploy hardware on-premise – likely disrupting long-term cloud transformation strategies – or only achieve partial PCI DSS de-scoping.

As a result, the methodology innovated for The Client is now part of the Eckoh architecture. In fact, multiple other clients have also taken advantage of this solution, allowing them to maintain their existing telephony architecture while maintaining the strictest possible standard for payment security.

To learn more about how Eckoh secures payments across all engagement channels, reach out to one of our trusted advisors.


Get in Touch

Eckoh understands retail and hospitality — and we’ve got the right solutions to help. Get in touch and we’ll be glad to discuss your challenges and opportunities.

Contact US 1

Trusted by brands

Eckoh AS 187259285