Category Archives: Tips

Why is PCI compliance essential to building customers’ trust?

Why is PCI compliance essential to building customers’ trust?

Industry News & Insight, Tips, , ,

Developed by the PCI Security Standards Council, the PCI DSS compliance aims to reduce card payment fraud. Any organisation that handles credit or debit card data is required to comply with it. Compliance is validated by a certified security assessor, or for companies that process smaller volumes of data, by a self-assessment questionnaire. 

These standards were established to ensure the protection of data and personal information, to help prevent credit card fraud and to avoid costly data breaches. Compliance with PCI DSS standards does not mean that you will not have a data breach, but that in the event of one, credit card companies will support you.

To be PCI compliant, companies must consider these regular activities: 

– Building and maintaining a secure computer network

– Protecting customer data

– Maintaining a vulnerability management program

– Reinforcing access controls

– Regular testing and monitoring networks

– Keeping an open security and information policy

If you accept credit card payments, the payment card industry’s security standard must be fully integrated with your e-commerce service. That’s why issuers and acquirers are responsible for ensuring that all of their service providers and merchants comply with PCI DSS standards.

What would you risk in the event of non-compliance?

By applying the PCI DSS standard, your company is letting its customers know that it is taking the necessary measures to protect their credit card data against theft and any fraudulent use on the Internet. The consequences of a cyber-attack do not only fall on users but also on the company in question: loss of customer trust, fines, loss of revenue and a significant negative impact on a company’s brand image.

Moreover, in case of non-compliance, your ability to accept credit card payments may be suspended or revoked. Failure to comply with this e-commerce requirement may result in data breaches, loss of trust and even termination of the agreement that allows you to receive card payments.

PCI compliance is getting increasingly relevant with the rise of digital payments

With digital payments, authentication and security are essential criteria. In fact, the possibility of fraud is way higher with digital payments than with in-store card payments. Companies are therefore required to have fraud detection systems and effective tools to validate and authenticate cards.

Consumer vigilance has been particularly important in recent years, and sellers have had to keep up with nowadays expectations and requirements in order to maintain their consumers’ trust. This increased vigilance has prompted sellers to take the necessary measures to ensure the security of their remote payment method. 

This has been made possible above all by the introduction of new security features that strengthen user confidence, such as removing customer card details from your network, e-wallets and online portals payment solutions. These solutions enable organisations to encourage long-term relationships, with features such as repeated automated payments and avoid refunds by offering e-wallet top-ups to customers. These modern features improve customer experience whilst ensuring the absolute security of the payments.

Other methods have been implemented to reinforce payment security:

  • Visa and Mastercard have developed the 3-d security protocol which adds an additional step in the authentication procedure. Your bank then decides its format; it could be a text sent to your mobile number, an automated call from your bank to your personal number, a private password set-up in advance, etc.
  • A new type of card was created, these cards have a changing three-digit card verification value. After each use, this innovative card will produce a new CVV to protect the user from any card fraud.
  • Sellers can also use of a third-party website that requires a password, such as HiPay and PayPal. The advantage of these systems is that users’ payment data won’t be known by the merchant.

Every business handling payment data must prioritise PCI DSS compliance, in order to make their customers feel that their financial information is being fully protected. 

C3 is known to be one of the UK’s leading PCI specialists. C3’s effective PCI-DSS compliant solutions are simple to implement and ensure complete security for your customers, preventing any possibility of fraud. Do not hesitate to contact us to find out more, we’ll be happy to help you with your specific project.

GDPR

Top 4 Tips for Getting GDPR Ready

Industry News & Insight, Tips

If you haven’t thought about the impact that the GDPR is going to have on your business you should definitely put it at the front of your mind as the May 2018 deadline is drawing even closer. Still not sure what the purpose of the GDPR is? The General Data Protection Regulation was designed was to simplify and harmonise the data privacy laws across Europe in an effort to further protect its citizens and give them more power when it comes to their personal data. This important regulation will change the way every business approaches data privacy. As the GDPR looms closer here are some tips to make sure you’re ready for it.

Be Aware & Prepare

It’s really important to have a good understanding of the purpose, aspects of and how it will affect not only your business but you as an individual also. Distribute information throughout your company internally so all staff have a chance to be educated on a regulation that will have an effect on how they handle and store personal data in their role. Putting together an informational guide or even hiring a GDPR specialist such as a data protection officer to train and advise your staff is a good way to raise awareness.

Carry Out a Data Audit

Investigate the data processes that you have in place in your company, what sort of personal data do you store, how much, and where is it stored are great questions to start thinking about. The data that is affected by the GDPR is any and all personal data stored by a business or organisation that can be used to identify and individual or is at all linked to any information that could lead to identifying an individual.

Consider decluttering the data that you store, evaluate what data is the most important and put together a checklist of the only information that you need to store and what information is not of value and is not needed to be retained. Once you have concluded what data is unnecessary you should debate whether it would be beneficial to destroy it. Holding less data can simplify future processes such as Subject Access Requests.

GDPR Knows No Boundaries

Although GDPR is very focussed on the control and privacy of personal, identifying data and information it doesn’t just pertain to companies who are based in the EU. Any company outside of the EU – whether you’re in Australia or Abu Dhabi – who collects data within the EU regarding EU citizens fall to the same regulations as companies based in Europe.

Know the Special Requirements

Avoid a substantial fine and make sure you’re educated on all the technicalities. Something as simple as not updating your privacy policy by May 2018 could land you in hot water, some businesses may even need to request parental consent when asking for and processing data for individuals aged 13 and under.

The rule of unambiguous consent is also being introduced with the GDPR. It is crucial that before any personal data is collected or used for marketing purposes individuals consenting to their data being stored understand 100% what they are agreeing to when handing over their information.

The GDPR is extensive and it is very important that you research and read up on every aspect of the regulation so you are prepared and completely compliant when May 2018 rolls around.

Get in touch with us here at C3 to see how we can help you, contact our team on 01223 427700 or email info@c3.co.uk.

call centre workers

C3’s Top Tips for Using Web Chat in the Contact Centre

Tips

Web chat or live chat is becoming an increasingly popular communication channel, especially amongst the younger generations. The up and coming platform is very favourable by many people because of the ease of use for end users, web chat isn’t just convenient for customers though, it is very simple to use for agents also.

As a customer service channel it is a perfect way to get all of the information that you need quickly and simply, and it is ideal for those that don’t like talking over the phone. If you haven’t got a web chat service on your website yet why not? Here are our top tips for using web chat within your contact centre.

Engaging Interactions

You need to make sure that you keep customers focussed on your interactions, leave a long enough silence in between messages and they might just leave you hanging. If you don’t keep a customer’s attention on your conversation it is possible that they’ll move on to doing something else, like making a cup of tea, and completely forget about the chat window that they have open. Got a whole paragraph of information to send? Don’t send it all at once. Keep your messages to one or two lines only, short but frequent messages will allow the customer to see that you are continually working on their issue. No one wants to stare at an ‘agent is typing’ status for too long.

Make it Mobile

According to Similar Web, on average 55% of internet users are using their smartphone to browse the web. Without a mobile friendly web chat system your volume of interactions is going to be impacted because a whole 55% of your users won’t even have the option to engage with you on your live chat platform. As well as making your web chat available to mobile users you need to make sure it is optimised for the mobile experience, this means easy verification processes, short text responses and if you need to send any attachments at all you should keep them small.

Intelligent Routing & Prioritisation

From start to finish everything about the web chat process and journey should be configured to deliver the best experience to your customer and to boost the productivity of your contact centre agents. Making the live chat option more prominent on key pages such as a cart or checkout page will help to maximise the level of support to customers visiting those pages. Giving interactions from such key pages higher prioritisation compared to engagements on more general pages can help to reduce cart abandonments for example, by catching customers and offering them assistance just before they think about going elsewhere.

To ensure that your agents are delivering the best support possible through the web chat channel they shouldn’t be assigned more than 3 open chats at once. Juggling multiple conversations can lead to confusion between customers and can lend itself to increasing the length of silences between agents and customers.

Take a look at how C3 can help you to integrate your web chat into your customer service platform and streamline all of your communication channels with our multi-channel solution – Contact. Contact our team on 01223 427700 to find out more.

Online, Mobile & Phone Payment Security Tips for Your Business

Tips

A recent report by research firm Forrester has uncovered the potential growth of mobile payments over the next 5 years. Forrester have said they expect to see mobile payments triple, from the €52 billion they reached at the end of 2015 to a staggering €148 billion by 2021. All due to the development and wide roll-out of contactless payments throughout the EU. Although online and phone card payments have been around a little bit longer than mobile payments, they are still growing. In 2017 many businesses now operate purely online, and this growth in eCommerce and non-cash transactions they have needed to take a look at their security protocols a lot more closely.

If your business accepts online, mobile or phone payments here are a few tips to take note of to make sure that you are operating as securely as possible.

PCI DSS Compliance

In our blog last month we debunked a few of the myths regarding PCI DSS compliance that have made their rounds as a result of the confusion surrounding compliance and what it means for your business. But why is it so important to be compliant? Any business that processes, stores or transmits any credit card data must operate in line with the regulations to ensure that all customer information and data is being kept completely secure.

Choose a Secure eCommerce Provider & Processor

Even with all the regulations put in place by the PCI some companies still don’t take security as seriously as they should. To make sure you’re working with one of those companies that do you need to do your research. See what other people have to say about them in their reviews, are they reputable? Do they trust them? Have they ever had any trouble using them? If the company or anyone doesn’t mention their dedication to security there must be a reason, it is likely that they’re not that secure at all. If security was their top priority they would make sure everyone knew about it.

Transaction Verification

With online, mobile and phone payments you’re dealing with customer transactions in a card not present (CNP) environment, but even without the card owner and their card you can (and should) still verify every transaction. There are a few ways you can do this; make it a requirement for the customer to supply the security code or CVV number on the back of their card, make sure there is an address verification (AVS) match, and monitoring all customer purchase patterns so if you spot anything out of the norm it can be investigated or even blocked.

Make Sure You & Your Team Stay Informed

Despite all of the data security standards that are in place and regulations that are enforced a lot of breaches occur as a result of human error. Without the proper knowledge or a level of even basic security training you are surely putting your customer data at risk. All staff need to be educated and made aware of all the latest threats and security risks. Everyone should be able to verify transactions, understand the dangers of opening unsolicited emails and their attachments as well as implications sharing any sensitive information could have.

Find out more about our payment solutions

It Doesn’t Have To Be This Way! Why Companies Hang Up On Customers

Call Handling, Industry News & Insight, Tips,

Welcome to C3’s Industry Insight blog series inspired by articles and comment on the web.

In this blog, Natasha Rutterford tackles the thorny issue of dropped calls

I love the daily tips emails from Contact Centre World. Some are really enlightening with new ideas and operating methods, many others highlight common failings in customer handling.

The issue in the below comment caught my eye as it is something which I have experienced and really irritates me as I know there is a simple technical solution!

Deliberately dropping calls during busy periods.

Continue reading It Doesn’t Have To Be This Way! Why Companies Hang Up On Customers

There’s More To Mobile Wallets Than Money…

Industry News & Insight, Tips

Welcome to C3’s Industry Insight blog series inspired by articles and comment on the web.

In today’s  blog Sales Director John Wood reflects on the wider advantages of Mobile Wallets, inspired by a recent TelemediaOnline post (more details below).

Apple Pay was announced in the US in late 2014 and launched with quite a bit of fanfare in the UK in July 2015. Today, most of the big UK banks have committed to support Apple Pay, although not all were part of the scheme when it first launched.

For those who don’t know, Apple Pay is a mobile payment system and digital wallet service designed to change the way consumers shop. There is no doubt that the company has been leading the way in the effort to move consumers from the use of old fashioned physical wallets, packed with various plastic cards, to a world in which your iPhone or Apple Watch does all the work.

Continue reading There’s More To Mobile Wallets Than Money…