Major UK insurer chooses Semafone to protect customer data

Semafone, the provider of secure payment software for contact centres, has signed an agreement with a major UK insurer to protect customers who pay over the phone.

The new customer is one of an increasing number of insurance companies on both sides of the Atlantic that have signed contracts with Semafone, reflecting a need for greater compliance and tighter security within the sector. A recent survey from Semafone revealed that many top insurers in the US and UK are still taking data security risks by asking customers to read card details out loud. What’s more, nine out of ten in the UK still reported using the inadequate system of pausing call recordings* to avoid the capture of card details.

Semafone’s Cardprotect solution will allow customers to pay for insurance products by entering their own payment card numbers into their phone’s keypad, rather than reading them aloud. For the insurer, this means that customer card data is protected and that the telephone payment system complies fully with the Payment Card Industry Data Security Standard (PCI DSS), which regulates all card payments.

As none of the sensitive card details are spoken out loud, Semafone Cardprotect will allow the company to record calls in their entirety. This is vital for PCI DSS compliance, which prohibits the recording of sensitive card data, such as the three-digit security code on the back of the card. It is particularly important for organisations operating in the financial services sector, where FCA regulations frequently require the capture of complete calls.

With Cardprotect, the numbers are transmitted directly to the payment processor, without being stored on company IT systems. The keypad tones are disguised to ensure numbers cannot be identified by their sound, and the agent is free to continue the conversation while the caller is entering their details.

Semafone’s CEO, Tim Critchley, commented, “The insurance industry is taking customer payment data increasingly seriously, which is driving the adoption of Cardprotect to prevent contact centre fraud. In such a heavily regulated sector, it’s crucial that customer payment data is protected fully so it’s great to see one more major player who won’t be asking people to read their card numbers out.”