Card Theft through contact centers represented 30% of fraud in 2013
This was confirmed in a Data Breach Investigation Report 2014. Stolen credentials was the number one threat action in 2013 and was found in 31% of the breaches.
No surprise when you look into what is needed to set up such preventative measures of stopping card fraud from employees, especially when it comes to taking sensitive information over the phone or live web chat services, as it can be quite a minefield because there are so many options and all coming at a premium prices.
On average a 100 seated contact center can be looking at spending over a $100,000 a year, just to meet the PCI DSS requirements for taking payments over the phone and preventing this type of fraud. It was found that a majority of the problems lay down to what type of technology is being provided, as there really has not been any advance changes over time.
PCI DSS solution providers are still selling software that is reliant on hardware. Providing such a solution is that when using hardware, it relies normally on a lot of human intervention, therefore pushing up prices and sometimes the reliability of what is being used.
When we asked around, a lot of providers wanted payments for consultancy work, setting up cost, server leasing, software licensing and additional hardware cost. And here is the final nail in the coffin….. If the software or hardware fails and is the fault of the supplier, they have the cheek to charge additional fees to the contact center.
So there is no wonder why some contact centers are still avoiding PCI DSS compliancy, and preventing credit card fraud over the phone or chat support !