Introducing 8x8 Secure Pay
8x8 8x8 Contact Center now offers customers a secure integration to support the processing of bank card information via our partner PCI Pal. 8x8 Secure Pay enables an agent and customer to stay in contact on a call while masking the card input from the customer's handset so that the sensitive card data stays secure and out of the 8x8 Contact Center. The service can be integrated with a CRM, Enterprise Resource Planning (ERP), or a billing system and the customer's payment gateway to process the payment. The service can also feed information about the payment back to the originating system.
This new integration offers agents a secure payment page for processing customer transactions. The secure payment page can be configured to include pre-populated data or data that the agent adds manually. When this page is opened, the media connection is rerouted via PCI Pal, which allows them to mask the keypad input both visually and audibly.
The agent hears the conversation and controls the card input, but only hears a single-tone DTMF and sees starred-out digits for the card number, date, and Card Verification Value (CVV). In the event of erroneous data input by customers, an agent can reset the relevant data field in the payment page, allow customers to fix the input, and facilitate a successful transaction.
Collecting Card Payment via 8x8 Secure Pay: an Example
The agent's experience for taking a payment via PCI Pal depends on a number of factors. Given that the customer system producing the payment request and the payment gateway accepting the card details could potentially be a different combination for every customer, there is no blueprint for that journey. The ability of the custom system to integrate with PCI Pal determines the amount of data that can be pre-populated or what needs to be manually entered by the agent. Once the payment page is complete and ready for the card payment to be taken, it is a similar experience for all. The following example is a sample workflow that demonstrates how an agent collects card payment via 8x8 Secure Pay:
To collect card payment:
While on an active call, the agent receives a verbal confirmation from the customer to start the payment process. When the customer is ready to pay with the credit card:
As a contact center agent, click the provided link or button on your CRM page to initiate a secure session.
The 8x8 Secure Pay button appears on your screen and can be customized. A secure payment session is indicated by the color of PCI pal logo or the phone icon shown on the header of the payment page.
Note: When the session is secure, the PCI Pal logo changes color from PCIpal to PCIpal.
- Gray indicates the payment session has started, but the telephony is not yet secured against the payment session.
- Green indicates the session is secure. In addition to the green phone icon, the chain to left also links together.
- Enter the customer information such as the total Amount, First name, Last name, Email, Address, and Zipcode. Fields marked with a red asterisk (*) are mandatory.
- Click Next to open the card data collection page. The total payment amount is carried forward to the next page.
- Invite the customer to enter the Card number, Expiry date, and the Security code (CVV). When the customer begins the card date input, you will hear a single-tone DTMF and see starred-out digits for the sensitive information. If the information is valid, the fields turn green.
- Click next to a field to reset the incorrect data and invite the customer to reenter the data.
- Click Process payment. The payment is sent to the gateway.
- Click Send email or Send SMS to send a payment confirmation to the customer. If the payment fails, inform the caller that the payment is declined.
- Click Back to allow the customer to enter new card data, or edit the existing and submit the payment again. The customer can retry using a different card and repeat the process.
- Click Finish session to end the session and go back to the first screen.
Common Telephony scenarios during payment sessions
When a secure payment session is interrupted, the third-party page indicates that the session is no longer secured by showing the unlocked chain and gray phone logo. Depending on the integration there may be some other visual warning. There is no audio warning to either party. The following examples show where a payment session may be interrupted:
- When an agent places a customer on hold on Line 1
- When an agent switches lines by clicking Line 2
- When a supervisor ends their monitoring of an agent’s line1 call
- When a supervisor barges in to the monitored agent’s line 1 call
- When an agent ends the call on Line1
For supervisors on a call with an agent taking a payment, the experience varies depending on whether the supervisor monitors or barges. They need to be on the call before the payment session is initiated. For example:
- If a supervisor begins monitoring an agent prior to a payment session and they continue to monitor during the payment session, they hear monotone DTMF masking the sensitive card data.
- If a supervisor begins monitoring an agent prior to a payment session and barges in to the call during the payment session, the supervisor does not hear any audio. The agent and customer audio are unaffected.