In the first half of 2016, Australia saw $402 million worth of fraudulent CNP transactions according to the Australian Payments Clearing Association (APCA).
Australian payments specialist, SecureCo, says the figure represents almost 80% of all fraudulent activity on debit and credit cards Australia-wide.
Because of this, SecureCo has teamed up with call centre data security provider Semafone for an exclusive partnership to provide a complete security and payments solution for card-not-present (CNP) transactions within the call centre environment.
SecureCo CEO, Paul Bird, says CNP transactions have become low-hanging fruit for cyber-criminals since the introduction of Chip and PIN technology.
“Yet very few solutions have been available to secure call centre payments in line with industry regulations,” he explains.
“As a result, many Australian call centres still need to do more to protect sensitive customer data, such as credit card details, and realise full compliance with the Payment Card Industry Data Security Standard (PCI DSS).”
What’s more, Bird adds that the Privacy Amendment Bill, which is new legislation requiring companies to report data breaches within 30 days has moved breach notification from a voluntary to mandatory activity.
“And any failure to do so comes with harsh penalties of nearly $2 million. No one wants to be responsible for the latest headline-grabbing data breach story. Companies now have more motivation than ever to ensure their customer data is kept safe and secure,” he says.
Through the exclusive partnership, SecureCo addresses CNP fraud by providing a solution that reduces the risks around large scale data breaches.
“Before signing the deal, we investigated a number of solutions that claim to secure voice payments,” says Bird.
“Semafone was the standout thanks to its world-class technology, a proven track record with large enterprise customers, and its ability to collaborate closely with partners on hosted models.
Additionally, when integrated with our specialised PCI DSS hosting and payment processing platform, we’re able to provide a complete PCI DSS compliant solution instead of the band-aid methods we know some customers are using.”