In today’s digital age, cybersecurity is an issue that affects virtually every industry and every consumer. As cybercrime continues to take its toll, businesses and consumers are increasingly wary of sharing their sensitive information. This is even more true when it comes to sharing payment information over the phone, especially when card-not-present (CNP) channels – like contact centers – remain in the bullseye as targets for fraud.
This is where Semafone comes into play – the global company’s solutions help enterprise contact centers securely handle CNP transactions, while simplifying compliance with the PCI DSS (Payment Card Industry Data Security Standard).
One-to-one with the CEO of Semafone, Tim Critchley
Why was the company set up? How did you select the vertical and decide to be part of the global platform?
As the global standard for protecting cardholder data, the PCI DSS is extremely complex and continuously evolving. It is a challenge for contact centers to keep on top of the latest requirements, while providing exceptional customer service and carrying out business as usual. The combination of simpler compliance, greater data security, and therefore, happier customers, was a compelling value proposition for us. Semafone is vertical-agnostic, serving enterprise contact centers across many industries including financial, insurance, healthcare, nonprofit, utilities, hospitality, retail and more.
What is your company’s vision statement? And to what extent are you successful in achieving the same?
Semafone’s mission is to secure the world’s personal data while protecting the reputations of its most valuable brands. And, we are doing exactly that. Enabled with Semafone, contact centers no longer hold or process personally identifiable information (PII) such as credit card data in their business infrastructures. This reduces risks associated with brand-damaging data breaches and makes contact centers far less appealing to fraudsters and cybercriminals. As we always say, “They can’t hack the data you don’t hold!”
How do you remove this sensitive data from contact centers?
Our patented payment method used in our Cardprotect solution allows callers to directly input their payment card numbers and other PII via their telephone keypads. The corresponding tones (known as dual-tone multi-frequency or DTMF tones) are replaced with flat tones so no one (agents, customer service representatives, eavesdroppers) can decipher them; nor are the numbers logged on call recording systems that could be breached. Unlike other solutions that transfer callers to a separate payment interface, Cardprotect allows customers to remain in full voice communication with the agent to ensure a smooth and positive customer experience. The captured data is sent directly to the payment processor, so it never touches the contact center’s IT environment.
What do you feel are the reasons behind your consistent growth as an organization?
We truly work with our customers to understand and address their specific challenges and needs. They are more like partners, and we strongly consider their feedback when we roll out solution updates. Additionally, our team stays up-to-date on the latest industry trends, regulations, and cybersecurity threats that impact our customers. For example, when the U.S. moved to EMV chip-enabled credit cards, we knew it would have a similar spiraling impact on fraud as it had in the U.K. We recognized this as a way to get our foot in the door in the North American market. Since then, we’ve experienced significant revenue growth, with 37 percent of our revenue coming from North American customers in 2017.
How do you and your company contribute to the global IT platform and society at large?
By securing CNP payment transactions, Semafone is proactively helping protect consumers and companies alike from detrimental data breaches. Consumers have the peace of mind that their information is safe, and enterprise contact centers understand that we are protecting them from potential reputational damage.
Do you have any new products ready to be rolled out into the market?
We are continually evolving and enhancing our flagship Cardprotect solution and have a major upgrade on the very near horizon. The upgrade will make deployment even easier and further simplify PCI DSS compliance. We also have plans to roll out new solutions for protecting bank account numbers and other personal information such as social security numbers – not just payment card data.
Where do you see you and your company a couple of years from now?
We plan to extend our global reach across industries, while expanding our solution portfolio to secure all PII. We are especially looking to build on our success in the insurance and healthcare markets and continue to grow our North American business. It will be particularly interesting to see how the forthcoming European Union General Data Protection Regulation (EU GDPR) impacts our value proposition. We’ll see enterprises looking for new ways to protect their customers’ data– as they seek to simplify compliance, avoid fines and keep their names out of negative headlines.
Meet the Champion
Tim Critchley has been the CEO of Semafone since 2009 and has led the company from a U.K. startup to an international business that spans five continents. He has helped secure Series A and Series B rounds of funding from various investor groups including the BGF and Octopus. Under his leadership, the company has established global partnerships and won clients that span a range of industry sectors and include major brands such as AXA, BT, Capita, Harley-Davidson, Next, Rogers Communications, Santander, and Sky. Prior to joining Semafone, Critchley was COO at KnowledgePool Group where he helped complete a successful turnaround in three years. Tim graduated from the London School of Economics and has an MBA from Manchester Business School.
“We ensure customers always have access to the latest and best technologies, compliance products and know how.”