PCI Solutions

Any organisation that processes customer card payments over the phone is required to be compliant with the Payment Card Industry Data Security Standards (PCI-DSS) – an internationally recognised set of technical and operational requirements designed to protect cardholder data. 

Ultracomms is one of very few cloud contact centre service providers to achieve PCI DSS Level 1 certification. As a result, clients can achieve their own PCI DSS compliance using the the much simpler Self-Assessment Questionnaire (SAQ) process, without having to invest heavily in their own infrastructure.  Using a Level 1 certified platform also significantly reduces the risk of a data breach occurring and shifts the liability for investigating any suspected breaches from the contact centre organisation, removing the risk of financial and reputational damage for clients. 

The benefits of working with PCI DSS certified service providers include giving end customers the confidence that their financial information is being protected, employees the reassurance that they are not being inadvertently exposed to customer data, and organisations the ability to demonstrate that they care about customer experience and compliance.

Ultracomms' effective PCI-DSS compliant solutions are simple to implement and ensure complete security for your customers, preventing any possibility of telephony orientated fraud, and allowing you to promote complete payment security and instil customer confidence and a readiness to transact.

Ultracomms uses DTMF (Dual Tone Multi-Frequency) clamping based solutions licensed from Semafone to enable customers to enter their card details directly through their telephone keypad. The transaction can take place at any point during the call with any advisor; enabling you to deliver an improved customer experience, whilst guaranteeing PCI-DSS compliance. Your advisors can remain on the call throughout the payment process as they are no longer exposed to cardholder data – this significantly reduces call abandonment rates and lost sales opportunities. In addition, because neither the advisor, nor the call recorder ever receives any of the card details – either verbally or via DTMF – continuous call recordings are possible, delivering you a complete audit trail.

PCI Pro™ Appliance

When a customer gives their payment details over the telephone, they are choosing to put significant trust in an organisation.  The ability to guarantee that customers’ details are going to be safe is essential for any business that handles payments in this way. The only way to provide real payment security for your customers is to separate your contact centre agents from being exposed to critical credit and debit card data recording technology.


  • PCI DSS Level 1 certified
  • Reduces PCI accreditation cost and risk
  • Ensures sensitive card information is not seen, heard or stored
  • Ensures calls can be recorded without risk
  • Builds customer relationships and confidence
  • Enables advisors to remain on the phone throughout the transaction (if required)
  • Rapid deployment
  • Utilises off-site resilient infrastructure
  • Supports location-independent working