Craig Marston

Chief Technology Officer, Paytia Limited

Southampton, United Kingdom

Craig leads the engineering side of Paytia as Chief Technology Officer. He specialises in PCI DSS compliance, secure payment capture, MOTO (Mail Order and Telephone Order) payment architecture, and the GDPR obligations that sit alongside taking card details by phone. Craig is a member of the Institute of Financial Accountants and the Institute of Public Accountants, and is based in the Southampton area.

View LinkedIn Profile

Credentials

  • Chief Technology Officer, Paytia
  • Member, Institute of Financial Accountants (since 2011)
  • Member, Institute of Public Accountants (since 2015)
  • PCI DSS and GDPR specialist

Areas of Expertise

PCI DSS complianceDTMF masking and call audio handlingMOTO payment securityGDPR for contact centresSecure payment platform architecture

Articles by Craig (55)

IVR Payments: The 2026 Contact Centre Guide
Contact Centres

IVR Payments: The 2026 Contact Centre Guide

PCI DSS 4.0 Phone Payments: 2026 Compliance Checklist
PCI Compliance

PCI DSS 4.0 Phone Payments: 2026 Compliance Checklist

Adding DTMF Masking to Aircall: A Practical Guide
Telephone Payments

Adding DTMF Masking to Aircall: A Practical Guide

How to Choose DTMF Masking Software: A Practical Checklist
Telephone Payments

How to Choose DTMF Masking Software: A Practical Checklist

DTMF Masking vs Pause-and-Resume: Which Should You Use?
Telephone Payments

DTMF Masking vs Pause-and-Resume: Which Should You Use?

Is DTMF Masking PCI Compliant? The Real Picture
PCI Compliance

Is DTMF Masking PCI Compliant? The Real Picture

What Is DTMF? A Plain-English Guide to Phone Tones
Telephone Payments

What Is DTMF? A Plain-English Guide to Phone Tones

What Is an IVR Payment? The 2026 Plain-English Guide
Telephone Payments

What Is an IVR Payment? The 2026 Plain-English Guide

How to Improve Call Centre Efficiency
Contact Centres

How to Improve Call Centre Efficiency

How to Reduce Average Handling Time Without Wrecking CSAT
Contact Centres

How to Reduce Average Handling Time Without Wrecking CSAT

What Is Multichannel Customer Service? A Practical Guide
Contact Centres

What Is Multichannel Customer Service? A Practical Guide

How to Improve Customer Satisfaction in Call Centres
Contact Centres

How to Improve Customer Satisfaction in Call Centres

Insurance Contact Centres: PCI-Safe Phone Payments
Telephone Payments

Insurance Contact Centres: PCI-Safe Phone Payments

IVR vs Agent-Assisted Payments: Which Fits Your Calls?
Telephone Payments

IVR vs Agent-Assisted Payments: Which Fits Your Calls?

Tokenisation vs Encryption: What's the Difference?
Payment Technology

Tokenisation vs Encryption: What's the Difference?

Network Tokens vs PSP Tokens: What's the Difference?
Payment Technology

Network Tokens vs PSP Tokens: What's the Difference?

What Is a Tokenization Vault? A Plain-English Guide
Payment Technology

What Is a Tokenization Vault? A Plain-English Guide

PCI Compliance for Telephone Payments: 2026 Guide
PCI Compliance

PCI Compliance for Telephone Payments: 2026 Guide

POS Tokenisation Explained: How Card Tokens Work at the Till
Payment Technology

POS Tokenisation Explained: How Card Tokens Work at the Till

PCI DSS v4.0.1: 2026 Contact Centre Buyer's Guide
PCI Compliance

PCI DSS v4.0.1: 2026 Contact Centre Buyer's Guide

HIPAA and PCI DSS: Where They Overlap on a Call
Payment Technology

HIPAA and PCI DSS: Where They Overlap on a Call

What Is AOC? Attestation of Compliance Explained
PCI Compliance

What Is AOC? Attestation of Compliance Explained

What Does Descoped Mean? PCI DSS Compliance Guide
PCI Compliance

What Does Descoped Mean? PCI DSS Compliance Guide

Is AI Safe for Payment Fraud Detection?
Payment Security

Is AI Safe for Payment Fraud Detection?

Is It Safe to Give Card Details Over the Phone? 2026 Guide
Telephone Payments

Is It Safe to Give Card Details Over the Phone? 2026 Guide

Are Payment Links Safe? What to Check Before You Pay
Payment Security

Are Payment Links Safe? What to Check Before You Pay

Cardholder Data Environment (CDE): How to Reduce Its Scope
PCI Compliance

Cardholder Data Environment (CDE): How to Reduce Its Scope

What Is PCI DSS? Complete UK Compliance Guide
PCI Compliance

What Is PCI DSS? Complete UK Compliance Guide

What is CVV? CVC vs CVV vs CVV2 Explained (2026)
Payment Security

What is CVV? CVC vs CVV vs CVV2 Explained (2026)

What Is a BT Payment Line? How It Works Explained
Telephone Payments

What Is a BT Payment Line? How It Works Explained

Showing the 30 most recent of 55 posts.

Ready to take secure payments?

Book a demo with our team. We'll show you DTMF masking live, talk through PCI DSS scope reduction, and put together pricing based on your call volume.

PCI DSS Level 1
Cyber Essentials Plus
Book a demoBack to Blog

Trusted by law firms, insurers, healthcare providers and regulated businesses worldwide. Learn more about Paytia