Glossary/MOTO Payments

What are MOTO Payments?

MOTO stands for Mail Order / Telephone Order. It refers to card payments where the cardholder is not physically present and the transaction is processed by an agent over the phone or through a posted or emailed order form. MOTO payments are classified as card-not-present transactions and carry specific security requirements under PCI DSS.

How MOTO Payments Work

In a MOTO transaction, a customer provides their card details to a merchant without being physically present at a point of sale terminal. This typically happens in one of two ways:

Telephone order: The customer calls the business and reads out or keys in their card number, expiry date, and security code while an agent processes the payment
Mail order: The customer fills in a paper or electronic form with their card details and sends it to the merchant by post, fax, or email

The merchant then enters these details into a payment terminal, virtual terminal, or payment gateway to authorise and complete the transaction.

Why MOTO Payments Still Matter

Despite the growth of online payments, MOTO transactions remain essential for many businesses. Insurance companies, utilities, healthcare providers, government agencies, and charities all rely heavily on telephone payments. Many customers -- particularly older demographics or those without internet access -- prefer to pay by phone.

For businesses with contact centres, telephone payments often represent a significant share of total revenue. Any interruption to the ability to take phone payments directly affects cash flow.

Security Risks

MOTO payments carry higher fraud risk than chip-and-PIN or contactless transactions because the card is not physically verified. The main risks include:

Agents hearing or seeing card details, creating insider fraud risk
Call recordings capturing card numbers in audio files
Paper forms containing card data being stored insecurely
Card details being transmitted over unencrypted channels

Under PCI DSS, any environment where card data is spoken, heard, written down, or stored must be secured to the standard's requirements. This can make MOTO payment environments expensive and complex to manage.

Securing MOTO Payments

There are several approaches to reducing risk in MOTO environments:

DTMF Masking

Instead of reading card details aloud, the customer keys them in on their phone keypad. DTMF masking technology suppresses the tones so agents cannot hear the digits. The card data is routed directly to the payment processor without entering the contact centre environment.

Agent-Assisted Payment Platforms

Dedicated platforms handle the card data capture while keeping the agent on the line to guide the customer. The agent never sees or hears the card number, and the contact centre is descoped from PCI DSS.

Pay by Link

The agent sends the customer a secure payment link via SMS or email during the call. The customer completes the payment on their own device, keeping card data entirely outside the phone channel.

How Paytia Uses This

Paytia specialises in securing MOTO payments for contact centres and businesses that take payments over the phone. Our DTMF suppression technology lets customers key in their card details during a call while the agent stays on the line, unable to hear or see the numbers.

This removes card data from the voice channel entirely, descoping the contact centre from PCI DSS and eliminating the fraud risks associated with traditional telephone payment processes. Paytia also offers pay by link and IVR payment options for businesses that want to give customers multiple ways to pay securely.

Telephone Payments DTMF Suppression Call Centre Payments

Frequently Asked Questions

What is the difference between MOTO and e-commerce payments?

Both are card-not-present transactions, but they use different channels. MOTO payments are processed over the phone or by mail, with an agent typically handling the transaction. E-commerce payments happen online through a website or app, with the customer entering their own details. Each channel has different PCI DSS requirements and security considerations.

Are MOTO payments more risky than in-person payments?

Yes, MOTO payments carry higher fraud risk because the card is not physically present and cannot be verified with chip-and-PIN or contactless technology. This is why card brands classify them as card-not-present transactions and why businesses processing MOTO payments face stricter PCI DSS requirements.

How can I reduce the cost of PCI compliance for MOTO payments?

The most effective approach is to remove card data from your environment entirely. Technologies like DTMF masking and agent-assisted payment platforms route card details directly to the payment processor without them ever entering your contact centre. This descopes your telephony infrastructure from PCI DSS, significantly reducing compliance costs.

See how Paytia handles moto payments

Book a personalised demo and we'll show you how our platform works with your setup.

Request a Demo

Agent-assisted Payments

Automated Payments

Banking Payments

Other

Financial & Professional

Public & Non-Profit

Consumer & Services

Contact Centres & Telecoms

Partner Programs

Integrations

Featured Partners

Learning Centre

Demonstration Videos

Integration & APIs

Support

Company