Enabling a BMW main dealership to meet it’s PCI-DSS compliance obligations

Enterprise Case Study

 

1200px-BMW.svg

Objectives of the project

To deliver a solution that staff would be able to accept payments over the phone without impacting their GDPR or PCI obligations. Enable staff identification, invoice identification and tracking and email transaction receipts to departments in real-time without affecting any existing systems. The system should be easy to use and not slow down the process of taking payments by phone. 

step-1-icon

Remove the need for staff to ask customers to read out their payment card data over the telephone

step-2-icon

Allow staff to enter a trackable reference number against the telephone payment

step-3-icon

Allow staff to add their staff ID number so the staff member that took the payment could be identified

step-4--blue

Meet PCI-DSS obligations with less cost and work required to prove they are compliant

step-5--blue

Stop being charged non-compliance fees for being unable to prove telephone payments had not been secured

step-6--blue

Have a service that allowed payment on every payment call they made or received

The Solution

From initial meetings, it was clear that the customer wanted to use there own bank so a custom integration was created so they could carry on processing payments using their bank's payment gateway service. The custom gateway connector into Lloyds bank was implemented allowing telephone payments with accompanying reference numbers and the agentID to be passed all the way through to the bank. This allowed the accounts department to quickly reconcile the transactions with no change to their operating process.

Payment Identification and reporting

To allow the functionality of the payment terminals to be replicated, departments and agent IDs were added to the Paytia platform so that a receipt for payment could be immediately received to the department's email address when any agents in the department took a payment. This was further enhanced to provide an end of day reconciliation report per department which was sent to accounts.

References available on request

"Paytia has enabled the business to solve the final piece of our PCI-DSS compliance protection by removing any access to payment card data from our business when taking telephone payments. We have also been able to reduce the amount of time it takes our accounts department when dealing with reconciliation and payment queries."

A BMW Main Dealership

Looking for more Case Studies?

Find out how Paytia has enabled other businesses to become PCI-DSS compliant

Secure Virtual Terminal

Learn how Paytia enabled an FCA regulated loan management company to meet it’s PCI-DSS compliance obligations when processing customer payments over the telephone.

Find out more

Telco API

Learn how Paytia enabled a Telco partner to integrate into their own voice networking systems, use their own customer telephone numbers and call flows without the risk of relaying all telephone calls externally.

Find out more

Ready to get started?

Contact Sales