Enabling an FCA regulated loan management company to meet it’s PCI-DSS compliance obligations
Paytia Secure Virtual Terminal Case Study
Paytia delivered an enhanced secure virtual desktop web application with the ability to settle payments into 5 separate bank accounts. Providing the service to run independently to the current loan management database system and onsite telephony.
Remove the need for staff to ask customers to read out their payment card data over the telephone
Allow staff to use a secure Virtual Terminal so multiple data fields could be entered
Allow partial account number and reference number fields to be captured with the transaction
Use multiple merchant MID account numbers so payments could be taken across 5 different bank accounts
Avoid non-compliance fees for being unable to prove telephone payments had been secured
Have a service that allowed payment on every payment call they made or received
There was a requirement to allow staff to vary data fields with each transaction. It was decided that a custom virtual terminal application from Paytia would be used.
The Virtual Terminal allowed each agent to enter names, addresses, reference and account numbers plus the transaction amount. As agents could be processing a transaction against multiple loan book accounts a simple dropdown was added that allowed the agent to choose the bank account money would be placed in. Choosing the bank account automatically pre-populated the account number fields on the form making data entry quicker and removing the risk of manual typing mistakes. SagePay (now known as Opayo) was chosen as the payment processing gateway so each loan account could have submission reports automatically downloaded into the Sage Accounting systems.
Payment Identification and Reporting
Department and agent ID were used in the Paytia platform so that a receipt for payment could be immediately received to the agent and accounts departments email addresses when any of the agents took a payment.
This was further enhanced to provide an end of day reconciliation report per department which was sent to accounts.
Paytia have allowed us to remove the risk to agents handling payment card data and made it simpler to evidence the process for our FCA and GDPR reporting where payments are concerned. The Virtual Terminal application has simplified the process of collecting payments without the need for us to change our systems or telephone service.
Looking for more Case Studies?
Find out how Paytia has enabled other businesses to become PCI-DSS compliant
Learn how Paytia enabled a BMW main dealership to meet it’s PCI-DSS compliance obligations for taking customer payments over the telephone.Find out more
Learn how Paytia enabled a Telco partner to integrate into their own voice networking systems, use their own customer telephone numbers and call flows without the risk of relaying all telephone calls externally.Find out more
PCI Compliance Guide
Learn what your business is required to do to become PCI-DSS Compliant. If your business takes payments over the phone PCI-DSS will apply to you. You must take the necessary steps to protect your customers sensitive payment card data.Find out more