Genesys Cloud - Main

 View Only

Discussion Thread View
  • 1.  Payment Gateway Integration for PCI DSS

    Posted 09-14-2023 11:54

    Hello 

    We have a use case wherein for the Payment customer will be filling card information on a portal while talking to the agent. Payment Vendor has the Rest APIs to trigger us when the payment process start and stop. We need to consume those and likewise implement Screen and Voice Recording Pause and Resume. Question is do we need to have a middleware developed to utilize Recording APIs or that can be directly consumed in the Genesys Cloud. It has Secure Flow and Secure Pause but am not sure how can i use those in my use case. 


    #Integrations

    ------------------------------
    Mudit Sharma
    Servion Global Solutions Inc.
    ------------------------------


  • 2.  RE: Payment Gateway Integration for PCI DSS

    Posted 09-16-2023 10:22

    Depends on how the payment app is used.  I suggest you iframe that into a page in a script and use a secure pause when the agent is on that page.  Alternatively, the payment program should be able to call the API for secure pause.  You can also use the Secure Flow approach to bypass having the agent receive the information at all.  The third option is to turn on PCI masking that will mask out any of that PCI data in the recording and transcription.  



    ------------------------------
    Robert Wakefield-Carl
    ttec Digital
    Sr. Director - Innovation Architects
    Robert.WC@ttecdigital.com
    https://www.ttecDigital.com
    https://RobertWC.Blogspot.com
    ------------------------------



  • 3.  RE: Payment Gateway Integration for PCI DSS

    Posted 09-20-2023 03:05

    Thanks Robert 



    ------------------------------
    Mudit Sharma
    Servion Global Solutions Inc.
    ------------------------------



  • 4.  RE: Payment Gateway Integration for PCI DSS

    Posted 09-27-2023 11:59

    I think from what you are saying that it might be a bit more complicated that what Robert is suggesting.  His final comment about the redaction feature, which is about 2 months old, is for sure something you should implement regardless, which can serve as a guardrail / safety net.  However, I heard you say that the customer will be filling out the payment info via an online form and the agent will be on the phone with them while they do so.  I would have to assume that after the payment is completed that a confirmation is given to your agents via your CRM software's integration or via the payment portal somehow.  The script with an iframe / webpage frame is a great idea, if your agents have to also log into the payment portal, however, if they do not, then that concept won't work for you.  For the payment provider making the API calls back to Genesys, technically that is possible, but just how would that provider get the conversationid?  I fear it would turn out to be extra complicated, which will open you up to too many failure modes down the line.  The script is a good idea as when it loads, or when a button is pressed you can institute the secure pause via a Data Action.

    How does the customer get the URL to go to the payment gateway in the first place?  Maybe this is what you put into your script.  A button that triggers the link to be sent via SMS or Email then enables secure pause at the same time.  You'll just need to come up with a strategy that disables it after this process has completed.



    ------------------------------
    Ryan Cheesman
    Senior Manager, IT Integration Services
    Tandem Diabetes Care Inc. | positively different
    ------------------------------



  • 5.  RE: Payment Gateway Integration for PCI DSS

    Posted 09-27-2023 13:22

    Ryan , Thanks. SMS will be triggered but that again is integrated with their CRM. As of now our integration with the CRM is URL based for a Screen Pop. Getting triggers from Payment Gateway Provider is not a problem only thing is we will have to build a middleware so as to sync the relevant call session required for the secure pause. It will become somewhat complicated as we will need to send the ID at the start and Payment Gateway has to maintain that , and if the payment gateway has initiated a payment service for that session they will have to send us the ID as well as the Trigger Message. Hence we want to avoid this thing. Alternatively may be what I am thinking is Agent can transfer the call to IVR as secure flow and may be we can mask the sensitive data collection. On the IVR we can have the direct API Integration with the payment vendor. 

    You also mentioned Data Actions based on Agent script load. This can be a good Idea may be but how can we automate this so that we don't have the dependency on the Agent to manually load a script or toggle manual secure pause button is my question . 

     



    ------------------------------
    Mudit Sharma
    Servion Global Solutions Inc.
    ------------------------------



Need Help finding something?

Check out the Genesys Knowledge Network - your all-in-one access point for Genesys resources