Consult transfer to secure flow

View Only

Back to discussions

Expand all | Collapse all

Thread closed by the administrator, not accepting new replies.

1. Consult transfer to secure flow

Like

Gareth James

Partner

Posted 03-01-2022 02:47

No replies, thread closed.

Hi Community,

The secure flow process works very well when agent initiated and assuming that a customer follows the instructions in the flow for capturing the details should provide a seamless experience. Obviously, within that flow we can provide assistance to the caller through updated menu prompts or more detailed information if they fail to enter what is expected, for example credit card number, expiry date, etc.

However, a number of our customers have asked about the potential for the agents to be engaged in these same calls with the customer, able to talk them through each step of the process with the customer entering their details through DTMF.

Has anyone tried to perform this? Would it even be PCI compliant in this situation even though the agent still has no idea what details have been entered?
#Security
#Telephony
#Unsure/Other

------------------------------
Gareth James
CALLSCAN AUSTRALIA PTY. LTD.
------------------------------
2. RE: Consult transfer to secure flow

Like

Melissa Bailey

Genesys

Posted 03-01-2022 09:28

No replies, thread closed.

It would defeat the purpose of a secure flow

------------------------------
Melissa Bailey
Genesys - Employees
------------------------------

Original Message
3. RE: Consult transfer to secure flow

Like

Martin Bunting

Advocate

Posted 03-01-2022 13:32

No replies, thread closed.

AppFoundry Partner CardEasy is able to provide this service. Genesys AppFoundry - CardEasy Secure Contact Center Payments

------------------------------
Martin Bunting
i3Vision Technologies Inc.
------------------------------

Original Message
4. RE: Consult transfer to secure flow

Like

Vaun McCarthy

Community Rockstar

Posted 03-01-2022 13:58

No replies, thread closed.

Hmm that's interesting Martin. I wonder how they do the DTMF and speech masking in real time.

Using CardEasy Agent Assist, the contact center agent simply asks the customer to either: Enter their payment card numbers using their telephone keypad. CardEasy captures the keypad entries utilizing DTMF masking. Speak their payment card numbers aloud as they normally would. CardEasy captures the spoken numbers utilizing automated speech recognition (ASR).

------------------------------
Vaun McCarthy
------------------------------

Original Message
5. RE: Consult transfer to secure flow

Like

Gareth James

Partner

Posted 03-01-2022 17:06

No replies, thread closed.

I agree to a point, but as long as the flow is still not recording anything, and the customer is not reading out or providing any visibility of the confidential data then it would still be secure. The essence of this request is to replicate services that are offered by 3rd parties without the customer having to pay extra to add it to the platform. PCI PAL are one of a number of companies that allow both the agent and the customer to be handled in a secure manner

------------------------------
Gareth James
CALLSCAN AUSTRALIA PTY. LTD.
------------------------------

Original Message
6. RE: Consult transfer to secure flow

Like

Trevor Kuzik

Posted 10-03-2025 22:28

No replies, thread closed.

Hi Gareth,

Did you ever get a resolution to this? We're attempting to have an agent consult to a secure flow, then 'resume' with the caller while still consulting. The caller continues into the secure flow, but the agent doesn't go with them. Instead, we see a failure in Architect when tracing the interaction and the agent is transferred to a backup queue. So the caller goes one way, while the agent goes another. =/

------------------------------
Trevor Kuzik
Contact Centre Technologist
------------------------------

Original Message
7. RE: Consult transfer to secure flow

Like

Vaun McCarthy

Community Rockstar

Posted 10-04-2025 00:47

No replies, thread closed.

Hi Trevor, you'd want to carry on tracing that secure flow to see what's happening. If it's taken the error path, using something like the historical execution will at least hopefully tell you which point is causing the failure. It's by design that the "agent doesn't go with them", but then you also choose whether there's a return to agent option or if the original agent is released from the interaction.

It's odd that you're saying the agent themselves are transferred. Is there some type of conferencing happening in these flows?

------------------------------
Vaun McCarthy
------------------------------

Original Message
8. RE: Consult transfer to secure flow

Like
Bruno Costa dos Santos

Partner
Posted 10-04-2025 09:25

No replies, thread closed.
Hi Gareth

We've implemented a native approach in retail projects that achieves this assisted experience without requiring any third-party PCI solutions.

Instead of trying to keep the agent inside the secure flow (which by design isn't supported and would break PCI compliance), we structure the flow to give agents context in a compliant way:

Build the secure flow with clear menus and prompts that guide the customer through data entry.

Run a Luhn validation in a common module before calling any business APIs, ensuring the card input follows the expected pattern - you can find a template flow with Luhn algorithm in the Genesys Architect flow examples here:
https://help.mypurecloud.com/articles/download-architect-flow-examples/

Store only metadata in participant data via Data Actions - for example, which step the caller reached or where they encountered difficulty (never the actual card data).

Retrieve that metadata back into the agent's screen script using another Data Action, so the agent can see where the customer stopped and provide informed guidance once the secure flow ends.

This approach maintains full PCI compliance, avoids exposing any sensitive data, and still allows the agent to support the customer contextually - all using native Genesys Cloud capabilities, without any additional licensing or third-party integration.

From what I can see, this thread hasn't reached a final resolution yet. Just to clarify, the agent cannot technically stay inside the secure flow - that's by design and required for PCI compliance - but the method above provides a compliant way to bridge that experience natively.

------------------------------
Bruno Costa
Nibi Techlead
------------------------------

------------------------------
Bruno Costa dos Santos
------------------------------

Original Message

Genesys Cloud - Main

Consult transfer to secure flow

Gareth James03-01-2022 02:47

Melissa Bailey03-01-2022 09:28

Martin Bunting03-01-2022 13:32

Vaun McCarthy03-01-2022 13:58

Gareth James03-01-2022 17:06

Trevor Kuzik10-03-2025 22:28

Vaun McCarthy10-04-2025 00:47

Bruno Costa dos Santos10-04-2025 09:25

1. Consult transfer to secure flow

2. RE: Consult transfer to secure flow

3. RE: Consult transfer to secure flow

4. RE: Consult transfer to secure flow

5. RE: Consult transfer to secure flow

6. RE: Consult transfer to secure flow

7. RE: Consult transfer to secure flow

8. RE: Consult transfer to secure flow

Related Content

Securing card payments in contact centers while improving customer experience

Google Cloud Text-to-Speech integration

Voicemail Notifications in HIPAA Compliant ORG

Secure Flow

Consult Transfers