Skip to content

Card Payments By Phone: How DTMF Suppression Improves Security


Data collected by UK Finance in their “Fraud the Facts 2021” report estimates that Cardholder Not Present (CNP) fraud resulted in £452.6m worth of losses for consumers in 2020. This is where card details are stolen and then used for online or over the phone purchases without the cardholder’s knowledge. Protecting this financially sensitive data should be a top priority for any organisation capturing card numbers, expiry dates or other data when customers are placing an order, paying a bill or topping up an account.

Payments over the phone are no exception. Two of the most significant threats related to telephone payments are the agent at the other end of the line hearing sensitive payment information, and any card details transmitted via DTMF tones if a customer is using their telephone keypad.

What are DTMF Tones?

DTMF stands for “Dual-Tone Multi-Frequency” which is a series of audio signals generated when a telephone user presses the individual numbers of a telephone keypad. These tones range from high-frequency groups to low-frequency groups, and can be identified and decoded by small devices and the right software.

DTMF masking (or DTMF suppression) can help your organisation achieve PCI-Compliance, an industry-standard that is applicable to any business that captures or processes card details. It allows customers to input sensitive card details into their phone without any concerns that the cardholder data can be exposed at the other end. Calls can also continue to be recorded, without the risk of any sensitive data being captured.

How DTMF Suppression Works 

Click the image above to zoom

How DTMF Suppression Works Within Contact Centres

According to Ponemon Institute’s 2018 Cost of Insider Threats, more than one in five security incidents were caused by malicious insiders or “rogue agents” within their contact centres. These are staff members who have intentions to commit identity or Cardholder Not Present (CNP) fraud, or sell the card details to others. To combat this, we’ve designed a payment solution that removes all DTMF tones from the call, and eliminates the need for customers to say their sensitive payment details out loud. They will feel like their data is being handled professionally and securely, without affecting their user journey.

Without DTMF masking or suppression, organisations could risk malicious attacks targeting their customers’ data, including possible internal threats from “rogue agents”. If staff have access to card details and other personal information, customers are at a much higher risk of fraudulent activity. Therefore, corporate security is improved dramatically by removing this specific data completely from the organisation’s network.

How can you implement this? Our team will work with you and your security specialists to implement a solution that meets your business requirements perfectly. Our DTMF suppressed payment solution, Agent Assisted Payments, is recommended by international payment gateways and delivered by trained, experienced industry professionals.

3 Reasons Why You Should Use DTMF Suppression


1. A seamless and secure payment process provides a superior customer experience, and reduces overall call queue and call handling times. Customers will also feel more confident in providing their card details over the phone knowing all personal data is being handled correctly, drastically enhancing the trust between both parties.


2. The risk of human error is significantly decreased when using our DTMF suppressed platform, it doesn’t need to be switched on or off by an Agent, offering continuous protection throughout the payment journey. Additionally, the need to pause and resume call recordings is eliminated. The main objective is to guarantee sensitive card data cannot be intercepted or compromised.


3. The Financial Conduct Authority (FCA) outlines that any financial firm that provides services to consumers, and takes payments over the phone, must record their calls for training and monitoring purposes. This is to ensure customers and businesses are protected against any market abuse.

As no sensitive data is present on the call, it cannot be picked up by call recordings. This helps organisation adhere to strict FCA rules, whilst dramatically reducing the risks behind data breaches and malicious cyberattacks.

Why Should You Choose Agent Assisted Payments?

Our payment service is optimised to provide a smooth customer and agent experience when dealing with over the phone transactions. Powered by a DTMF suppressant platform, it allows agents to hold a continuous conversation when taking card details, meaning it removes the need to pause call recordings.

It connects with all major Payment Service Providers to ensure all transactions meet Level 1 PCI-DSS Compliance v4.0. The service also allows multiple agent logins, alongside concurrent licensing, giving your organisation the ability to deal with a large volume of payments and orders at once.

Our Agent Assisted Payments solution is flexible to fit your business structure, but no matter what, payments are taken safely and securely. For a more in-depth demonstration, watch our demonstration video here.

Or contact Key IVR today, we can discuss how this service can benefit your organisation, call us at +1 888 765 3109 or email

Share this


Related news


Get started

Drop your details below and we’ll be in touch!