Navigation MenuRealWire Limited

Delivering Relevance, Releasing Influence

Tweet Facebook LinkedIn
Press Release

Semafone bolsters security across its product line with new PCI DSS certification for Cardprotect Relay+


Semafone extends PCI DSS certification geographically and across product lines to provide customers and partners the highest levels of security in omnichannel payments

BOSTON and GUILDFORD, UK – March 19, 2020Semafone®, the leading provider of data security and compliance solutions for call and contact centres, has achieved global certification under the Payment Card Industry Data Security Standard (PCI DSS) for its omnichannel digital payments solution, Cardprotect Relay+. The company has also extended PCI DSS certification for its flagship solution for telephone-based payments, Cardprotect Voice+, across the whole of North America.

Semafone’s designation as a Level 1 Service Provider for both voice and omnichannel digital payments is the highest level of certification available from the PCI Security Standards Council. Semafone has also been named on the Visa Global Registry of Service Providers. This demonstrates its ability to adhere to strict, updated and ongoing PCI DSS compliance while upholding a strong defence against cardholder data compromise by supporting secure technologies such as point-to-point encryption and tokenisation. This replaces Semafone’s previous Visa merchant agent status and underlines that data security is a top priority. In addition, the company’s continued certification with the globally recognized ISO 27001:2013 standard for information security management systems makes Semafone one of the few IT security vendors to attain such a comprehensive set of externally verified data security certifications.

“By certifying our company and both our voice and omnichannel payment solutions with the most rigorous security standards available across the globe, we continue to demonstrate our unwavering commitment to data security best practices; achieving the highest level of certification from the PCI Security Standards Council across all channels,” said Gary E. Barnett, Chief Executive Officer, Semafone. “We lead by example as we help our customers implement secure and PCI DSS compliant payment processes to help protect their customers’ sensitive data.”

With these certifications, Semafone continues to provide call and contact centres with unmatched customer data protection by securely and easily accepting card-not-present (CNP) payments across any digital or telephone-based channel. Semafone’s industry leading Cardprotect Voice+ and Cardprotect Relay+ solutions enable businesses to accept payments while ensuring that their customers’ sensitive payment data and personally identifiable information (PII) is securely routed directly to the payment service provider (PSP). Because the data never enters the merchant businesses’ network infrastructure, the risk of a brand-damaging data breach or fraud occurring is significantly reduced and PCI DSS compliance is dramatically simplified. With more than 5,000 data breaches exposing nearly 8 billion sensitive records in 2019, and the total cost of a data breach averaging 2.7m pounds in the UK, and a staggering 8.2 million dollars (approx. £6.8m) in the US, it is now more important than ever for organisations to have the highest levels of data security to protect their customers’ data.

“In addition to helping strengthen data security, by achieving these certifications, we also help our customers and partners reduce the number of PCI DSS requirements that they must validate against,” said Barnett. “This provides a frictionless customer experience and eases the compliance process, saving our customers and partners extensive time and effort.”

For more information about Semafone’s solutions and applicable certifications, please visit

About Semafone
Semafone provides pure cloud, hybrid cloud and on-premise solutions to contact centres and all businesses accepting payments; enabling them to collect personal data securely across all channels – including the telephone, webchat, social media, email SMS, QR codes and more. Semafone's patented data capture method collects sensitive information such as payment card or bank details and social security numbers directly from the customer for processing. This prevents personal data from entering the business and IT infrastructure, which protects against the risk of fraud and the associated reputational damage, ensuring compliance with industry regulations such as PCI DSS. Semafone’s suite of solutions create a seamless, omnichannel experience that increases sales conversion rates and boosts customer loyalty, while at the same time simplifying compliance.

The company was founded in 2009 and now supports customers in 26 countries on five continents. Semafone is vertically agnostic and its extensive customer base includes companies such as Aviva Canada, Amica Mutual Insurance, British Sky Broadcasting, Pethealth, Rogers Communications, Santander, Sutter Health and TVG.

Major investors of Semafone include Octopus Ventures and BGF (Business Growth Fund).

Semafone has achieved the leading security and payment certifications: ISO 27001:2013, PA-DSS certification for its Cardprotect Voice+ payment solution, is a PCI DSS Level 1 Service Provider and has been named on the Visa Global Registry of Service Providers. To learn more, visit and follow us on LinkedIn, Twitter and Facebook.