Contact centers are frequently used by businesses to provide customer service functions, such as accepting orders for goods purchased or contacting delinquent account holders for payment. In many instances, a party will provide payment by credit card for the goods purchased or as a payment for an amount past due. Typically, this involves the party entering a credit card account number using the keys on their telephone. The information may be received by an interactive voice response system in a payment processing system. The resulting generated dual-tone multiple frequency (“DTMF”) tones (a.k.a. touch-tones®) are processed by a payment processing system to effect the charge against the credit card. In some instances, the interactive voice response system may be bridged midway during the call by the agent when it is determined the remote party desired to pay. In some arrangements, the agent may hear the entire interaction between the party and the interactive voice response system, including the credit card information.
Credit card information is considered sensitive information, and the party providing the information typically desires to carefully control its dissemination. It is widely recognized that credit card information, along with other personal information, is commonly stolen for nefarious purposes. Thus, if the interactive voice response system is bridged onto the call, then the agent will hear the party's credit card account number and other sensitive information. Though uncommon, the agent could potentially use or sell this sensitive information for nefarious purposes. For security purposes, it is desirable to avoid any unnecessary exposure of the customer's sensitive information.
Further, in some applications, a recording of the call may be made for various purposes. A common purpose is to be able to subsequently verify the transaction between the agent and the party should a subsequent issue arise. In some arrangements, the recording may record not only the voice conversation, but also the DTMF tones corresponding to the sensitive information provided by the party when interacting with automated systems. The recording may be stored on a server, and potentially accessible over the Internet. Anecdotal stories of computer files that are “hacked” (i.e., stolen) leads to the possibility that sensitive information provided by the caller on a call recording could be misappropriated and compromised at a later date.
Thus, it is desirable to facilitate secure transfer of sensitive information between a remote party and an automated processing system in a contact center while maintaining the integrity of the sensitive information to the systems that process it. Specifically, the availability of sensitive information should be suppressed to the agent or in call recordings. It is with respect to these and other considerations that the disclosure herein is presented.