Taking Credit Card Payments Over the Phone

Taking credit card payments over the phone involves a process known as a 'Card Not Present' (CNP) transaction and requires the merchant to input card details manually into a secure online payment gateway or virtual terminal. In addition, merchants must comply with Payment Card Industry Data Security Standards (PCI DSS) and carry out other checks to protect their customer's sensitive information. Offering 'Payment Request Links' can simplify this process by allowing customers to enter their card details securely, enhancing security and customer confidence.

Best way to take credit card payments over the phone

Various methods exist for accepting a customer’s credit card payment over the phone. Here are the three main ways:

1. Using a merchant account provider: A merchant account provider will give you a dedicated account for your business. Plus, you’ll receive tools, including card readers, a virtual terminal, or software to take credit card payments in your preferred ways. Merchant accounts are not the cheapest way to offer credit card processing. However, they are generally considered the most secure way to do so.

2. Keying in card numbers on your credit card terminal: This is a straightforward way to collect credit card payments over the phone. You simply ask your customer to read off their card number, expiration date and CSV code, and you type this information into your credit card terminal at the POS (point of sale).

3. Using your mobile credit card processing application to key in card numbers.

Regulations for taking credit card payments over the phone

Many people ask whether taking credit card payments over the phone is safe. The answer is – yes, as long as you follow the correct protocols. The most significant phone payment risks are failing to follow PCI DSS compliance. This refers to the consent to safely accept, store, process and transmit cardholder data during card transactions.

Not being compliant with the rules can lead to fines, so doing things properly is essential. This means it’s wise to choose a secure payment provider (and accompanying virtual terminal) to do the hard work for you. They should ensure that all errors, mistakes, and disputes are resolved best. If your provider cannot handle PCI compliance for you, you’ll need to find a way to ensure that compliance is still part of your payment solution.

Alternatives to taking card payments over the phone

Many customers will have doubts about reading their sensitive card details over the phone to you. It certainly can seem more old-fashioned and less secure than the modern payment methods available today. It also simply takes a fair bit of effort to locate the card, reel off the numbers, and check it's all been heard accurately.

An easy solution for confirming payments instantly while you have a customer on the phone is to send them a payment link. The customer goes through the flow, and the payment is confirmed instantly for you both.

Alternatives like payment links can simplify the payment process, offering a more user-friendly and secure solution. Payment links enable immediate confirmation for both parties, streamlining the transaction process.

Despite the potential benefits of taking card payments over the phone, it's important to acknowledge that this method has challenges. There can be security concerns from the customer's perspective and the potential for human error during the transfer of information. It may be perceived as less convenient or modern than other digital methods and can be time-consuming for both parties involved. These factors might prompt businesses to consider alternative methods, such as using payment links, which can offer a faster, safer, and more user-friendly solution.

Case study

To tackle the shortcomings of traditional credit scoring, Plend, a UK-based company, utilises open banking transaction data to make access to low-cost loans more equitable. GoCardless, Plend's exclusive payment provider, plays a key role in their operations by facilitating the collection of recurring and one-off payments from customers, sustaining strong cash flow and a high payment success rate. CEO Rob Pasco states, 

Furthermore, the incorporation of GoCardless has resulted in significant cost savings for Plend, as Co-Founder Jamie Pursaill highlights, 

Looking ahead, open banking developments, specifically Variable Recurring Payments (VRPs), are expected to render the collection process more flexible and responsive to customers’ needs. As the cost of living crisis intensifies, such refinements in credit offerings will serve as crucial financial aids to individuals seeking ways to manage their monetary commitments more efficiently.

We can help

GoCardless makes it quick and easy to get started with no contracts or long-term commitment required. You can set up instant, one-off, or recurring payments in the merchant dashboard in just a few clicks. GoCardless automatically creates and sends all the necessary forms, doing all the heavy lifting for you. You can also connect to GoCardless via over  350 partner apps, such as Xero and Quickbooks.

Discover how GoCardless can automate payment collection, making it easier to concentrate on what matters most - your business growth.

Are you exploring options for taking credit card payments over the phone? GoCardless can offer you a more effective alternative:

• No long-term commitment: With GoCardless, you won't be bogged down by any contract or long-term commitment. Our flexible terms allow you to adapt as your business needs evolve.

• Ease of setup & support: We pride ourselves on making setup easy and intuitive. Our award-winning support team is just a click away if you encounter any issues or need assistance.

• User-friendly dashboard: Manage your transactions with ease through our user-friendly dashboard. This platform allows you to keep track of all your payments and customer data so that you can focus on your core business operations.

• Seamless integrations: GoCardless can easily integrate with partner apps like Xero or Quickbooks. This way, you can manage your business finances and transactions more efficiently.

• Simple payment creation: Our system allows you to create instant, one-off, or recurring payments in just a few clicks. Once your customer authorises, the payments will be collected and credited to your account automatically based on the schedule you set.

• PCI DSS compliance: GoCardless ensures your customer's card information is handled securely, following all PCI DSS compliance rules, giving you and your customers peace of mind.

In a world where CNP transactions carry a risk of fraud, GoCardless provides a secure and convenient alternative. Let us help you streamline your phone payment process while providing the utmost security for your customer's data. Explore the benefits of GoCardless today and experience a seamless and secure way to manage phone payments.

Frequently asked questions 

Is there a risk to taking credit card payments over the phone?

There are inherent risks associated with accepting credit card payments over the phone. Firstly, there's the risk of card-not-present fraud when the merchant can't physically see the card to verify its authenticity. Secondly, there's the risk of customer disputes and chargebacks, especially if the customer denies authorising the payment or isn't satisfied with the goods or services provided. Lastly, the handling and storing of sensitive cardholder data in an insecure manner could lead to data breaches, resulting in significant financial and reputational damage. It's, therefore, critical for businesses to adhere to PCI-DSS standards and use reliable payment processors to mitigate these risks.

How do you accept credit card payment over the telephone?

Accepting credit card payments over the telephone involves a process known as Card Not Present (CNP) transactions. Here's how it works: First, the business must have a merchant account, a special type of bank account that enables them to receive payments via credit or debit card. The client provides their card details over the phone, including the card number, expiration date, and CVV (Card Verification Value). The business then enters these details into a secure payment gateway or virtual terminal, a web-based portal the merchant services provider provides. Once entered, the transaction is processed, and funds, minus transaction fees, are transferred into the business's merchant account. This process is secure and PCI DSS compliant, which ensures the protection of sensitive cardholder data during and after the transaction.

How do I accept a one-time credit card payment?

Accepting a one-time credit card payment primarily involves three steps: choose a reliable and compliant payment gateway or service that supports phone transactions, such as GoCardless. Next, during the phone call, gather the necessary payment details from the customer, including their card number, expiry date, and CVV code. Ensure this process complies with PCI DSS guidelines to maintain customer data security. Finally, enter this information into your payment system to process the transaction. It's crucial to send a receipt confirming the transaction via email or SMS. Remember, treat your customer's information carefully, following all necessary regulations, to build trust and ensure smooth transactions.