Award winners

For more information please visit https://www.advantio.com/

De-scope your contact centres from PCI DSS whilst improving customer experience

Syntec's patented CardEasy system is a one-stop compliance solution for your contact centres.  The DTMF masking technology de-scopes this environment from PCI DSS controls, whilst ensuring customers’ card payments and your call recordings are compliant.
CardEasy removes the need for your customers to read out their card numbers over the phone, eliminating payment card data from your contact centres. Asking them to enter the numbers using the keypad of their own phone instead, either mid-call with the agent or via customer self-service IVR, reduces PCI monitoring and audits to the bare minimum. The  sensitive data is no longer available to your agents, your systems or call recordings, so compliance costs and hassle are reduced whilst customer service and trust are improved.

The agent remains on the call throughout – no handoff to an awkward IVR system – and average call times are also reduced.


CardEasy SecureLinks also provide a PCI DSS-compliant payment solution for web chat, email, SMS and chatbots

Flexible deployment 

CardEasy is a managed service, integrated with the leading industry payment gateways and telephony systems and thus easy to implement. You can rely on our in-house telecoms expertise and consultancy advice, without any need to change your existing infrastructure.


CardEasy won the PCI Excellence Award for the fourth time in January 2020 and also the Genesys 'Best Security Solution' award at Call & Contact Centre Expo in London.   

Syntec Telecom

Originally established as Syntec Telecom in 1998, Syntec is a PCI DSS level 1 Visa merchant service provider and a participating organization of the global PCI Security Standards council.

Syntec Limited. www.syntec.co.uk   t. 020 7741 2000   e. info@syntec.co.uk  
CardEasy videos and case studies:  http://www.syntec.co.uk/pci-dss-solutions/cardeasy/ 

For more information please visit https://cardstream.com/

For more information please visit https://www.comforte.com/

Eckoh is a global provider of PCI DSS compliant Secure Payment and Customer Engagement solutions via its Eckoh Experience Portal. We also offer Third Party contact centre support and Unified Agent Desktop solutions. We’ve an international client base UK and US offices.

Secure Payment Solutions

Our solutions, which can be hosted in the cloud or deployed on the client’s site, removes sensitive personal and payment data from contact centres and IT environments. This offers merchants a simple and effective way to reduce the risk of fraud, secure sensitive data and become compliant with the Payment Card Industry Data Security Standards (“PCI DSS”) and can help towards GDPR.

Solutions include

  • CallGuard – Agent-Assisted payments
  • EckohPAY – Self-Service automated payments
  • Apple Pay, Google Pay, Paypal, Pay by Bank
  • ChatGuard – web chat payment.

Why Eckoh?

We're experts in our field, transforming contact centre operations by delivering a better customer experience across every channel, boosting agent productivity, reducing operations costs and maximising payment security. With over 20 years’ of award-winning experience in contact centre solutions, our team has seen every leap in technology — and always managed to stay ahead of the curve. Our approach focuses on our clients’ business goals so once we deploy a solution we work with you as a partner, not just a supplier.

Eckoh facts:

  • 2019, 2018 & 2017 Winner PCI Excellence Awards
  • World’s first secure payment solution via web chat
  • World’s first secure payment solution for Apple Pay over the telephone
  • Payment Innovation awards for Web Chat Pay and Apple Pay via Phone
  • Level One PCI DSS Service Provider since 2010
  • Patents for CallGuard in the UK and USA
  • We process over £2 billion in card payments annually

Established in 2000, ECSC Group plc is the UK's longest running, 'full service' information and cyber security service provider.

ECSC offer a complete range of cyber security solutions and services to all sectors. Our ever-expanding client list ranges from e-commerce start-ups to global organisations, and our consultative, business-focused approach has led us to proudly count 10% of the FTSE 100 among our clients.

All of our consultants are highly qualified: our minimum qualification is the well respected Certified Information Systems Security Professional (CISSP). All of our PCI specialists are Payment Card Industry Qualified Security Assessors (PCI QSA), registered with the PCI SCC (Council) since 2007 with over 10 years’ experience individually. Not only this but our QSA’s also have ISO27001 Lead Auditor qualifications.

As one of the UK’s first ever PCI Managed Services Provider, our aim is to support any organisation regardless of size to achieve PCI DSS compliance and effective cybersecurity by providing expert, vendor independent, technical and security advice.

ECSC runs 24/7/365 managed cyber security services through our UK and Australian Security Operations Centres, combined with a range of consulting and cyber security testing services.

We are proud of our almost 20-year history, unrivalled industry reputation, and AIM market listing.

Gala Technology are an award winning company specialising in developing secure digital payment solutions predominately for the card not present (CNP) MOTO, Web Chat and Social Media channels. Their flagship product is SOTpay, winner of the 'Security Innovation Of The Year'​ at the National UK IT awards.

SOTpay is a unique piece of cloud based, PCI DSS certified software, which is quick and cost effective to deploy and is set to revolutionise the way businesses handle telephone and card not present transactions globally.

With card fraud at £566m in 2017 in the UK alone, pressure on business leaders from criminals has never been higher, hence the ongoing PCI DSS and GDPR requirements that organisations of any size must comply with or face hefty chargebacks, penalties and reputational damage.

SOTpay negates chargebacks associated with fraudulent card not present transactions and supports the business towards PCI DSS compliance by ensuring that no sensitive data enters the merchants environment and telephone agents do not handle or store any card data that may be exploited.

An extra layer of security on all telephone transactions, verifies the identity of the customer, whilst offering a familiar payment journey, thus increasing transaction acceptance, reducing processing costs, and even enables third party delivery solutions Being a cloud based solution and with the potential to work seamlessly with all payment service providers, SOTpay is simple to deploy into your organisation, without the costly expense of hardware, or the time consuming amendments to your existing telephony solution, regularly found with IVR or DTMF products.


HCE Service Limited Vision & Mission
We deliver innovative, secure and exciting mobile HCE (host card emulation) tokenization services to our card issuing customers and partners globally with the ultimate aim that their consumers can use SWIM modules on smartphones capable of end to end secure cloud messaging and off-line contactless NFC mobile payments at Points of Sales.
Securing mobile apps is now as easy as to SWIM…
At HCEservice.com, through our innovative and state-of-the-art hosted software as a service (SaaS) infrastructure, we service retail enterprises, transport, telecom, local government, and banks and other financial card/token-issuer customers.
Our SWIM (Software Wireless Identity Module) mobile app service is the major security component in our customers’ smartphone payment and messaging infrastructures. SWIM Mobile Apps provide strong cryptographic security to a wide range of applications and services on mobile devices such as Android. Our hosted wireless MAP (Mobile Application Platform) wallet server is the most advanced HCE EMV card/token issuance payment platform for most card/token issuers!
We manage for our customers SWIM Mobile Apps on consumer NFC (Near Field Communication) smartphones, which securely store card tokens as an alternative to carrying physical cards. Our unique business proposition is to provide SaaS (Software as a Service) HCE (Host Card Emulation) services to card issuers in sectors from finance, telecom, retail to transit. 
1. We offer application hosting to card issuers wishing to issue HCE tokens and process HCE payments. 
2. We customise fast and secure mobile payment ‘HCE token’ apps to our issuers’ requirements.
3. We work with Transport, Telecom and Retail Enterprises, Local Government, and importantly Bank Card Issuers.
4. We give high priority to security compliance including PCI-DSS compliance.
5. We provide greater than 99.95% uptime as typically expected within the financial IT industry. 
For further information please see: hceservice.com/

PCI Pal’s mission is to safeguard reputations and build trust.

We do this by providing our channel partners with secure payment solutions for contact centres and businesses taking Cardholder Not Present (CNP) payments. Our globally accessible cloud platform empowers organisations to take payments securely without bringing their environments into scope of PCI DSS and other relevant security rules and regulations.

With the entire product portfolio served from the cloud, integrations with existing telephony, payment, and desktop environments are flexible and proven, ensuring no degradation of service while achieving security and compliance.

With extensive operations and technical experience of the contact centre sector, we’re uniquely qualified to deliver operationally efficient cloud-based security solutions to organisations operating on a global scale.

PCI Pal has offices in London, Ipswich (UK) and Charlotte N.C (USA).

For more information visit www.pcipal.com or follow the team on Twitter:  https://twitter.com/PCIPAL 


For more information visit www.pixalert.com

Prism Infosec provides cybersecurity testing and consulting services from its offices in Cheltenham and Liverpool, UK and was established in 2006. The Company has delivered information security consultancy and assessment services to some of the world’s largest organisations. 

Uniquely, Prism Infosec’s consultants possess both business and management focus as well as a broad range of technical skills. Whether delivering advice on cutting edge information security architectural solutions, conducting management control audits, or in-depth technical penetration testing our consultants always deliver a quality end-to-end service.

It is our ethos that our clients work with professional and experienced consultants at all times and customer satisfaction is our number one priority. We always ensure a prompt and efficient service and provide deliverables that can be used effectively by our audience at any level of the business.

Prism Infosec is a Payment Card Industry Qualified Security Assessor Company (QSAC), employing experienced QSAs who always offer pragmatic assessments and commensurate advice and recommendations. Prism Infosec is also a member of CREST, the not for profit organisation that serves the needs of a technical information security marketplace requiring the services of a regulated professional services industry.

Prism Infosec maintains an ISO9001:2015 certified (UKAS-accredited) Quality Management System (QMS) which ensures that quality is at the heart of all our service offerings and client relationships. 

The Company prides itself on the delivery of a high standard of projects to its customers, across a number of our service offerings: -

  • Pragmatic PCI QSA assessments;
  • Experienced and practical advice on compliance with standards such as the PCI DSS and ISO27001;
  • Enterprise application and infrastructure penetration testing;
  • Bespoke red team engagements;
  • Mobile application reviews (iOS, Android, Blackberry, Windows Phone);
  • Social engineering, phishing campaigns and simulated cyber-attacks;
  • Cloud security assessments and advice; and
  • Risk assessments.



Semafone provides pure cloud, hybrid cloud and on-premises solutions to contact centres and all businesses accepting payments; enabling them to collect personal data securely across all customer engagement channels – including the telephone, webchat, social media, email, SMS, QR codes and more. Semafone's patented data capture method collects sensitive information such as payment card or bank details and social security numbers directly from the customer for processing. This prevents personal data from entering the business and IT infrastructure, which protects against the risk of fraud and the associated reputational damage. By ensuring that sensitive payment card data does not touch the contact centre’s network infrastructure, Semafone’s Cardprotect solutions dramatically reduce the scope for PCI DSS, reducing the cost, burden and complexity of compliance.

Semafone’s suite of solutions create a seamless, omnichannel experience that increases sales conversion rates and boosts customer loyalty, while at the same time simplifying compliance.

Semafone is trusted by leading brands to safeguard their customers, including; Admiral, AO, The British Heart Foundation, Next, RNIB, Santander, Sky, TalkTalk and parts of the Virgin Group.

Here’s why…

  • Semafone retains the leading security and payment certifications - ISO 27001:2013, PA DSS for Cardprotect when deployed on-premises and PCI DSS Level 1 Service Provider
  • Highest number of customer deployments, clients, countries, agents and years in the contact centre business
  • Securing over 200,000 contact centre seats worldwide 
  • Delivers both carrier class cloud and on-premise solutions
  • Open and flexible architecture makes it easy to deploy
  • Industry leading partners; including BT, Gamma, Genesys and Oracle
  • PCI Winner for Excellence 2017, 2018 and 2019, Best in Business International 2018 and 2019, Computing Security Excellence 2018, Nice inContact DEVone – Outstanding Partner Innovation Award.

Visit: www.semafone.com

Tel: 0845 543 0822

Email: info@semafone.com

Silver Lining is a professional IT and telecoms provider offering the very best in business IT, telecommunications, data and mobile solutions. Whether it’s business broadband, telephone systems, IT infrastructure, mobiles, or just a memorable phone number – we’re here to help.
Through trusted long-term relationships with our clients, the team at Silver Lining realised that shopping around for suppliers is an unwelcome challenge. UK businesses would rather source their IT and telecommunication solutions through a single vendor who are able to present the bespoke solutions with a consultative approach – helping you maximise your full return of investment.

Our team are communications experts, skilled and experienced from handsets to hosting and everything in between. We provide tailored solutions through our team of Splicecom, Avaya, Cisco, Microsoft, HP, VMware, Citrix, and mobile app specialists. Our combined knowledge, innovation and expertise have led to contracts with a variety of household names.

The launch of our fourth-generation cloud platform ‘RevolutionCloud’ enables us to offer a unique solution to operate and manage your entire infrastructure – differentiating our offering from those ‘off-the-shelf’ solutions available. 

Our award-winning PCI compliance solution is based entirely within our private ‘RevolutionCloud’ infrastructure. This DTMF masking solution was designed to de-scope the contact centre and bring complete security to telephone card payment services - achieving the PCI award for ‘Innovation of the Year’.

At Silver Lining, we understand every business is different, our customers range from small, single site start-ups to complex multi-site enterprises and government organisations.

Applying a consultative approach, we work closely with you to identify your exact requirements. Our unified communications services can offer improved efficiency, reduced running costs and the flexibility to easily upgrade as your business grows. We pride ourselves on thinking ‘outside of the box’ – to find a solution that truly meets your needs.

For more information visit: www.silver-lining.com

For more information please visit https://www.silverfort.com/