Contact Center Solutions

  • Adding significant value to Qivox's Qore platform
  • Delivery of a unique PCI DSS compliant payment solution in use across the banking and utilities sectors responsible for over £1.6 trillion in revenue
  • Greenfield design and development of cutting edge communication channels

Qivox - a technology company specialising in cloud-based customer engagement - procured our services to develop channels for their Qore platform. Qivox were acquired by Aspect Software in 2013 and Qore was renamed Aspect Proactive Engagement Suite.

PCI DSS payment gateway, mobile fraud prevention, USSD templates & operator lookup

Qivox provided businesses with a comprehensive but easy to use customer engagement platform in the cloud. The product comprises of a work flow system that calls multiple communication channels such as email, SMS and telephony based on bespoke customer scripts. Our technical architecture and development services were engaged to enhance their platform.

We were asked to design and implement three new channels:

  • A payment gateway that would allow Qivox's customers to take card payments over the phone and direct funds to their choice of merchant
  • A complex mobile operator lookup system for continuous data cleansing operations
  • A USSD menu templating system to be used as an interactive alternative to SMS messaging

The merchant gateway was to be designed as a standalone service that would be deployed into a secure network, and a secondary Disaster Recovery network. We were also informed that the channel would undergo penetration testing and that it should be PCI DSS compliant. The merchant gateway was later renamed 'Aspect Collect' / 'Aspect Pay'

The mobile operator lookup system was to be used to resolve operators based on mobile MSISDNs and cleanse data records for Qivox's core SimSwap fraud prevention channel (renamed 'Aspect Verify').

The USSD templating channel would be used to send surveys to Qivox's client's customers based on bespoke scripts and work flows. This was later named 'Aspect Survey'.

In addition to channel development we were asked to perform enhancements to their core platform, to perform a number of ad-hoc data cleansing exercises, and perform an major upgrade of a high availability, high transactional database.

Qivox's customers included banks, local authorities and utility companies - all systems required 24/7 uptime and reliable messaging.

We produced all requested channels based on high level requirements outlined by Qivox's CTO, following Behaviour and Test Driven Development (BDD / TDD) methodologies. This ensured that all code was 100% covered with unit, integration and acceptance tests, and changes could be made to the solutions with confidence.

Research into PCI DSS and OWASP standards took place, solidifying our already existing software security best practices, but also educating us on the latest threats to software security. All services were designed with a focus on message and transport security using various cryptographic methods. We advised on hardware requirements, which was purchased and located in ultra secure ISO 20001 / PCI DSS compliant data centers. We managed the setup and deployment of the software from cloud-based build servers into the secure data centers.

Two 3rd parties were engaged that provided service-based APIs to be used in the solution designs. These integrations allowed us to draw upon vast amounts of industry standard data, considerably speeding up the solution design and development of the channels.

Software designs were produced for each channel, which were quickly signed-off by Qivox's CTO. Further documentation was provided and handed over to Qivox's internal development staff for future product support and maintenance.

An external company were engaged by Qivox to perform penetration testing on the payment gateway, a requirement for obtaining PCI DSS compliance. We provided documents detailing the APIs and software to be tested, and aided the external company during the test phase. Testing results were positive, with no flaws identified.

A number of existing merchants were integrated into the solution, most notably Barclaycard ePDQ, Worldpay and PayPal - the first three merchants required for Qivox's early adopting customers.

Key Features

  • Design & implementation of multi-merchant PCI DSS compliant payment gateway
  • Development of mobile operator lookup system
  • Production of USSD messaging template system for sending out surveys
  • Optimisations of fraud prevention channel

Technologies Used

mongoDBWindowsMicrosoft .Net WCFWorldpay Merchant ServicesBarclaycard ePDQASP.Net WebAPINUnitSQL ServerNuGetSQL Server Integration ServicesInternet Information ServicesJSON (JavaScript Object Notation)Microsoft .Net FrameworkgitPayPal

The Results

The channels that we developed for Qivox contributed heavily to their acquisition by Aspect Software in 2013. The merchant gateway has so far been responsible for at least £1.6 trillion of revenue for Aspect's customers and boasts 100% uptime.

The results for the penetration tests performed on the merchant gateway were perfect on the first round of testing, allowing Qivox to attain PCI DSS compliance quickly.

All developed channels are now part of Aspect Software's 'Customer Engagement Platform', their flagship product.

Want to talk to a human?

If all this text is too much, why not drop us a line? We'll talk to you in plain English.