Payment Links vs Payment Over Phone for Law Firms

Law firms handle some of the most sensitive financial transactions in professional services. Conveyancing completions, retainer fees, disbursements, settlement payments; getting law firm payment processing right matters, both for security and client trust. So why do so many firms still default to taking payment details over the phone?

It is usually a habit, not a necessity. And increasingly, that habit is becoming a liability.

What “payment over phone” actually means

When a client pays over the phone, they read out their card number, expiry date and security code while the person on the call manually enters the details. It is a card-not-present transaction, exempt from Strong Customer Authentication, which means none of the usual verification — PIN, Face ID, fingerprint scan, in-app approval — applies.

That exemption is precisely where the risk lives. Remote purchase fraud cases in the UK increased by 22% in 2024, with losses approaching £400 million, according to the UK Finance Annual Fraud Report 2025. A significant portion of that fraud involves stolen card details used in telephone transactions. If a disputed payment lands at your firm’s door, the burden of proving it was legitimate sits with you and verbal authorisation alone rarely holds up.

Beyond fraud, there is the question of PCI DSS compliance. Any firm taking card details verbally must have rigorous processes in place to ensure those details are never written down, stored insecurely, or exposed through call recordings. That is a compliance overhead most practices would rather avoid.

Why payment links are a better fit for law firms

A payment link removes the need for clients to share sensitive details with anyone. Instead of reading out a card number, the client receives a secure link by SMS or email. They open it, choose how they want to pay, and complete the transaction themselves.

That choice matters. Through Atoa, clients can pay by card or by Pay by Bank, directly from their UK banking app, using biometric authentication. Both update your records automatically. Neither requires a member of your team to handle card data at all.

For law firms, this creates several immediate advantages. Fraud risk drops significantly because authentication happens between the client and their bank, not verbally through your office. Chargeback exposure reduces, since both payment types carry verifiable consent. Data handling is cleaner and PCI DSS compliance becomes easier to maintain. And the experience for clients is genuinely more professional, a secure, branded payment link feels considerably more considered than being asked to read out sixteen digits over a phone call.

How this works in practice

A business creates a payment request in the Atoa dashboard and sends a link directly to the client’s phone or email. The client taps the link, selects their preferred payment method (Pay by Bank or card) and completes authentication in seconds. The firm sees confirmation in real-time and the payment reconciles automatically.

Pay by Bank is particularly well suited to higher-value transactions that are common in legal practice. There are no chargebacks, settlement is fast, and fees are lower than card processing rates. For clients comfortable banking on their phones, it is also the simpler of the two options.

The bottom line

Taking payments over the phone is not a neutral choice. It carries fraud risk, compliance obligations, and operational overhead that quietly accumulate. Payment links handle remote law firm payment processing more securely, with less internal burden and a better client experience to boot.

Book a demo with the Atoa team to see how secure payment links work in practice.