3 ways to tackle PCI-DSS Compliance
Many companies are still risking their business integrity by not having in place a completely safe card payment solution to protect their customer’s sensitive card details during a payment transaction.
Complying with The Payment Card Industry Data Security Standards (PCI DSS) requirements can be a challenging task, especially as these requirements cover several business areas including security management, policies, procedures, network architecture, software design and other critical protective measures.
There are a number of solutions available to assist with compliance. Here is a brief overview of the available choices and how these solutions can benefit the merchant and its customers.
Pause and resume of call recording
Pausing and resuming a call recording will stop customer’s sensitive card details from being stored within the call recording. However, agents are still able to hear the customer’s card details potentially putting customers at risk of fraud because the agent, their PC and their desk still remain in scope for the company’s PCI checks.
Agents are able to pause the recordings at any point during the call. However, incomplete call recordings may affect compliance with other regulatory bodies such as FCA and MoJ.
A pause and resume solution only ensures compliance for the call recording part of the business. Other factors such as, a clean desk environment and agent security costs still have to be considered before the business can become fully PCI compliant.
Card payment collection by automated IVR
Using the card payment collection by automated IVR allows the caller to progress through an automated system to securely collect their card details. This option removes the card details from the agent and their PC, taking the agent out of scope for PCI compliance. Some solutions allow an agent to transfer a call to an automated IVR payment collector during the course of the call. However, this solution can be less personal for the customer experience.
Phone keypad card payment solution (DTMF)
With this solution the agent and customer can continue to speak during the card payment process whilst the customer simply inputs their card details using their telephone keypad.
This type of solution will enable all calls to be 100% recorded whilst completely de-scoping the agents, the business and the centre from PCI compliance.
Customers will also feel confident that their card details are not being viewed, heard or stored anywhere within the organisation but still continue to be looked after by the agent during the whole call, thereby increasing their customer experience.
This option will be the least cost to set-up and operate of all the solutions as it will generally remove all of the business areas from the scope of PCI and make the task of becoming compliant much quicker, completely thorough and reduce the onus on the business and its staff.
For a demonstration or to learn more about our PCI solutions call our team today on 0845 313 11 11 or
Share this on social media:
We support Fusion People with their IT and telecommunications. Watch how they made an annual saving of 40%.
Contact us today for help or advice on your IT & telecoms and receive a FREE Costa!
The player supports TAB to change the controls. Update Required<br/>To play the media you will need to either update your browser to a recent version or update your <a href='http://get.adobe.com/flashplayer/' target='_blank'>Flash plugin</a>.