PCI Compliance
What is PCI Compliance?

PCI DSS (Payment Card Industry Data Security Standard) is a set of security policies, tools and measurements developed by major payment brands and the Payment Card Industry Security Standards Council (PCI SSC) to help ensure the safe handling of credit and debit card information.

The standard applies to all businesses that accept credit cards, both online or over the phone – from the world’s largest corporations to individual merchants. Although the size of business will determine which specific compliance requirements must be met.

Make your contact centre fully PCI Compliant

If you handle, store, process or transmit cardholder information, your business must protect that data in line with the Payment Card Industry Data Security Standard (PCI DSS). It’s critical for your reputation and essential for your bottom line. But like many forms of regulation, PCI compliance can be complicated to manage and implement. Which is where can help.

  • Our award-winning PCI DSS Level 1 phone payment system is fast to roll out, easy to use, and highly-secure.
  • Your agents can take payments without ever hearing, seeing or touching sensitive customer details
  • Your customers’ card details never reach the contact centre or telephony infrastructure in any form thanks to DTMF suppression
  • It slots together seamlessly with your existing IVR solution, live agents, or both
  • It’s been scrupulously road-tested by FTSE 100 banks and contact centres
  • We can also provide a fully-hosted IVR payment solution
  • Totally cloud-based – no hardware or maintenance required
What are your obligations?

You must ensure your customers’ payment card data is being kept safe with every telephone transaction they make with you.

This means adhering to the PCI DSS standard that covers security management, policies, procedures, network architecture, and software design. It also means continuously assessing your operations and addressing any vulnerabilities; contact centre PCI DSS compliance is an ongoing process, rather than a one-time fix.

This may sound complicated, but the business benefits of PCI compliance are enormous – fraud protection, improved efficiency and help towards compliance with other regulations such as the FCA and Dodd Frank.

What options do you have?

In house PCI compliance

To do this you’ll need to follow and understand the PCI DSS standard, then apply it to your IT infrastructure, business processes and internal staff. You will also need to test and analyse systems, then fix and report vulnerabilities.

This option is possible, but it is expensive to manage, resource intensive and may leave you open to security breaches because you still store the data within your infrastructure. PCI Compliance isn’t a one off project, it’s a day to day obligation.

Outsource PCI compliance

By removing sensitive card data from your call centre entirely, you significantly reduce the burden of having to comply with contact centre PCI DSS, and you lessen the risk of security breaches. Outsourcing is also, typically, much more cost-effective.

That’s where we come in. We provide all the software tools you need to keep sensitive data away from your call centre and fully secure at all times. This includes, DTMF processing, IVR options, and legacy call recording storage and retrieval.

Want to chat?