Coping with PCI DSS Payment Standards: New Ideas for Call Centers
October 23, 2012
If you're a call center and you sell anything, or even simply facilitate sales, you're probably storing personal financial data in the form of payment cards in your call center. Even if you're not storing the information, chances are you're inputting the information somewhere.
Chances are also good that if you record calls for quality, performance management and training purposes, the data is getting stored anywhere – even if indirectly and you never intend to actually use the card data again.
If you do this, then out of necessity, you must be complying with Payment Card Industry Data Security Standards DSS, otherwise known as PCI (News - Alert) DSS.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard with which those companies handling cardholder information for the major debit, credit, prepaid, e-purse, ATM and POS cards must comply.
Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls and security around cardholder data to reduce credit card fraud as a result of data loss or theft. Validation of compliance is done annually by an external qualified security assessor (QSA) for organizations handling large volumes of transactions, or by self-assessment questionnaire (SAQ) for companies handling smaller volumes.
If you do comply with PCI DSS, you’ll know that compliance can be costly, but the stakes of non-compliance are far higher. Even if you store data according to PCI DSS, you’ll know that the scary possibility of losing customer data still exists. You probably know your call center can do better, but you have no idea where to begin.
On Tuesday, October 30, 2012, at 2:00 pm EST (11:00 am Pacific), Cybersource and Trustwave will present a Web event called “Zero Payment Data: Keep Call Centers and Phone (News - Alert) Interactions Secure.”
Attendees of the Web event will learn the following:
- PCI DSS Standards for physical environments, recordings, infrastructure, and networks
- Best practices for securing call centers
- How hosted IVR solutions can reduce your PCI DSS scope and deliver process control
- How intelligent IVRs provide exceptional customer experience
- CyberSource (News - Alert) Secure Acceptance IVR solutions
To register for the event, or for more information, click here.
Edited by Braden Becker