If you're a call center and you sell anything, or even simply facilitate sales, you're probably storing personal financial data in the form of payment cards in your call center. Even if you're not storing the information, chances are you're inputting the information somewhere.
Chances are also good that if you record calls for quality, performance management and training purposes, the data is getting stored anywhere – even if indirectly and you never intend to actually use the card data again.
If you do this, then out of necessity, you must be complying with Payment Card Industry Data Security Standards DSS, otherwise known as PCI DSS.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard with which those companies handling cardholder information for the major debit, credit, prepaid, e-purse, ATM and POS cards must comply.
Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls and security around cardholder data to reduce credit card fraud as a result of data loss or theft. Validation of compliance is done annually by an external qualified security assessor (QSA) for organizations handling large volumes of transactions, or by self-assessment questionnaire (SAQ) for companies handling smaller volumes.
If you do comply with PCI DSS, you’ll know that compliance can be costly, but the stakes of non-compliance are far higher. Even if you store data according to PCI DSS, you’ll know that the scary possibility of losing customer data still exists. You probably know your call center can do better, but you have no idea where to begin.
On Tuesday, October 30, 2012, at 2:00 pm EST (11:00 am Pacific), Cybersource and Trustwave will present a Web event called “Zero Payment Data: Keep Call Centers and Phone Interactions Secure.”
Attendees of the Web event will learn the following:
To register for the event, or for more information, click here.