What is PCI Compliant?
In 2006, the Payment Card Industry Security Standards Council created a set of guidelines, standards, and regulations to protect transmitted customer information. For contact centers, “PCI Compliant” meant stricter regulations on how customer information is handled – specifically credit card data. The PCI DSS (Payment Card Industry Data Security Standard) was put in place to ensure that any company taking credit card or payment information via the phone or online meets minimum standards in protecting and securing data.
Why PCI Compliance?
Today’s ‘online world’ presents amazing opportunities for customer service professionals, while also setting the groundwork for unforeseen challenges. One of the biggest issues facing customer-facing contact centers over the last few years is how to securely handle protected information, personally identifying information, and payment details.
Not PCI Compliant?
As technology becomes more sophisticated, so do potential threats to consumer data. Contact centers are held to these strict PCI DSS compliance standards and it’s imperative that they follow them. A breach of compliance could cost an organization millions of dollars in penalties and fines. Fortunately, there are plenty of offline and online ways contact centers can ensure compliance and protect customer information.
Extensive Agent Training
A contact center’s human resources are the first line of defense against any potential security breaches. On top of detailed initial training, PCI-compliant contact centers should provide continuing education to employees that come in direct contact with customer information. Training managers and executives should stay updated on new PCI DSS standards and relay these updates to the organization as soon as possible.
Say ‘No’ to Personal Devices
One of a contact center’s most basic protocols to be PCI Compliant, should be a complete ban on unprotected devices. This mandate must apply to everyone in a contact center; from executives to phone agents in order to further protect secure customer data. This is also to protect contact center employees – a center dealing with sensitive credit card information is at greater risk of fraud, which can, in turn, affect agent data.
Strengthen Your Defenses
While internal security processes can be easily implemented and managed, external threats are more difficult. Contact centers should boost network configurations and VPN protocols for an added line of technology defense. The availability of consumer data online (social media) has made it easy for hackers to build a convincing customer profile and then use it to commit fraud.
Take Out the Guesswork
What is the best way to ensure your contact center is PCI Compliant?
Make it easy for call agents to collect, manage, and store information in a secure way. Bulky hardware or tedious processes can hinder compliance standards because they’re hard to manage. High-security workflows should be easy to implement and even easier to execute across a contact center.
How Contact Centers Can Now Be PCI Compliant
With KomBea SecureCall, contact center agents can easily handle secure information without exposing the company to compliance issues.
• Agents can deliver required customer information via pre-recorded audio tracks, that only the customer hears.
• Customers can provide credit card information via a telephone keypad rather than vocally.