by Bob | Oct 22, 2015 | Uncategorised
Experts Compliance3 highlight the technologies and processes continuously overlooked by contact centres which ensure card payment security By SLS Marketing – 22 Oct 15 London, 15th January 2015: Compliance3, a company that helps contact centres achieve and maintain PCI DSS compliance, has highlighted the technologies and processes contact centres should implement in 2015 to reduce the increasing risk of breaches, reputational damage and revenue loss. Ensuring card data is not ‘captured’: allowing card data to enter the business environment when exchanging data with trusting customers for payments, renders the merchant liable to extensive, expensive PCI DSS compliance obligations. Ideally, card data needn’t enter the business environment. Legacy recordings: using pause/ resume technologies to pause call recordings at the point of payment will allow card details to be provided to the advisor by the customer but they should prevent their storage, however many of these technologies are dependent on the advisor and are notoriously unreliable, meaning that many merchants may be storing card data unnecessarily. Implementing payment technologies such as DTMF or IVR: DTMF(Dual Tone Multi Frequency) uses the frequencies from handset keypad tones to determine which numbers have been entered, and IVR (Interactive Voice Response) is a voice-response technology that achieves the same purpose. Both solutions eradicate the risk of allowing the agent to capture card details. Applying the full PCI DSS programme: version 3.0 became mandatory from January 2015 and enables a business to be fully compliant with all card scheme requirements. Contact centres from small, niche operations to those representing major high street brands, despite a steep increase in “card not present” fraud, still need to embrace the...