De-scoping Call Centre Desktops Network and Applications from PCI DSS

Taking the complexity, cost and business change out of PCI compliant telephone payments.

De-scoping Call Centre Desktops Network and Applications from PCI DSS

De-scoping Call Centre Desktops Network and Applications from PCI DSS

Taking the complexity, cost and business change out of PCI compliant telephone payments.

Call centers or back offices taking payments over the phone have proven to be the most challenging and expensive in
satisfying PCI requirements. Most corporations have chosen to pause and resume their call recorders in order to ensure that their call recordings remain PCI DSS compliant. Some organizations have elected not to request the security code (CVV2) and to encrypt their call recordings again to meet PCI requirements (as the CVV2 cannot be stored post transaction, even if encrypted). Other organizations have gone so far as to not record calls, to avoid the PCI requirements. However, call recordings are the not the most difficult of PCI challenges for telephone payments. The real challenges lie in securing the desktops on which payments are taken and the network on which these workstations reside. A few organizations have chosen complex and often expensive DTMF tone masking solutions but these remain unpopular as they change the customer experience. Also, where these solutions are on premise, they add their own PCI zone and compliance requirements. Even cloud DTMF tone masking solutions can add additional call legs with associated call costs.

Download File

Leave a Reply

Your email address will not be published. Required fields are marked *

We take processes apart, rethink, rebuild, and deliver them back working smarter than ever before.