For the first time in over seven years, the Payment Card Industry Security Standards Council (PCI DSS) have updated their guidance document.
They have strongly reiterated their advice about the risk to businesses and contact centres who continue to use “Pause and Resume” methods for processing telephone card payments.
Updated guidelines clearly state that removing payment card data from the contact centre environment is the only secure solution to prevent fraud attacks and ensure compliance.
To quote section 6.5.1
“Pause-and-resume technologies may be manual or automated, and whilst a properly implemented pause-and-resume solution could reduce applicability of PCI DSS by taking the call-recording and storage systems out of scope, the technology does not reduce PCI DSS applicability to the agent, the agent desktop environment, or any other systems in the telephone environment”
Please note, your organisation must urgently review the way they take card payments over the phone.
I enclose a copy of the full guidance document. PCI DSS regulations apply to any organisation that stores, processes or transmits cardholder information, from any known credit or debit card including Visa, MasterCard and American Express.
SVL are happy to offer you a free initial consultation and review, regardless of contact centre size, if you are in any doubt about the compliance of your system.
You would even have the choice to bring your own SiP trunks or we can supply competitive SiP trunks from our secure cloud-based PCI Solution if your situation required.
Please contact us on 01355 900 000 or email email@example.com
Our Consultant Rohan Newton outlines the impact of the new Strong Customer Authentication law which comes into place on 14 September 2019READ MORE
Anne Holmes talks about our first Employee Engagement/WFM networking event, held on 22 May in Glasgow. A large audience heard speakers from EE, NICE, SVL and Student Loans Company talk about the future of EEM/WFM and lead discussions.READ MORE