Reducing the Burden of PCI Compliance in the Contact Center
In recent years retailers have been among the top targets for cyber criminals.
As credit card use continues to expand and data security breaches plague organizations across industries, protecting sensitive customer data ranks among the top priorities for executives.
Since discount retailer Target reported a data breach affecting 40 million debit and credit card accounts during the 2013 holiday shopping season, more than 20 major breaches have occurred in the retail industry alone. The non-profit Identity Theft Resource Center recently reported that there were a record 1093 U.S. data breaches in 2016, compared to 780 in 2015.
Wendy’s, British Airways, CVS, Walmart, Neiman Marcus, Home Depot, Michael’s and many other national retail chains have been in the news for similar incidents. These hacks not only create a nightmare for affected cardholders, but they also damage the reputations of hacked retailers as customer trust and loyalty are eroded.
The first Payment Card Industry (PCI) Data Security Standard was published in 2004 to increase the security of credit and debit transactions and reduce fraud. Any business that accepts credit cards must meet the twelve requirements outlined in the standard to be PCI compliant and to avoid significant penalty fees.
But this is easier said than done.
According to Verizon’s 2015 PCI Compliance Report, while compliance is increasing overall, only 1 in 5 companies is fully PCI compliant. And 67 percent of organizations are not testing the security of their systems adequately.
Achieving full PCI compliance is an expensive and ongoing challenge that requires heavy investment in people, processes and technology.
One major opportunity to increase PCI compliance is in the contact center. PCI guidelines stipulate that storing credit card information after a transaction has been authenticated is not permitted, even if it’s stored in an encrypted call recording file.
Calabrio has helped many organizations reduce the burden of PCI compliance by blocking the capture of cardholder information from audio and screen recordings.
How Calabrio Quality Management Improves Contact Center PCI Compliance:
When a customer service representative accesses a particular screen or field, Calabrio ONE Quality Management automatically pauses the audio and screen recording. When the CSR leaves that screen or field, the recording automatically resumes.
The end result: sensitive information is never recorded or stored.
One of the world’s most exclusive retailers recently implemented this solution from Calabrio as part of their larger PCI efforts, ensuring that the following information is not recorded:
- The audio portion of the credit card transaction during the call
- The screen showing the credit card entry dialog box
- The keystrokes for the credit card transaction
When a customer service representative accesses the credit card entry dialog box, Calabrio’s solution sends an automated pause message to halt the recording of screen, audio, and keystrokes. Once the representative has entered the sensitive data and leaves the dialog, Calabrio ONE sends a resume command and the recording starts again. Not only does this solution support the retailers’ compliance efforts, it allows the retailer to protect its valued customers and its own prestigious reputation.
Calabrio’s Josh Rusch provided the retailer with configuration support during the two-day implementation and training process.
“This is an incredibly powerful piece of software that responds to what a customer service representative is doing in real time,” Rusch said. “Best of all, it eliminates human error such as forgetting to click the stop or resume recording button. With this solution, contact centers are assured that they are recording everything they need and that nothing is recorded that should not be stored.”
Calabrio offers both manual and automated solutions to support the PCI compliance efforts of our customers. We also offer something even more valuable in an industry in which consumer trust is essential: peace of mind.