Reducing the Burden of PCI Compliance in the Contact Center

Reducing the Burden of PCI Compliance in the Contact Center

/ Technology, Data Security, White Papers
Reducing the Burden of PCI Compliance in the Contact Center

A Sponsored Article by Calabrio

As credit card use continues to expand and data security breaches plague organizations across industries, protecting sensitive customer data is a top priority for executives. In recent years retailers have been among the top targets for cybercriminals.

Since discount retailer Target reported a data breach affecting 40 million debit and credit card accounts during the 2013 holiday shopping season, more than 20 major breaches have occurred in the retail industry alone. Neiman Marcus, Home Depot, Michael’s and several other national retail chains have been in the news for similar incidents. These hacks not only create a nightmare for affected cardholders, but they also damage the reputations of hacked retailers as customer trust and loyalty are eroded.

The first Payment Card Industry (PCI) Data Security Standard was published in 2004 to increase the security of credit and debit transactions and reduce fraud. Any business that accepts credit cards must meet the 12 requirements outlined in the standard to be PCI compliant and to avoid significant penalty fees.

But this is easier said than done.

According to Verizon’s 2015 PCI Compliance Report, while compliance is increasing overall, only 1 in 5 companies is fully PCI compliant. And 67% of organizations are not testing the security of their systems adequately.

Achieving full PCI compliance is an expensive and ongoing challenge that requires heavy investment in people, processes and technology. One area of investment is the contact center. PCI guidelines stipulate that storing credit card information after a transaction has been authenticated is not permitted, even if it’s stored in an encrypted call-recording file.

Calabrio, Inc., a leading customer engagement software company, helps organizations reduce the burden of PCI compliance by blocking the capture of cardholder information from audio and screen recordings.

Calabrio recently pioneered an innovative approach as a standard feature in its Calabrio ONE Quality Management solution. When a customer service representative accesses a particular screen or field, the audio and screen recording is automatically paused, and when the CSR leaves that screen or field, the recording automatically resumes.

The end result: Sensitive information is never recorded or stored.

One of the world’s most exclusive retailers recently implemented this solution from Calabrio as part of their larger PCI efforts, ensuring that the following information is not recorded:

  • The audio portion of the credit card transaction during the call
  • The screen showing the credit card entry
  • dialog box
  • The keystrokes for the credit card transaction

When a customer service representation accesses the credit card entry dialog box, Calabrio’s solution sends an automated pause message to halt the recording of screen, audio and keystrokes. Once the representative has entered the sensitive data and leaves the dialog, Calabrio ONE sends a resume command and the recording starts again. Not only does this solution support the retailers’ compliance efforts, it allows the retailer to protect its valued customers and its own prestigious reputation.

Calabrio Support Services Team Lead Josh Rusch assisted the retailer during the implementation process.

“This is a powerful piece of software that responds to what a customer service representative is doing in real time,” Rusch said. “Best of all, it eliminates human error, such as forgetting to click the stop or resume recording button. With this solution, contact centers are assured that they are recording everything they need and that nothing is recorded that should not be stored.”

Calabrio ONE, unique in the contact center software industry, offers both manual and automated solutions to support the PCI compliance efforts of its customers. It also offers something even more valuable in an industry in which consumer trust is essential: peace of mind.

Brad Snedeker

Brad Snedeker

As Calabrio's director of product marketing and customer advocacy, Brad ensures that customers have access to the best information and resources available for Calabrio products. He works directly with users to develop innovative techniques to implement workforce optimization best practices. Workforce Management and Analytics have been Brad's primary areas of focus for over 10 years.

Contact author

Nice InContact
Nice InContact
Nice InContact