NEXTGEN-TV PROGRAMMING
NOW PLAYING
Starting on the hour every hour today
Coming up this Week
A primary means today of complying with PCI data privacy regulations for contactcenters is to pause and resume the call recording system so as not to capture parts of the customer call in which sensitive information (i.e. credit card data, social security number, etc.) is being given.
In many cases, this method works in terms of keeping personally identifiable data off the call recorder. But that is where the value stops.
Sure, the call recording system won’t have a recording of the customer verbalizing his/her sensitive information when pause/resume works, but what about the agent hearing the data live? That can be a potential failure point. And what if the pause feature on the call recording system fails or the agent forgets to push the pause button? That’s another potential failure point.
In larger contact centers with bigger budgets, sometimes desktop analytics is added to the call recording system to trigger events based on the agent’s screen navigation, and this can also be set up to prompt a pause in the call recording. For example, if an agent navigates to the credit card payment page, the call recording system can be configured to send a pause command to the recording system. Once the agent navigates away from the payment page, the recording would then be prompted to resume.
Desktop analytics can certainly bring significant value to a contact center, but it also comes with a hefty price tag and substantial upfront and ongoing programming work to make all the triggers work properly. Add to that the fact that every time the agent’s desktop is updated, there may need to be some updates made to the desktop analytics to comply with what’s changed. This can add significant time and money to the call center’s total cost of ownership, especially when you consider that it takes a team working for months with the call recording company to configure all of the triggers. A final note here is that the desktop analytics system is far from fool proof and it can fail to send the pause trigger. When this happens, the company is at risk.
When it comes to compliance with strict regulations like PCI and HIPAA, contact centers can’t afford to play around. PCI-DSS clearly states, for example, that vendors/merchants cannot store recordings containing the verbalization or screen capture of credit card data. Each time there is a failure point with regard to pausing/resuming the call recording system, the company leaves itself vulnerable to severe penalties such as loss of merchant credit card privileges, fines and more.
A more comprehensive list of potential failure points with pause/resume call recording features includes:
With the pausing/resuming of call recordings, quality assurance teams are also not able to get the full picture of the call. Supposes an agent who does nothing but capture payment from customers (via credit card) needs to be evaluated by the quality team. Every one of his/her calls will be incomplete. What happens if the agent makes a navigational error during each call which wastes a lot of time? What happens if the agent is rude during the credit card capture portion of the call? Evaluators would never capture this as those portions of the call would be erased via pause/resume.
What’s more, in a pause/resume scenario, merchants/vendors also need to make sure their contact center is equipped with CTI technology that will at least alert contact center management when pause/resume failure occurs so those recordings can be properly handled. Without such capabilities, these sensitive call recordings can put the company at risk.
A viable solution to this problem is DTMF data capture of sensitive customer data. The customer simply keys in his/her credit card number (for example) via their telephone keypad and the data is captured, encrypted in a server and never touches the agent’s desktop when captured. The data is immediately routed to the payment processor, without ever touching the call recording system. Many call centers today are starting to employ such DTMF technology. As its adoption becomes more ubiquitous, the recurring pause/resume challenge will diminish and no longer be an issue. But, until that time, contact centers need to be aware of their vulnerabilities.
Publish Date: February 4, 2016 12:34 PM |
NEXTGEN-TV PROGRAMMING
NOW PLAYING
Starting on the hour every hour today
Coming up this Week
Nathalya Wani Sabu Executive Vice President PT. Bank Central Asia, Tbk |
Bharat Parshotam Head Direct Delivery Absa |
Nuryanto - Head of CSM Operation Bukalapak |
Emmanuel Omoike Team leader QPhoto Pty |
Sindhu Porwal Deputy Vice President ICICI lombard |
Aymen Ismail Head of Customer Engagement Solutions smart Europe GmbH |
Danny Singer Founder& Chief Product Officer Noetica |
Pooja Raiyani Vice President ICICI Lombard GIC Ltd |
Ben Oxford Head of Digital Crisis Support Services Lifeline WA |
Zulkifly - Internal Auditor BPDPKS-Directorate General of Treasury |
I am checking out all the amazing and daily updated content on ContactCenterWorld.com and networking with professionals worldwide
Send To Friends Post On My Wall