Cookie Preference Centre

Your Privacy
Strictly Necessary Cookies
Performance Cookies
Functional Cookies
Targeting Cookies

Your Privacy

When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, your device or used to make the site work as you expect it to. The information does not usually identify you directly, but it can give you a more personalized web experience. You can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, you should know that blocking some types of cookies may impact your experience on the site and the services we are able to offer.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site may not work then.

Cookies used

ContactCenterWorld.com

Performance Cookies

These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site.

Cookies used

Google Analytics

Functional Cookies

These cookies allow the provision of enhance functionality and personalization, such as videos and live chats. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these functionalities may not function properly.

Cookies used

Twitter

Facebook

LinkedIn

Targeting Cookies

These cookies are set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant ads on other sites. They work by uniquely identifying your browser and device. If you do not allow these cookies, you will not experience our targeted advertising across different websites.

Cookies used

LinkedIn

This site uses cookies and other tracking technologies to assist with navigation and your ability to provide feedback, analyse your use of our products and services, assist with our promotional and marketing efforts, and provide content from third parties

OK

Upcoming Events

TRAINING IN CONTACT CENTERS

How To Enter the 2020 Members' Choice Awards - For Vendors

HOW TO CELEBRATE INTERNATIONAL CONTACT CENTER WEEK

EMPLOYEE ENGAGEMENT

HOME AGENT TECH & ENVIRONMENTS

Article : Five Reasons Why Every Contact Centre Should Have A PCI DSS Compliance Programme In Place

#contactcenterworld, @encodedivr

With Christmas fast approaching, contact centres are preparing for an escalation in calls and transactions that the festive season brings. However with payment card fraud continuing to rise and data theft constantly in the news, just look at the recent cyber attack on the Talk Talk consumer website, non-PCI DSS compliant contact centres could be risking more than just a fine.


1) News Travels Fast

Survey findings from the Contact Babel, The UK Contact Centre Decision-Maker's Guide 2015, worryingly revealed that almost a third of medium sized organisations have no compliance programme in place. With several versions of the standard now available via SAQ (Self Assessment Questionnaire) there is little argument as to why a programme shouldn’t be at least road mapped.

In the age of social media, where good news travels fast and bad news even faster can a brand afford for clients’ card data to be lost with the resulting PR backlash?

Referring to the downloadable PDF of the VISA Merchant Agents List to engage with a trusted advisor is a useful first step to vetting vendors and avoiding fines and lawsuits, in the event of the unthinkable happening and customer card data being stolen.

2) The Buck Stops With The Merchant

Delivering a good customer experience is about more than swift call response times. Paying for goods and services remotely is the norm for consumers and they expect their personal card account information to be kept safe. Every contact centre that accepts credit and debit card payments over the telephone is responsible for safeguarding their customer’s information and can be held liable for security compromises.

The Payment Card Industry Data Security Standard (PCI DSS) is intended to protect cardholder data wherever it resides and failure to comply with PCI DSS can result in hefty fines, not to mention the damage to reputation and lost sales. By complying with PCI DSS, merchants and service providers meet their obligations to the payment eco-system and build a culture of security that benefits everyone.


3) PCI DSS Compliance Is Not A One Off Exercise

PCI DSS is a change in mind-set, a change in attitude towards the handling of card data. It’s not like other industry accreditations where organisations can prepare the night before an audit and scrape a pass. It is the implementation of security procedures that will underpin the company’s behaviour when dealing with payments as well as how networks are designed, plus how access is granted and logged.

PCI DSS compliance must be revisited every year and that takes time and resource, it is effectively a full time job. Employing a compliance officer, who has the complete support of the contact centre management and the authority to update the status quo, ensures the required changes are driven through.


4) Awareness Is Increasing

The Payment Card Industry Data Security Standard (PCI DSS) was originally the brainchild of the world’s five largest payment card providers VISA, MasterCard, American Express, Discover and JCB International. Today, it is a global framework that provides guidance on how to process, store and transmit information about payment cards and their owners, with the aim of reducing the incidence of card fraud and promoting best practice in information security.

In the event of a loss of data or cards being used fraudulently, fines are passed down the chain from VISA and MasterCard at the top to the merchant/retailer at the bottom. The consumer doesn’t suffer financially as measures are in place and assurances given to prevent this happening.

However, if something goes wrong, consumer brand loyalty can quickly fade.Customers transact with an organisation because they feel confident that their payment cards will not be compromised, their personal details are secure and their identities cannot be stolen.

In the event of a security breach individuals will be inconvenienced and could suffer emotional distress at the thought of their details being stolen and used fraudulently. This could lead to a reduction in customer confidence in both the method of payment and the retailer who caused the problem. Reactive contact centres could find themselves quickly playing catch up as their customers vote with their feet.


5) Becoming And Remaining PCI DSS Compliant

Every contact centre that accepts credit and debit card payments over the telephone needs to be PCI DSS compliant. However, what many contact centres don’t realise is that PCI DSS covers the entire trading environment, meaning all third-party partners and vendors that handle card data on their behalf or supply services where card data is transmitted, must also comply before full PCI DSS compliance is achieved.

The latest version of PCI DSS introduced a new requirement compelling service providers to supply a "Responsibility Matrix" which defines who is responsible for each of the 300+ PCI controls; namely the client, the supplier or both. It is worth stating at this point that PCI is not intended to trip up organisations or waste time; it is intended to secure cardholder data. Achieving PCI DSS compliance increases trust between an organisation and its partners and suppliers and boosts customer confidence.

The best way to minimise future costs as the standard evolves is to take good advice in the first place. Minimise exposure to the primary risk areas such as staff and infrastructure. Invest in training and education on the PCI DSS standard in order to have the talent in house and work with payment organisations that are themselves Level 1 PCI DSS compliant. Remember there is no such thing as a compliant software solution.

The moral of the story is - put a checklist in place, work with the right payment solution provider, get a compliance programme underway and have a safe, secure and profitable Christmas.


About Encoded Ltd.:
Company LogoEncoded provides interactive voice response solutions and automated payment solutions. Encoded has invested in achieving the highest level of PCI DSS compliance. It has a Level 1 Attestation of Compliance (AOC) which applies to organisations that store, process and/or transmit more than 300,000 Visa transactions per year it also appears on the Visa Europe Merchant Agents List.
Company RSS Feed   Company Twitter   Company LinkedIn   Company Profile Page

Today's Tip of the Day - Lost Opportunities!

Read today's tip or listen to it on podcast.

Published: Wednesday, November 25, 2015

Printer Friendly Version Printer friendly version

2020 Buyers Guide Training

 
1.) 
CTCOMM

Call Centers
Contact Centers
Admin Training
Supervisor Training

2.) 
Davis-Mayo Associates

"Service Excellence" Customer Service Training
Live onsite training for your teams. Experienced by more than 450,000 people in 48 US states and 18 countries. No-nonsense approach by our experts with field-test content customized to your situation and using your scenarios.

3.) 
Lieber & Associates

Training Executives, Managers, Supervisors, and Reps
Lieber & Associates provides training for all levels of the contact center team. The firm customizes its off-the-shelf trainings to meet your specific company needs,

Executive and manager sessions address topics such as customer experience, metrics, technology, AI, and video calls. Supervisor sessions train your leaders to better coach and motivate reps. Phone staff modules include sessions on customer service, order-taking, cross-selling, handling difficult calls, phone "soft skills," and more.
PH: +1-773-325-0608

4.) 
Manitoba Customer Contact Association

Making Training and Development Part of Your Corporate Landscape

Organizations are always on the look out to save money and make more profit. Usually when it comes to crunch time some leaders will scrap training in order to tighten the belt. The downside of this is the cycle it creates.

Because some employers see training as a flexible benefit, employee development is often taken off the table. When employees don’t feel valued it becomes easy to see a revolving door. The constant need to hire goes up which ultimately means costs go up; we know that hiring costs more than retaining the right people.

Start the conversation: Explore our Training Page http://www.mcca.mb.ca/train...
(read more)
PH: 204-975-6468

5.) 
Orion Learning Services Inc.

Learning & Development
Learning & Development for Agents, Supervisors, Managers and Administration/Support Staff

Orion Learning is a global leader in providing accredited learning and development solutions for organizations globally. We offer call/contact center certification programs for Agents, Supervisors and Managers, business certifications and examinations for wide range of topics including project management, change management and service management, leadership soft skills and a full suite of assessment tools which can be used for recruitment, talent management, succession planning and coaching/mentoring. We deliver our solutions to global community and all of our solutions are delivered digitally.
PH: 1-416-992-5158
 
Submit Event

Upcoming Events

15th annual Best Practice Conference - this is the contact center world's most highly rated event - a whopping 100% of delegates say they would recommend it!

100's of best practice tips and ideas from contact center professionals Read More...
 7
 10327 
Share

Latest Americas Newsletter
both ids empty
session userid =
session UserTempID =
session adminlevel =
session blnTempHelpChatShow =
CMS =
session cookie set = True
session page-view-total =
session page-view-total =
applicaiton blnAwardsClosed =
session blnCompletedAwardInterestPopup =
session blnCheckNewsletterInterestPopup =
session blnCompletedNewsletterInterestPopup =