Ultracomms, a provider of PCI DSS compliant secure telephone payment solutions, has warned businesses that they must urgently review the way they take card payments over the phone after the Payment Card Industry Security Standards Council (PCI SSC) issued the latest update to its guidelines for telephone payments.
The revised guidance issued last month by the Payment Card Industry Security Standards Council (PCI DSS) reiterates the risks for businesses who continue to use Pause and Resume methods for processing telephone card payments.
Updated for the first time in seven years, the guidelines clearly state that removing payment card data from the contact centre environment is the only secure solution to prevent fraud attacks and ensure compliance.
Businesses which use Pause and Resume as part of their payment processing strategy are not out of scope for PCI DSS. Pause and Resume only removes the call recording and storage systems from scope, but not the agent, agent desktop environment, or internal telephone systems. This leaves businesses and their customers open to the risks of card data fraud, investigations by a PCI forensic investigator, substantial fines, and of course, the reputation and brand damage that would result.
Welcoming publication of the revised guidance, Derwyn Jones, CEO of Ultracomms, said: "We are delighted to see the PCI SSC’s latest guidance which provides greater clarity on the measures businesses need to take to ensure they protect consumers, de-scope their contact centre environment, and remove their business risk in this area.
"More businesses need to be aware that the Pause and Resume processes they currently use do not de-scope the contact centre agent, the agent desk-top or the telephone system, and therefore, still present a significant data security risk. Completely removing your contact centre environment from PCI DSS scope using technology such Dual-tone-Multi-Frequency (DTMF) masking is the only sure-fire way to guarantee compliance."
Europe's first cloud based contact centre services provider. Providing PCI DSS level 1 certified enterprise cloud and on-site contact centre services.
Published: Wednesday, December 5, 2018
Branch Employer Payments Platform - Earned Wage Access
Give employees instant access to a portion of their earned wages before payday! Branch helps businesses modernize their payment methods to empower working Americans. Earned wage access—with no-fee banking and access to a digital wallet and free debit card—are just some of the tools in our fast, free, and flexible platform. With Branch, businesses streamline existing payroll processes, save money, and provide faster payments and free digital banking to their employees—no pre-funding or capital required.
Securing payments for on-premise or remote agents for telephone, IVR, web, mobile, Chat and Chatbot.
A patented technology that is flexible way to take secure, PCI DSS compliant payments via live agents over the telephone, web, Chat, Chatbot, or IVR. No sensitive data enters the contact centre environment so, agents do not see, hear, store or record any card or personal details.
CallGuard can be deployed in various ways to fit the way your contact centre works. The solution can de-scope all, or parts, of your contact centre from the scope of PCI DSS compliance and works just as well for on-premise or home/remote working agents.
ChatGuard makes payments in Chat PCI DSS compliant and...
PH: 01442 458300
Award-winning PCI compliance phone and multi-channel payment application.
PayGuard® is easy to deploy, very easy for agent to use from the office/contact centre or from home and is affordable.
PH: 03333 660 160