Cybersecurity is on everyone’s minds these days, but more than anyone, it’s customers who have the biggest concerns. With data breaches seeming to happen each week, it’s not a surprise that customers are worried about who they give their financial information to. Too much worry, and customers may start to avoid doing business online or through call centers altogether.
Customers’ worries aren’t misplaced. According to the Identify Theft and Resource Center, data breaches are on the rise. In the first half of this year, there was a 21 percent increase in data breaches compared to the same period in 2013. Cyber-thieves are becoming more aggressive, and they often find ways to get around security measures that companies put in place. When it comes to contact centers, there is no measure more critical than PCI (News - Alert) compliance. The Payment Card Industry Data Security Standard is an information security standard maintained by the Payment Card Industry Security Standards Council, and it’s a critical issue for companies that handle sensitive customer information. These organizations need to understand all there is to know about PCI compliance, according to a recent blog post by VoltDelta’s (News - Alert) Lauren Maschio.
“All contact centers that work with sensitive data need to understand the different levels of PCI protection they can request of their cloud-based contact center vendor,” wrote Maschio, noting that some contact center solutions are PCI certified and some are merely compliant.
A service provider certification means that a vendor captures credit card information, but does not have a direct interface with a credit card brand for processing. Achieving compliance, something that some contact center solutions have done, means that a vendor has achieved a complex set of security requirements. It’s an important distinction to make. According to VolltDelta, any companies processing over a certain threshold of transactions is required to achieve certification with the help of a quality security auditor, or QSA.
“PCI certification (with verification by a QSA) is required if an organization is processing more than 300,000 transactions per year for Visa, MasterCard (News - Alert) and Discover,” wrote Maschio. “The mark for AMEX is 2.5 million per year.”
Companies committed to keeping personal customer information secure – a single breach can kill customer goodwill and revenue faster than the blink of an eye – should evaluate the claims of their cloud call center solutions provider when it comes to PCI compliance. Simply seeing the label “PCI” may not be nearly enough to protect customers and the business.
Edited by Alisen Downey