The Contact Center is often the hub for CNP or Card Not Present payment transactions. The transmittal, processing, and storage of payment transaction data carries with them an obligation for Payment Card Industry (PCI) compliance. By ensuring your contact center is PCI DSS compliant, you are also protecting your business – both financially and legally. A single data breach is now estimated to cost a company $3 million on average. Damages to your reputation and perhaps the demise of your company could be more costly.
PCI Pal is a multi-award-winning cloud-based secure payments provider specializing in PCI DSS Compliant – Card Not Present (CNP) payment solutions for contact centers. AVDS has partnered with PCI Pal to bring the very best in PCI DSS security and compliance to your contact center.
What is PCI DSS Compliance?
The Payment Card Industry Security Standards Council (PCI SSC) was formed in 2004 by Visa and Mastercard. It created a set of 12 mandatory rules designed to protect payment transaction data.
Compliance requirements are clearly stated. Every business that handles cardholder information must do so in a manner that secures and protects the data using the following 12 requirements.
- Install and maintain a secure firewall
- Use unique passwords (rather than defaults)
- Encrypt stored data
- Encrypt data during transmission
- Keep anti-virus software current and updated
- Regularly check systems and applications are secure
- Ensure access is restricted to only those who need it
- Make sure those with access have a unique user ID
- Ensure physical access to data is restricted and controlled
- Make sure access to network and data is tracked and monitored
- Regularly test security systems and incident response plans
- Have a clear information security policy
Adherence to these requirements will ensure PCI DSS compliance for your contact center. However, PCI compliance doesn’t automatically reduce risk or increase security. PCI DSS compliance is not a legal requirement, yet it does ensure compliance with the Data Protection Act – protecting you legally should the worst happen.
What’s the worst that can happen?
If a system is compromised and the company is found not to be PCI DSS compliant, the business could face severe penalties, such as brand damage, lawsuits and legal costs, share price drop, job losses, insurance claims, regulatory fines, higher banking fees, and potentially, the loss of ability to accept card payments.
Click here to find out if your contact center is in compliance: https://www.avds.com/solutions/contact-center/pci-pal/
There is much to know. Have you reviewed your PCI DSS compliance strategy? Are you protecting your business against the consequences of a data security breach? The Team at AVDS can help answer these questions and help you plot your course for compliance and peace of mind. You don’t have the time to let this one wait. Contact AVDS TODAY and speak with an expert data security consultant.
Director of Sales & Marketing, Engineer, Photographer, Storyteller, Family Man…