It's no secret that becoming PCI DSS compliant is not easy. There are lots of technical issues that need to be overcome, some of which I blogged about earlier in the year. However the biggest issue in a secure process is often the people involved. If you can limit the number of people that are exposed to sensitive data and you can limit the amount of data they can see, then the more secure you are going to be.
The ideal solution to this is if your people are never exposed to cardholder data in the first place. If you don't have the data then you can't lose it.
Thankfully there are solutions and techniques such as tokenisation that make this a reality.
Using products such as our new mid-call IVR service allows companies to offload a lot of the cost and risk of providing PCI compliance to SaaS providers such as ourselves.
You could create your own PCI DSS compliant processes and get your call centre agents to handle the credit card payments, however it's very easy to underestimate the complexity, cost and risks of doing so. If you do it properly then you are going to have to shackle your agents and remove their privacy. We believe very strongly that to deliver great service the you need to need to have happy and well motivated agents, putting further draconian restrictions on them is not the way to do this.
It just makes far more sense to concentrate on doing what you do best, providing great service for your customers, and offloading the security, fraud and compliance risks to a SaaS provider.
Share this article
About Ashley Unitt
Ashley founded NewVoiceMedia to exploit the obvious benefits of putting an enterprise-class contact centre in the cloud, and now serves as Chief Scientist, leading the architecture and research teams.
Prior to NewVoiceMedia he spent ten years at Teamphone.com Ltd developing innovative CTI software solutions including voicemail systems, hot-desking products and an open source gate keeper.
Ashley's blog will focus on security, PCI-DSS and general cloud computing issues.
Outside of work he spends most of his time running around after his two young children. You can follow Ashley on Twitter at http://twitter.com/aunitt.