PCI DSS Compliance: Technology discussion at CallCentreVoice

CallCentreVoice Topic PCI DSS Compliance

Created by:
Statistics:
Forum:
Quick links:
jeremy jackman on 25/10/2007 15:49:08.
Topic has 8 posts; viewed 1117 times.
Technology [This topic is read only]
Forum List | Unified View | Latest Posts
Popular Topics | Editor's Choice | Voices WebLog

Author

Comments

jeremy jackman Consultant Alternative Technology 9 posts 0 friends welcomed	PCI DSS Compliance [25/10/2007 15:49:08]
	I've seen some emails about this. Does anyone understand what it all means?

Paul Miller Technical Support Centric 2 posts 0 friends welcomed	PCI compliance [25/10/2007 16:26:56]
	If you mean PCI compliance for handling any credit/debit card details. With regards to call recording, I understand for PCI compliance it is necessary to switch extension side recording off when credit/debit card details are given.

John Storrie Business Support Manager Collections Company 49 posts 1 friends welcomed	Payment Card Industry Data Security Standard [26/10/2007 08:40:39]
	Hi, PCI DSS is basically a standard endorsed by major Credit/Debit card providers and should be adhered to if your company accepts or stores Credit/Debit card information. It's not a law kind of more like industry compliance guidelines. Here's a link to the website. https://www.pcisecuritystandards.org/index.htm

jeremy jackman Consultant Alternative Technology 9 posts 0 friends welcomed	PCI DSS Compliance [29/10/2007 14:22:31]
	I've read that VISA and other card providers are set to charge "fine" Companies heavily if there is a case where cardholder data laxity is traced back to a company and that the company may lay itself open to being sued for large amounts by the cardholder. Has anyone heard of software to avoid this?

Cam Ross Sales Manager Veritape Ltd 12 posts 0 friends welcomed	PCI DSS compliance and recorded calls [2/11/2007 12:06:09]
	A previous post from Paul Miller mentioned PCI DSS and recording of telephone calls. Recording is not required to stop during the taking of the actual credit card number itself (1234 1234 1234 1234), but companies are not allowed to store (in any form including audio) the 3- or 4-digit security code from the back of a card. (With the disclaimer that I work for Veritape), you may be interested in some further information related to PCI DSS and recording telephone calls we posted recently here . CR.

James Tapp 19 posts 0 friends welcomed	Visa additional charges [5/11/2007 16:51:21]
	Companies are likely to pay higher charges to the card companies if they are not PCI DSS compliant. The standards also call for encryption (depending on your recording architecture) and a strong audit trail capability to be able to review who has listened to what and when. If you use screen recording then some data needs to be masked at the point of recording. This has become a hot topic for any organisation that handles card transactions - but the big companies are going to be hit the hardest and first.

James Tapp 19 posts 0 friends welcomed	Additional Information [5/11/2007 16:57:28]
	With respect to Jeremy Jackman's question - all of the major call recording solution providers have claimed PCI-DSS compliance. I beleive that some are further down the line than others but if you stick with a major player you should have a solution available shortly. Despite what Cam's article says - you can be PCI compliance in a trunkside recording solution.

jeremy jackman Consultant Alternative Technology 9 posts 0 friends welcomed	PCI DSS Compliance [6/11/2007 15:07:45]
	If you were running on a hosted platform, which Company would you go to to obtain a compliant package?

		In Read Only View, you cannot reply to any topic