The Payment Card Industry Data Security Standards Council (PCI DSS) is an open standard established to protect consumers against fraud when electronically transmitting personal information. Contact centers of all sizes and across multiple industries use PCI DSS certification to ensure a safe cardholder data environment.
Compliance is Sometimes Easier Said Than Done
For enterprises, however, compliance is sometimes easier said than done. This is due to the fact that many contact centers store personal billing and contact information in computer databases for the purpose of expediting transactions and providing better customer service. Combined with the fact that many customer contact centers are in the process of migrating to cloud technology, sensitive consumer information can be put at risk. The transmission and storage of such information by contact centers must be monitored for the consumer’s sake.
Managing Customer Information Requires More Than Just Monitoring
These days, however, vigilant monitoring also means being on the lookout for cyber security breaches. In fact, 27 million new malware strands were detected in 2013 alone. This is a rate of about 74,000 new strands per day. Therefore, managing customer information requires more than just monitoring for internal fraud. It must be an ongoing system of inspection and diligence to ensure that clients are safely protected at all times, including from outside intrusions.
For companies that fail to comply with PCI guidelines, hefty fines can accrue. According to the PCI Compliance Guide, in the case of a security breach, a payment brand can fine a merchant up to $100,000 per month at their discretion for a violation. A merchant will then pass the fine downstream until the party responsible is held accountable. Additional penalties include increased transaction fees and possible account termination by the card issuer.
For more information on how to best protect your contact center and your customer’s confidential information, Cloud Applications Security: PCI DSS Guidelines for Cloud Service Providers.