In recent years retailers have been among the top targets for cyber criminals. As credit card use continues to expand and data security breaches plague organisations across industries, protecting sensitive customer data ranks among the top priorities for executives.
Since discount retailer Target reported a data breach affecting 40 million debit and credit card accounts during the 2013 holiday shopping season, more than 20 major breaches have occurred in the retail industry alone. Neiman Marcus, Home Depot, Michael’s and several other national retail chains have been in the news for similar incidents. These hacks not only create a nightmare for affected cardholders, but they also damage the reputations of hacked retailers as customer trust and loyalty are eroded.
The first Payment Card Industry (PCI) Data Security Standard was published in 2004 to increase the security of credit and debit transactions and reduce fraud. Any business that accepts credit cards must meet the twelve requirements outlined in the standard to be PCI compliant and to avoid significant penalty fees.
But this is easier said than done.
According to Verizon’s 2015 PCI Compliance Report, while compliance is increasing overall, only 1 in 5 companies is fully PCI compliant. And 67 percent of organisations are not testing the security of their systems adequately.
Achieving full PCI compliance is an expensive and ongoing challenge that requires heavy investment in people, processes and technology. One area of investment is the contact centre. PCI guidelines stipulate that storing credit card information after a transaction has been authenticated is not permitted, even if it’s stored in an encrypted call recording file.
Calabrio has helped many organisations reduce the burden of PCI compliance by blocking the capture of cardholder information from audio and screen recordings.
Calabrio recently pioneered an innovative approach as a standard feature in the Calabrio ONE Quality Management solution. When a customer service representative accesses a particular screen or field, the audio and screen recording is automatically paused, and when the CSR leaves that screen or field, the recording automatically resumes. The end result: sensitive information is never recorded or stored.
One of the world’s most exclusive retailers recently implemented this solution from Calabrio as part of their larger PCI efforts, ensuring that the following information is not recorded:
When a customer service representative accesses the credit card entry dialogue box, Calabrio’s solution sends an automated pause message to halt the recording of screen, audio, and keystrokes. Once the representative has entered the sensitive data and leaves the dialogue, Calabrio ONE sends a resume command and the recording starts again. Not only does this solution support the retailers’ compliance efforts, it allows the retailer to protect its valued customers and its own prestigious reputation.
Calabrio Support Services team lead Josh Rusch provided the retailer with configuration support during the two-day implementation and training process.
“This is an incredibly powerful piece of software that responds to what a customer service representative is doing in real time,” Rusch said. “Best of all, it eliminates human error such as forgetting to click the stop or resume recording button. With this solution, contact centres are assured that they are recording everything they need and that nothing is recorded that should not be stored.”
Calabrio offers both manual and automated solutions to support the PCI compliance efforts of our customers. We also offer something even more valuable in an industry in which consumer trust is essential: peace of mind.