Nowadays, call recording is becoming a must-have phone system feature for modern enterprises to track agent performance and assess service quality. In some industries like the finance sector, it’s even compulsory to record every client call.
Given this context and the fact that credit card payments are being accepted over the phone more than ever before, it’s critical for businesses to maintain regulatory compliance while recording calls between staff and customers. One of the most common regulations is the Payment Card Industry Data Security Standard (PCI DSS).
In this article, we’ll explain what PCI DSS is and what you should do to stay compliant without affecting customer service.
PCI DSS: What it is and Why it Matters
What is PCI DSS?
Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards established by the PCI Security Standards Council to ensure the protection of sensitive cardholder data and mitigate the risk of credit card fraud. The regulation applies to any organization that handles payment card transactions, regardless of size or industry.
The PCI Security Standards Council was formed in the year of 2006 by major credit card brands including American Express and Mastercard with the mission of enhancing global payment account data security.
Why is PCI DSS Compliance Important?
Compliance with PCI DSS is mandatory for businesses that process, store, or transmit payment card information.
According to the regulation, the three-digit CVV number of credit cards should not be recorded or defined in call records. If a customer reads out his card details to your agent and those details are captured in the call recording, you may be in breach of PCI DSS regulations and face penalties.
By adhering to PCI DSS, businesses can demonstrate their commitment to safeguarding cardholder data and preventing potential credit card fraud, hence maintaining customer trust.
Record Calls Without Risking Compliance with Yeastar
Yeastar provides companies with an easy-to-use solution to stay compliant with PCI DSS while recording customer calls.
With the Yeastar P-Series Phone System, extension users and call center agents can manually pause the recording as customers read out sensitive cardholder data like CVV numbers and resume afterward. This means no credit card data will not be recorded at all and agents can still stay on the phone to continue the service. Also, the pause-and-resume operation can be quickly performed either by pressing the button on Yeastar’s call window or dialing a pre-configured feature code.
Thanks to Yeastar’s pause-and-resume method, system administrators don’t have to disable the Call Recording feature entirely in order to stay compliant, while center supervisors can still take advantage of the recording for agent training and service quality assessment.
How to Set Up?
System administrators can grant permissions to start/pause/resume call recordings for specific users in the Management Portal of the Yeastar P-Series Phone System. For more information, please refer to our Administration Guide: Cloud Edition | Software Edition | Appliance Edition.
Businesses that Place High Values on PCI DSS Compliance
Businesses that prioritize PCI compliance can rely on Yeastar to effectively balance excellent customer service with maintaining customer trust via the capability to pause and resume call recording.
- Finance: Considering the huge volume of credit card data processed over phones on a daily basis, financial institutions such as banks, investment firms, and insurers place high values on PCI compliance and securing clients’ credit card data.
- Retail and E-commerce: Call recording is a tool often utilized by call center supervisors in retail and e-commerce businesses to evaluate the quality of their customer services. Therefore, non-compliance with PCI can expose these companies to grave risks, such as data breaches and legal liabilities.
- Hospitality: Hotels and other hospitality businesses also attach great importance to PCI compliance since customers frequently give their credit card information when making bookings over the phone. Maintaining compliance helps reduce the possibility of fraud.
Care a lot about PCI compliance? Apply for a 30-day free trial of the Yeastar P-Series Phone System to explore more about our Call Recording capability along with a host of intuitive tools that give you the power to provide top-notch customer service.