The growth in popularity of internet and telephone shopping have led to an exponential rise in Card Not Present (CNP) transactions being processed online or over the telephone, either through an automated service or with agent assistance. However, it can be difficult to prove the actual cardholder is authorising the purchase, and the inconsistent and often varying levels of security operating within Contact Centres mean that criminals can potentially exploit these vulnerabilities to commit fraud. To address this PCI DSS standardises the security practices for organisations that transmit, process or store sensitive payment card data, but with over 350 mandatory controls which must be implemented by every merchant and potential audits from an independent Qualified Security Assessor (QSA), adhering to PCI DSS can be an onerous and costly undertaking.
GCI’s PCI Compliance services remove card data from the Contact Centre environment while payments are being processed, enabling you to become compliant with reduced procedural overheads. As well as provided an automated IVR solution, GCI can also offer a solution for Contact Centre agents including our Live Agent solution; a secure payment application which can be deployed by merchants processing agent-driven voice payments. Live Agent enables capturing of sensitive card data and processing of payments, without the Contact Centre agent having access. All data is then processed by GCI in our Level 1 PCI- accredited environment.