TCN Releases Pause-Interrupt Feature for Hosted Predictive Dialers
When customers speak to a contact center agent, circumstances often require them to provide the agent with a credit card number. However, with call recording software in operation, all of the customer’s credit card information, including the CVV, is captured and recorded.
To improve privacy for customers who are giving out sensitive financial information to call center operators, TCN has released a call recording pause/interrupt feature designed for hosted predictive dialers. The feature will help companies to meet PCI requirements for call recording while ensuring that private data is not stored on company servers.
“One of the largest Internet companies in the world approached us with this call-recording, privacy-compliance conundrum,” explained Dave Bethers, vice president of Sales at TCN, Inc. “We took the challenge and provided them this functionality as a front-end solution that requires no back-end work to ensure compliance.”
PCI DSS Requirement 3.2 prohibits companies from storing sensitive authentication data even when that data is encrypted. Authentication data includes CVV codes, magnetic stripe data and PINs.
PCI documents recommend strong authentication controls, monitoring and background checks for anyone who may have access to sensitive call recordings. Companies are also not allowed to have a connection between stored audio recordings and the Internet, and companies have to have a destruction policy in place.
All interactions with the recordings, according to PCI DSS, should be logged. Additionally, data mining applications should be unable to search for authentication data.
Companies have taken a variety of steps to protect customer privacy while remaining PCI compliant. For instance, some companies use software like Semafone’s Dial-Tone Multi-Frequency application, which requires customers to key in their credit card information using their telephone keypad.
TCN’s pause/interrupt solution will enable companies to not only prevent the capture of authentication data but also to cut the time and costs associated with PCI DSS compliance and information removal.
Managers will still have to develop policies and procedures around the pause/interrupt feature and will have to ensure that agents do not abuse the technology. When companies are auditing recordings for performance management, however, they can easily audit the pause/interrupt usage at the same time.
“Customers should be wary of hosted dialing companies that claim they are 100 percent compliant with such standards,” stated Li TiaTia, Vice President of Operations and Client Services at TCN. “Complete compliance is possible, and it needn’t cost an arm and a leg.”
Edited by Juliana Kenny