It’s the Headline You Never Want to Read

Another cyber-attack hits a major brand we all know and many of us frequent. It's splashed across the headlines, providing the kind of brand awareness no CEO, CTO or CMO ever wants.  It's the kind of headline that sparks fear in every customer that has ever done business with the company in the past. ​

Technology has given us the benefit of immediacy; convenience we couldn’t have imagined less than a decade ago. Unfortunately, with that convenience, our privacy has become vulnerable. To protect our payment card information, regulations have been established, specifically the Payment Card Industry Data Security Standard (PCI DSS). PCI, as it’s commonly referred to, promotes security and trustworthiness in the contact center through a variety of standards and practices. But the most important one of them – PCI DSS 3.2 – simply states, “Do not store sensitive authentication data after authorization (even if encrypted).” 

That makes sense. No one wants even the most trusted vendor to keep their payment card information accessible to cyber attacks. 

Here’s though where it gets tricky. Almost all, if not all, contact centers use comprehensive interaction recording as their first line of defense against liability, loss and regulatory action. The recording of transactions protects customers and the brands they engage with equally – it’s necessary. So how do companies’ maintain and even increase customer satisfaction through the use of interaction recording and at the same time maintain PCI compliance? The answer is technology – full circle.

What every contact center needs is Privacy Control. A platform that gives its users all of the benefits of an advanced interaction recording solution, including analytics and more, as it maintains PCI compliance through Privacy Control. And one that does it automatically. The automation should be triggered by an agent’s screen activity. When an agent selects fields related to sensitive data banned from storage by PCI DSS, Privacy Controls should automatically engage and pause recording. After the agent leaves the sensitive field (such as a credit card number or CVV code), recording should immediately resume. 

It’s important you leave nothing to chance, giving your contact centers and customers the security peace of mind they’re all looking for. No compromises on customer service or compliance. 

So while technology has opened the door to the potential of losing our privacy, technology is also the answer to maintaining that privacy. It’s up to innovative vendors to stay a step ahead of cyber criminals so that the rest of us can enjoy the convenience we’ve all become accustomed to – a door that can’t and we don’t want to shut. 

To learn more about how NICE Engage helps you maintain PCI DSS compliance, download our PCI Compliance White Paper here