In the early 2000s, as the theft of credit card information began to rise, companies realized that a change was required to protect their and their customers’ data. Merchants and others entrusted with this important information needed to improve how they stored, processed, and transmitted credit card data. In response, stakeholders from across the industry developed the Payment Card Industry (PCI) Data Security Standard (DSS) in 2004. The PCI DSS established policy standards and procedures for securing sensitive data transactions and protecting cardholders against theft and misuse, covering areas such as
Because client calls frequently involve PCI data, PCI DSS compliance is a must have for the protection of Contact Centers and their clients. Until 2010, PCI DSS focused primarily on backend storage, but now Contact Centers must consider front end data collection as well. Current PCI DSS requirements are such that storing digital recordings of CVV is no longer in compliance, and organizations should proactively plan to prevent CVV from being recorded. Over time, such requirements may become stricter and even more expansive.