Welcome!

IoT User Interface Authors: Liz McMillan, Elizabeth White, Peter Silva, Yakov Fain, John Basso

Blog Feed Post

Protraction, Complacency And Ignorance: PCI DSS Compliance In Disarray Amongst UK Contact Centres

Survey marks the launch of PCI TeleSafe, a ground breaking telephony solution to help contact centres comply with the standard

20 December, 2010 - New research from Connected World, leading provider of communication solutions for businesses today reveals that despite 36.7% of contact centres judging themselves to be fully compliant with the Payment Card Industry Data Security Standard (PCI DSS), the vast majority (89%) admitted to not understanding its requirements and penalties.

Compounding further concern and reflecting a high level of disarray in the market, a third of all contact centre respondents (33%) claimed at best to be years away from full PCI DSS compliance, with a fifth (21%) stating that their processes will never be in full accordance with the standard's stringent requirements.

The survey of more of than 200 contact centre decision makers spanning a range of industries from retail and leisure to public service and finance was commissioned to mark the launch of Connected World's PCI TeleSafe solution, a network based telephony solution that protects customers account data at the point of payment and resolves a host of PCI DSS compliance headaches faced by contact centres today.

PCI DSS Requirements for telephony payments are stringent and regarded as one of the most challenging aspects for contact centres to comply with. More than a quarter of survey respondents (28%) said they had some safeguards in place to protect sensitive data but felt they would benefit from tighter security measures to better protect their customers.

However, the overall PCI DSS message of compliance appears to be getting through, but only to a limited section of the market. Of those that were aware of the term, only 41% stated that compliance with the PCI DSS standard was crucial to the future of their business. The remaining 59% describing compliance with the standard as "not a top priority" or "something we need to find out about".

"We've been amazed by the level of confusion in the market, especially given the fines that card issuers can impose if they find a vendor to be in breach of the standard's requirements." comments Jamie Price, Director, Connected World. "Contact centres urgently need to attend to their processes, or they could be held accountable for security breaches and fraud that would otherwise by covered by the card issuer."

On a wider level, the survey revealed a clear need to heighten awareness as well as adjust processes and tools in use in day to day operations. In order for PCI DSS compliance to be fully achieved in a contact centre, many levels within the organisation need to be engaged in the process, from staff training to telecoms security. Despite this, more than 74% of respondents admitted that the issues are not clearly understood across their organisation and just 11% respondents said they fully understood what the standard demands and the consequences of not conforming.

Nevertheless, it seems confidence in current data security measures is high. 68% respondents stated that they were confident that they were processing telephony payments securely despite not fully understanding the PCI DSS requirements, suggesting a level of indifference to the standard in the industry and a marked belief that contact centres are already doing enough to protect customer data.

"Now is not the time for contact centres to bury their heads in the sand," adds Price. "The standard is complicated and full compliance isn't easy to achieve. Whatever you think about the standard, it won't change the fact that your business is at risk if you fail an assessment. Moreover, call centres that operate on behalf of customer organisations could suffer severely should they be exposed as non-compliant.

Connected World's network-based solution, PCI TeleSafe, enables contact centre customers paying over the phone to make their purchase without exposing their card details to the call centre operative they are talking to, and without having their call diverted to a secure third party. The customer enters their personal card data using their phone keypad, keytones are masked on the phone and the data is securely captured by the system but is hidden on the operator's screen as asterisks. The end result is a telephony payment process which answers a number of the standard's requirements, including "restricting physical access to cardholder data", and "encrypting submission of card holder data" (Requirements 4 and 9 of PCI DSS, respectively).

Overall, when questioned, more than a third of respondents cited "the fear factor" - namely an increase in either the chances of being spot-assessed by the Security Standards Council or an increase in penalties - as their primary motivation for striving for full compliance. The remainder indicated that the resultant gains in customer trust would sway them the most.

###

About PCI DSS
The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.

For more information please consult: www.pcisecuritystandards.org

About Connected World
Launched in 2007 under the TalkTalk Enterprise brand and in partnership with Carphone Warehouse, Connected World are specialist providers of inbound call handling solutions, providing network and cloud-based automated technology for call handling & workforce management. Based in Warrington, Cheshire, Connected World provide bespoke services to a wide variety of organisations across the UK, including call centre operators, premier league football clubs, hoteliers, groups within the NHS and other areas of the public sector.

For more information about, or to see a video presentation on TeleSafe, visit www.connectedworld.co.uk, or see TeleSafe Video Overview

Read the original blog entry...

More Stories By RealWire News Distribution

RealWire is a global news release distribution service specialising in the online media. The RealWire approach focuses on delivering relevant content to the receivers of our client's news releases. As we know that it is only through delivering relevance, that influence can ever be achieved.

@CloudExpo Stories
SYS-CON Events announced today that Hitrons Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Hitrons Solutions Inc. is distributor in the North American market for unique products and services of small and medium-size businesses, including cloud services and solutions, SEO marketing platforms, and mobile applications.
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
SYS-CON Events announced today that eCube Systems, a leading provider of middleware modernization, integration, and management solutions, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. eCube Systems offers a family of middleware evolution products and services that maximize return on technology investment by leveraging existing technical equity to meet evolving business needs. ...
DevOps at Cloud Expo – being held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises – and delivering real results. Am...
Pulzze Systems was happy to participate in such a premier event and thankful to be receiving the winning investment and global network support from G-Startup Worldwide. It is an exciting time for Pulzze to showcase the effectiveness of innovative technologies and enable them to make the world smarter and better. The reputable contest is held to identify promising startups around the globe that are assured to change the world through their innovative products and disruptive technologies. There w...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - comp...
DevOps at Cloud Expo, taking place Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 19th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long dev...
SYS-CON Events announced today that StarNet Communications will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. StarNet Communications’ FastX is the industry first cloud-based remote X Windows emulator. Using standard Web browsers (FireFox, Chrome, Safari, etc.) users from around the world gain highly secure access to applications and data hosted on Linux-based servers in a central data center. ...
Traditional on-premises data centers have long been the domain of modern data platforms like Apache Hadoop, meaning companies who build their business on public cloud were challenged to run Big Data processing and analytics at scale. But recent advancements in Hadoop performance, security, and most importantly cloud-native integrations, are giving organizations the ability to truly gain value from all their data. In his session at 19th Cloud Expo, David Tishgart, Director of Product Marketing ...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
19th Cloud Expo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterpri...
There is growing need for data-driven applications and the need for digital platforms to build these apps. In his session at 19th Cloud Expo, Muddu Sudhakar, VP and GM of Security & IoT at Splunk, will cover different PaaS solutions and Big Data platforms that are available to build applications. In addition, AI and machine learning are creating new requirements that developers need in the building of next-gen apps. The next-generation digital platforms have some of the past platform needs a...
SYS-CON Events announced today Telecom Reseller has been named “Media Sponsor” of SYS-CON's 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
As the world moves toward more DevOps and Microservices, application deployment to the cloud ought to become a lot simpler. The Microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. Serverless computing is revolutionizing computing. In his session at 19th Cloud Expo, Raghav...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportuni...
Enterprises have forever faced challenges surrounding the sharing of their intellectual property. Emerging cloud adoption has made it more compelling for enterprises to digitize their content, making them available over a wide variety of devices across the Internet. In his session at 19th Cloud Expo, Santosh Ahuja, Director of Architecture at Impiger Technologies, will introduce various mechanisms provided by cloud service providers today to manage and share digital content in a secure manner....
StarNet Communications Corp has announced the addition of three Secure Remote Desktop modules to its flagship X-Win32 PC X server. The new modules enable X-Win32 to safely tunnel the remote desktops from Linux and Unix servers to the user’s PC over encrypted SSH. Traditionally, users of PC X servers deploy the XDMCP protocol to display remote desktop environments such as the Gnome and KDE desktops on Linux servers and the CDE environment on Solaris Unix machines. XDMCP is used primarily on comp...
Fact: storage performance problems have only gotten more complicated, as applications not only have become largely virtualized, but also have moved to cloud-based infrastructures. Storage performance in virtualized environments isn’t just about IOPS anymore. Instead, you need to guarantee performance for individual VMs, helping applications maintain performance as the number of VMs continues to go up in real time. In his session at Cloud Expo, Dhiraj Sehgal, Product and Marketing at Tintri, wil...
SYS-CON Events announced today that Isomorphic Software will exhibit at DevOps Summit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Isomorphic Software provides the SmartClient HTML5/AJAX platform, the most advanced technology for building rich, cutting-edge enterprise web applications for desktop and mobile. SmartClient combines the productivity and performance of traditional desktop software with the simp...
With so much going on in this space you could be forgiven for thinking you were always working with yesterday’s technologies. So much change, so quickly. What do you do if you have to build a solution from the ground up that is expected to live in the field for at least 5-10 years? This is the challenge we faced when we looked to refresh our existing 10-year-old custom hardware stack to measure the fullness of trash cans and compactors.