Cooperative Response Center achieves PCI compliance
Published 9:41 am Tuesday, February 23, 2016
Cooperative Response Center Inc. (CRC) a contact center that takes credit card payments for hundreds of utilities located throughout the country, recently achieved compliance with the Payment Card Industry Data Security Standards (PCI DSS) for handling credit card payments.
Processing credit card payments while maintaining the privacy required by the PCI DSS has been a challenge for many organizations that accept credit card payments over the phone. The PCI DSS requirements are in place to prevent data account breaches and to ensure the integrity of credit card information.
To date, the solution most organizations use to maintain PCI DSS compliance is to complete all phone credit card transactions using an interactive voice response (IVR) system. Although a viable solution for some utilities, those organizations that pride themselves on service excellence have found the IVR choice to be less than desirable.
CRC’s solution, however, offers live-agent call handling for the entirety of the transaction while recording calls for quality monitoring purposes.
Late last year, CRC began installing a device designed by CallGuard on each agent’s workstation. The CallGuard device enables CRC’s agents to retain 100 percent contact with the caller while offering a secure method of communicating credit card data. The CallGuard product also offers CRC the ability to record all calls without jeopardizing security in the call recording – recordings do not contain card data.
The process to become PCI DSS compliant was quite lengthy and challenging due to CRC handling credit card payments for hundreds of organizations nationwide as well as its storage of call recordings for quality monitoring purposes. CRC has worked with its call recording vendor to ensure all sensitive credit card data from all stored recordings has been removed.
“CRC has always taken the privacy and security of each caller’s credit card and other personal information seriously,” explained Chris Holt, CRC’s president and CEO, said in a press release. “Achieving PCI DSS compliance cements this practice and gives our membership the peace of mind that their callers who want to speak with an agent receive the best care possible.”