Myth Busting PCI Compliance
Most of us like to see what we can get away within life. Where PCI compliance is concerned, many contact centres are of the opinion that they’re so unlikely to suffer any implications from the legislation, that they are fine to turn a blind eye to it.
But, for contact centres taking card payments, where does compliance with the Payment Card Industry Data Security Standard (PCI DSS) actually stand on the spectrum of risk?
Here are just a couple of myths that we hear when talking to contact centres who take payments, and the real costs behind them:
MYTH #1: Unlike the GDPR, the PCI DSS is not a legal requirement, so it doesn’t matter to us.
While it’s true that the PCI DSS isn’t law itself, it IS required by big name card providers such as Visa, Mastercard and American Express. The cost of doing nothing, and suffering a data breach, is that these payment providers could fine you and restrict your ability to take card payments. Not many businesses can cope without accepting card payments.
MYTH #2: Criminal organisations wouldn’t target a contact centre like ours.
Contact centres who only take a small amount of payments over the phone per day might think that hackers and rogue staff wouldn’t bother with them. In reality, fraudulent activity in contact centres is up 113% since 2016 and it’s a problem that affects every single organisation that takes payments over the phone. Fines for breaches can run into many thousands, even for small companies, and that’s without considering the cost of reputational damage and lost customer confidence.
MYTH #3: Our anti-virus software is up-to-date so we’re covered.
PCI compliance isn’t a box to be ticked by your IT department, it’s a constant necessity for all areas of the business. That means that elements such as call recording, the handling of paper documents, and even CCTV cameras can mean that you’re at risk. Having anti-virus and patched software is a great start, but customers are increasingly aware that their data needs to be handled safely, with 54% of consumers in 2017 stating that they would stop using a retailer if they were to suffer a breach.