PCI DSS Compliance
The PCI DSS is a set of comprehensive requirements for enhancing payment account data security, developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis. The PCI DSS must be met by all organisations (merchants and service providers) that transmit, process or store payment card data. The PCI DSS (sometimes referred to as a compliance standard) is not a law. It is a contractual obligation applied and enforced – by means of fines or other restrictions – directly by the payment providers themselves and based on best endeavors to meet these procedures by the organizations taking the credit card payments.
The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:
- Build and Maintain a Secure Network
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
Many organisations that are required to record telephone conversations also take credit card details over the phone from clients and accordingly the recording and storage of this data can become a PCI compliance issue.
Storacall Voice Systems offer PCI DSS compliant solutions which not only protect your investment today but also in the future, encryption, password protection and also the inclusion of our PCI Module (Credit Card Masking) all form part of our product portfolio to ensure your recordings fully comply with the latest PCI SS recommendations and guidelines.