What is PCI DSS
The impact of PCI DSS has been far reaching and its goal to eradicate payment card data
loss (malicious or otherwise) from the merchant environment is becoming a reality.
For all merchants, this requires appropriate measures to protect any systems that store,
process and/or transmit cardholder data.
This impacts on call recording management and storage and control of the agent/caller interface within the physical call centre space.
It is a violation of PCI DSS requirement 3.2 to store any sensitive authentication data,
including card validation codes and values, after authorization even if encrypted.
It is therefore prohibited to use any form of digital audio recording (using formats such as
wav, mp3 etc) for storing CAV2, CVC2, CVV2 or CID codes after authorization if that data
can be queried; recognizing that multiple tools exist that potentially could query a variety
of digital recordings.
How Can We Help
Braxtel recording solutions prevent the logging and recording of these data elements using pre-built tools and APIs.
All of our recording solutions meet the security requirements of PCI-DSS, with standard features for secure storage and data access.