Why PCI Is More Important than Ever Before
If your business relies on a contact center, you know that most agents are working from home due to the current health crisis. However, for many centers, the transition to working remotely is here to stay. Savvy companies are already discovering how to handle higher call volumes with the same number of agents, even improving the customer experience in the process. There’s no going back.
The Compliance Challenge
Thanks to this industry transformation, PCI compliance has become a lot trickier. According to the 2018 Verizon Payment Security Report, only 52.5 percent of all organizations are 100 percent PCI compliant, and just 39.7 percent of companies in the Americas are compliant.
Before work-from-home policies, the best contact centers were purposely designed to be secure. Compliant companies invested heavily in security measures like cameras, bio-ID, and keycards. Top-notch contact centers even prohibited the use of phones, pens, and paper. These conditions are impossible to replicate when agents are at home.
Breaking Down PCI Compliance
Let’s explore what goes into making a company fully compliant.
- Build and maintain a secure network. Your business needs firewalls and strong passwords and security parameters.
- Protect cardholder data. You should store cardholder data and encrypt all transmissions across open, public networks.
- Maintain a vulnerability management program. Ensure you’re protecting systems against malware, and update anti-virus software or programs regularly.
- Implement strong access control measures. Restrict information access only to “need to know” individuals. You must also identify and authenticate access to components and restrict physical access.
- Regularly monitor and test networks. Track and monitor all access to network resources and cardholder data. Also, test security systems and processes regularly.
- Maintain an information security policy. Your information security policy needs to be shared across personnel and consistently reviewed.
Of course, this list is pretty daunting. Especially when the news constantly reminds you of the possible consequences of compliance failure. Target’s 2013 data breach affected 40 million credit and debit card shoppers and resulted in a formidable $18.5 million settlement. Not only did the company lose money, but they also lost consumers’ trust. No one wants to be the next cautionary tale.
Automation is the Answer
Savvy companies have already figured out a strategy that boosts security and makes remote contact center agents more effective.
Humans are the weakest link when it comes to cybersecurity. The more you automate payment processes and empower customers, the easier compliance is.
This is where Airkit comes in. Our low-code platform builder allows business leaders to create digital customer journeys without engineering resources. These digital customer experiences delight users while automating contact center tasks. Compliance is built-in so that your team can focus on getting customers to complete payments.
Here are the key benefits:
- Secure Work-from-Home Process: You can’t have cameras or a bio-ID system in employees’ homes. Digital mobile experiences make these needs obsolete. Customers input information themselves using secure links, removed from the reach of agents.
- Transaction Velocity: Customers can make purchases seamlessly, without even logging into a native app. Users simply make payments and submit signatures as part of an on-the-go shopping experience.
- Increase Self-Service: Give your customers a mobile-first experience that works effortlessly regardless of whether they’re using Apple Pay, Google Pay, or a credit card.
Besides empowering non-engineers, Airkit comes with built-in integrations and connects with your systems of record. Our tool ensures that your contact center is both efficient and PCI compliant. We accomplish this in three ways:
#1. Agent-initiated functions. (sending secure links across channels and devices)
- Value Add: Empower agents to be more efficient.
- CRM and Helpdesk: Zendesk, Salesforce, Homegrown
#2. IVR call deflection.
- Value Add: Self-service secure payments.
- Telephony: Talkdesk, Five9, Aircall, Genesys, InContact
- Value Add: Works with your payment processor today.
- Providers: Stripe, Braintree, Adyen
Even though PCI compliance is more important and more complicated than ever before, digital tools can help you get ahead with less effort.
To learn more about Airkit, view the platform in action here.