• Login
  • Status
  • Support
  • Partners
  • Pricing
  • Careers
  • EN
    • English
    • Deutsch
    • Français
    • 日本
    • 简体中文
    • العربية
    • 한국
    • Español
NICE - AI Customer Service Automation Solutions
  • NICE - AI Customer Service Automation Solutions×
  • Platform

    CXone Mpower Platform

    • Workflows

      Automate every service workflow

    • Agents

      Maximize agent performance

    • Knowledge

      Centralize data and knowledge

    Customer Service Automation

    • Platform Overview

      Complete AI Platform for service automation

    • Integrations & Hubs

      Seamlessly connect your business systems

    • Trust and Compliance

      Ensure secure, reliable, and compliant operations

    • Developer Portal

      Access APIs, SDKs, and resources for building

    • CXexchange Marketplace

      Discover partner solutions to extend capabilities

    • User Communities

      Collaborate, learn, and share best practices

  • Products

    Complete CX Offerings

    • AI for Customer Experience

      Purpose-built AI for unparalleled CX automation

    • Digital and Self Service

      Friction-free customer experiences driven by conversational AI

    • Workforce Engagement Management

      Robust applications to optimize the employee experience (WEM)

    • Journey Orchestration and Routing

      Seamless customer journeys across voice & digital channels

    • Agent Assist

      AI-driven tools for real-time agent guidance and coaching

    • CX Analytics

      Actionable insights to continuously enhance the customer experience

    • Open Cloud Platform

      Innovative cloud-native foundation to rapidly scale extraordinary CX

    • All CX Offerings

  • Solutions

    By Industry

    • BPO

      Business Process Outsourcers

    • Financial Services

      Customer experiences that count

    • Government

      Elevate citizen trust

    • Healthcare

      Healthy patient experiences

    • Insurance

      Secure policyholder experiences

    • Retail

      Delight customers where they shop

    • Telecom

      CX for Telecommunications

    • Travel and Hospitality

      Strengthen traveler and guest loyalty

    By Business Initiative

    • Transform Experiences with AI

      Identify behaviors that drive frictionless customer experiences.

    • Boost Customer Loyalty

      Improve customer loyalty on every interaction across the journey

    • Call Center Software

      Empower your agents to provide better experiences—on every channel.

    • Drive Digital Transformation

      Integrate digital technology at the center of the customer experience

    • Move to the Cloud

      Elevate experiences and efficiencies by moving operations to the cloud

    • Unify CX Touchpoints with AI

      Unlock total awareness for your business with purpose-built AI on a unified platform

    • Increase Operational Efficiency

      Leverage AI and automation to increase agent retention and reduce costs

    • Improve Compliance

      Protect your consumers with pre-built compliance solutions

    • Engage and Empower Employees

      Create a workplace of truly engaged employees

    • Proactive Customer Engagement

      Elevate customer satisfaction with proactive conversational AI

    • Grow Revenues

      Boost conversions and win rates to accelerate financial success

  • Services

    Contact Center Services

    • Business Consulting

      Partnership for successful transformations

    • Contact Center Training

      Tailored education delivered by CX experts

    • Customer Support

      Global support you can depend on

    • Professional Services

      Relevant expertise, tools and know-how

    • Implementation Partners

      NICE CXone certified implementation partners

  • Resources

    Resources

    • Resource Library

      Whitepapers, datasheets, demos and more

    • Self-Led Training

      Professionally developed training courses

    • Blog

      CX industry guidance by contact center experts

    • Analyst Perspective

      Contact center reports from third party analysis

    • Events

      Upcoming events and webinars

    • Glossary of Terms

      Detailed descriptions of industry-related terms

    • Frequently Asked Questions

      Contact center focused FAQ

    • Customer Stories

      Driving success in every customer story

    • CX & Contact Center Guides

      Expert insights for superior CX

    • On-Demand Webinars

      Browse our extensive webinar catalog

    • Interactive Product Tours

      Explore the complete CXone cloud platform with our instant self-guided product tours.

    • Why NICE? Video Series

      Step Inside The Room Where It Happened to see CX AI in action

  • Company

    About NICE

    • About Us

      Powering seamless experiences in the cloud

    • NICE Leadership

      Meet our global leadership and executive team

    • Careers

      View job openings and learn about our culture

    • NICE Trust Center

      Securing your trust with every interaction

    • Events

      Upcoming Events & Webinars

    • Market Leadership

      Discover why NICE is the market leader

    • Press Releases

      Find the latest updates from NICE

    • Investors

      Investors relations, reports and filings

    • Corporate Responsibility

      In a world where you can be anything, be NICE

    • Global Office Locations

      Interactive map of office locations worldwide

    • Media Center

      Media contacts and resources

    • EN
      • English
      • Deutsch
      • Français
      • 日本
      • 简体中文
      • العربية
      • 한국
      • Español
    • Get in Touch
      • Login
      • Status
      • Support
      • Partners
      • Pricing
      • Careers
      linkedinlinkedinlinkedinlinkedin

    Company

    • About Us
    • Careers
    • Global Leadership
    • Media Center
    • Investors
    • Awards
    • Global Office Locations
    • Contact Us
    • CCaaS
    • Customer Experience
    • NICE Public Safety
    • NICE Actimize
    • NICE RPA

    Partners

    • NICE Partners Overview
    • Developer Partners (DEVone)
    • CXone Partner Portal
    • NICE Help Partner Portal
    • NICE User Group

    Customer Support

    • Customer Support Overview
    • CXone Support Login
    • NICE Customer Support

    Want to Learn More?

    Join the Newsletter

    STAY CONNECTED

    linkedinlinkedinlinkedinlinkedin
    • Terms of Use
    • Site Map
    • Privacy Policy
    • Legal
    • Cookies Settings
    • Accessibility
    © 2024 NICE
    Burning Questions: PCI Compliance in the Contact Center

    Burning Questions: PCI Compliance in the Contact Center

    by Staff Writer
    April 1, 2020
    Share

    The news cycle is full of stories about data breaches and cybersecurity threats, including massive attacks on well known enterprises such as Marriott, Equifax and Yahoo. In most cases, it is personal information that is leaked, but those problems compound for both users and companies when payment information is exposed.

    If your contact center handles any kind of financial transactions, whether via phone, email, chat, or SMS, having a PCI Compliance plan is essential. PCI Compliance can sound daunting to a smaller contact center, or one that is new to taking payments. But you’re not alone – Although Verizon’s latest PCI DSS compliance report said that PCI compliance has increased 167% since 2012, it also found that 80% of all organizations are still not compliant with the data security standard.

    Achieving PCI compliance starts with understanding the PCI DSS and the responsibility taken on by companies that handle transactions via one or more of their channels. Here we take a look at the burning questions surrounding PCI compliance in the contact center:

    For one, it is very had to pinpoint the scope of PCI Compliance within a contact center because there are many moving pieces. The Payment Card Industry standard was primarily created for any company that performed a financial transaction by swiping a credit card.

    But within a contact center, those transactions can be made via different channels – voice call, chat, SMS, email, and more. Customer information, even if it not the actual credit card number being entered, still falls under PCI compliance. Unlike a physical retailer, who receives credit card information via a physical swipes, the compliance scope for the contact center must expand to cover the omnichannel approach.

    Get help with contact center PCI compliance

    If your contact center has a need for enhanced PCI compliance, NICE can help. Our Trust Office provides a team of PCI compliance experts that can provide the security your contact center needs to drive compliance and protect your customer’s information. Even if PCI compliance doesn’t fall under the scope of your contact center requirements right now, it is a best practice to work with a cloud-based software partner that provides a high level of security & compliance to allow your company to scale in the future.

    For more information on how NICE security protocols drive compliance for contact centers, visit our Trust Office page.

    About the Author

    Staff Writer

    See All Blogs

    Follow Us

    Follow us to get the latest news from your preferred Social Network

    linkedinlinkedinlinkedinlinkedin

    Popular Posts

    November 12, 2024

    The State of CX report: We’ve got plenty to share from our abundance of riches

    Read

    November 6, 2024

    Customer Feedback Unplugged: Harnessing VOC insights to boost agent performance and elevate CX

    Read
    CXone Mpower: Automating every dimension of customer service on the ultimate AI hyper platform

    November 5, 2024

    CXone Mpower: Automating every dimension of customer service on the ultimate AI hyper platform

    Read

    October 29, 2024

    How a focus on soft skills empowers agents and boosts CX

    Read

    October 28, 2024

    How contact centres are transforming through artificial and augmented intelligence

    Read

    More from the blog

    AINovember 12, 2024

    The State of CX report: We’ve got plenty to share from our abundance of riches

    NICE is lucky to have an abundance of riches—I’m speaking of data, of course. Through our proprietary AI built just for CX, we’ve gathered data for over three decades amounting to billions of interactions.

    Read
    Voice of the CustomerNovember 6, 2024

    Customer Feedback Unplugged: Harnessing VOC insights to boost agent performance and elevate CX

    Agent engagement and satisfaction have become proxy measures for CX success, because in study after study, it’s been proven that happier agents lead to happier customers.

    Read
    CXone Mpower: Automating every dimension of customer service on the ultimate AI hyper platform
    Advantages of the CloudNovember 5, 2024

    CXone Mpower: Automating every dimension of customer service on the ultimate AI hyper platform

    It’s here. Right on time. At the precise moment when market demands and expectations for seamless customer service have become paramount to a brand’s success, a customer service platform with speed, intelligence and power has burst onto the scene with an all-encompassing solution.

    Read
  • What is PCI DSS?

    The Payment Card Industry Data Security Standard is a set of accepted policies and procedures designed to protect cardholders and the financial transactions that they execute as well as their personal information. In 2004, four major financial institutions – Visa, Mastercard, Discover, and American Express – came together to develop the set of standards. The standard is built on six major objectives:

  • Transactions must occur on a secure network with robust firewalls
  • Cardholder information must be stored in a secure location
  • Systems that process payments must use up-to-date anti-malware and anti-virus software
  • Access to system information must be restricted and controlled
  • Networks must be constantly monitored
  • A formal security policy must be in place, with regular audits and penalties for non-compliance
  • What is the difference between PCI Level I and Level II

    PCI Level I compliance means that the company processing the transactions has been verified by a third party, known as a Qualified Security Assessor (QSA). The company hires the QSA to perform regular audits in 12 different categories, with multiple sub-categories within them.

    PCI Level II compliance means that those same audits are performed and requirements met, but the company does a self-assessment internally. This is done using a self-assessment questionnaire (SAQ) and is administered by an Internal Security Advisor (ISA).

    It is often a misconception that Level II is better than Level I, or vice versa, but that isn’t true. The most important thing for contact centers is to ensure that the requirements are met and vetted by either a third party or internal expert.

  • Is there a specific benefit to being both PCI Level I and Level II compliant?

    There is no security benefit to achieving both levels of compliance. There is a perception some may have that working with a company that has been audited by a third party provides an unbiased opinion and therefore greater peace of mind.

  • Does working with a PCI compliant vendor make you PCI compliant?

    As a company that provides PCI-compliant contact center solutions to companies of all sizes, we get this question all the time. The answer is no. PCI compliance on the part of a vendor or subcontractor does not innately grant a company compliance as well. It is up to the company to perform their own audits or use a QSA to ensure compliance.

  • In terms of the contact center, what does it mean to be PCI compliant?

    For a contact center to be PCI compliant, it requires every element of the transaction to follow all the PCI rules. Consider a transaction where a customer is paying for something over the phone and using the contact center voice channel. The voice lines must be secure and untappable. Often, contact centers will use a tool that masks the credit card number as its being read, so it can be recorded but the agent doesn’t personally hear the number.

    Then there is the issue of storage – that data must be secured by the vendor, and the recorded call must be equally secure in their cloud storage. There have even been cases where companies were deemed not PCI compliant because of the level of background noise in their contact centers, which allows callers to overhear agents engaged in other customer conversations.

    It can all seem like a lot to manage, which is why most enterprises operating transactional contact centers rely on a cloud-based provider of contact center services that is PCI compliant as opposed to managing it themselves.

  • What challenges do contact centers run into when trying to be PCI compliant?