Call centers are an integral part of any financial service. Because of this, it is hard for a financial service to operate efficiently without the proper call center software. Financial services call center software should be top of the line, and able to not only secure customer information but also accurately and efficiently handle incoming and outgoing calls.
What is PCI certification?
All businesses processing payment card transactions will fall into one of four levels assigned based on aggregate Visa transactions during a 12-month period. These levels are as follows –
- Processing million or more transactions per year.
- Processing between 1 million to 6 million transactions per year.
- Processing between 20,000 and 1 million e-commerce transactions per year.
- Processing fewer than 20,000 e-commerce transactions per year.
Sufficient financial services call center software will have a PCI certification of 1.
It is strongly advised that financial services call center software with controls in place to make sure that sensitive authentication data cannot be exposed to query by unauthorized or malicious users.
Objectives and Best Practices
Call centers operating with cloud-based financial services call center software already have a head start on compliance. Highly customizable and flexible software solutions have the best chance of attaining and retaining compliance when it comes to storing customer data. Here are some best practices and objectives to keep in mind when setting up a financial services call center.
- When storing payment card data there must always be a disposal procedure that will permanently wipe all traces of the data from the database.
- Quality assurance recordings and CRM data containing card information should be archived away from query after a certain period of time.
- Card validation codes should never be stored in any format, and if recorded should be redacted from the document or voice recording.
- The PAN (card number) should be redacted or masked so that no more than six numbers show on screen.
- Agents should never enter credit card information read to them over the phone. Instead, the customer can speak to an IVR that will take the information and then redacted or deleted after the transaction is completed.
- All stored or archived payment or customer information should be rendered unreadable through high-quality encryption programs.
- Transmission of card information across networks must be encrypted using SSL/TLS, SSH or IPsec.
- Card or customer information should never be sent over an unencrypted messaging medium such as chat programs, text, or email.
- Agents must use a two-factor authentication progress in order to access information.
- At no time may smartphones or tablets, small cameras, or recording devices be brought into the main call center area. These devices should remain under lock and key in an employee locker room.
- Aggressively train employees in security awareness and require all agents to acknowledge security procedures upon logging in.
- There should be no access between stored data and the Internet
Professional Standards and Experience in Financial Services Call Center Software
ChaseData is almost 20 years of experience in customizing financial services call center software to meet the needs of our clients. Contact us for a free demonstration, and we will ask you questions about the needs of your specific call center operations. Very shortly, you’ll be able to test drive a fully featured, operational, customized, and PCI compliant financial services call center software. Turn your agents loose on it and see what ChaseData can do to secure your data and smooth call center operations into seamless transactions.