Ultracomms warns businesses to review processes as telephone payment security watchdog issues strict new guidelines

Ultracomms, a leading provider of PCI DSS compliant secure telephone payment solutions, has warned businesses that they must urgently review the way they take card payments over the phone after the Payment Card Industry Security Standards Council (PCI SSC) issued the latest update to its guidelines for telephone payments.
The revised guidance issued last month by the Payment Card Industry Security Standards Council (PCI DSS) reiterates the risks for businesses who continue to use Pause and Resume methods for processing telephone card payments.

Updated for the first time in seven years, the guidelines clearly state that removing payment card data from the contact centre environment is the only secure solution to prevent fraud attacks and ensure compliance.

Businesses which use Pause and Resume as part of their payment processing strategy are not out of scope for PCI DSS. Pause and Resume only removes the call recording and storage systems from scope, but not the agent, agent desktop environment, or internal telephone systems.This leaves businesses and their customers open to the risks of card data fraud, investigations by a PCI forensic investigator, substantial fines, and of course, the reputation and brand damage that would result.

Welcoming publication of the revised guidance, Derwyn Jones, CEO of Ultracomms, said: “We are delighted to see the PCI SSC’s latest guidance which provides greater clarity on the measures businesses need to take to ensure they protect consumers, de-scope their contact centre environment, and remove their business risk in this area.”

“More businesses need to be aware that the Pause and Resume processes they currently use do not de-scope the contact centre agent, the agent desk-top or the telephone system, and therefore, still present a significant data security risk. Completely removing your contact centre environment from PCI DSS scope using technology such Dual-tone-Multi-Frequency (DTMF) masking is the only sure-fire way to guarantee compliance.”

Ultracomms has pioneered an industry-leading solution called PaySure. The solution allows customers to enter their payment card numbers directly into their telephone keypad, removing the risk of a card data breach that could occur reading them out loud to an agent over the phone.

Ultracomms has also produced a free downloadable guide to help businesses comply with PCI DSS. The step-by-step guide by Ultracomms, called “Card Fraud: It’s Time To Act”, is available to download here.

Back to all news

With UCMS, maintaining the visibility and security of your contact centre operation, and empowering advisors from any location is Ultra easy

With UCMS, maintaining the visibility and security of your contact centre operation, and empowering advisors from any location is Ultra easy

Ultracomms Call Management System (UCMS) is an omnichannel cloud contact centre solution with integrated secure payment handling software, reporting and speech analytics capabilities. Established in...

Read article

International Women’s Day 2020 – Meet Victoria

International Women’s Day 2020 – Meet Victoria

Many of us are lucky enough to work in a modern environment where we are all treated with equality regardless of gender, but It hasn’t...

Read article

Our Very Own ‘Secret Agent’ Santa (A Christmas Tail)

Our Very Own ‘Secret Agent’ Santa (A Christmas Tail)

Christmas traditions don’t come any more traditional than the annual Secret Santa…; joke mugs, alcohol and choccies are also pretty standard fare. Until this year...

Read article

Take advantage of Ultracomms solutions

Let's chat