× Globe

We notice that you’re on our UK site, the version that serves your region is the US Eckoh site.

Go to US site. Stay on UK site

Blog

The latest thinking from Eckoh

PCI DSS compliance – can you see the hidden threats
Tuesday, 21 January 2020

Titanic differences in de-scoping vendors

De risking de scoping 900

It’s relatively easy to spot an iceberg floating in the ocean. But it’s impossible to know just how massive it is without diving deep into the water.

Similar hidden dangers exist in the PCI DSS compliance market. There may be providers or compliance solutions that offer to secure your payments and give you broad promises about de-scoping, but their solutions only tackle surface-level threats and often rely on compensating controls. And that’s just the tip of the iceberg. The real dangers to your contact centre lurk deep beneath the surface, in the areas that most vendors are incapable of protecting.

In other words, you may have paid for de-scoping but get stuck with de-risking.

The dangers of de-risking

By using a de-risking strategy to achieve PCI DSS compliance, which often includes a number of compensating controls which may soon be deemed unacceptable, you allow sensitive data to continue to flow through crucial parts of your contact centre.

Only by completely removing the data from your environment (full de-scoping) can you be sure that your contact centre is as safe as possible.

The difference between de-risking and de-scoping can have significant implications for merchants, and these implications aren’t always clear when you choose an approach.

On average, UK contact centres use three different PCI DSS solutions to maintain compliance.

A multi-solution approach offers some form of de-risking, but not full de-scoping. You might be investing time, money and effort in an unreliable system that still leaves you exposed. Ineffective solutions can include:

  • Pause & resume – it’s prone to errors and doesn’t actually protect data so it could capsize your system
  • Mid-Call – it’s also prone to errors and is a collision of timing and human error
  • Appliances at the desktop and call recorder – doesn’t actually remove data from the contact centre environment
  • Appliance within your data centre – you may be de-risking part of your business but there is still data in your environment.

Don’t let de-risking sink your contact centre

There’s only one solution that truly removes the contact centre environment from the scope of PCI DSS compliance. You need a hosted solution like CallGuard from Eckoh which will fully protect your contact centre by preventing customer card data from entering in the first place. If there’s nothing there, there’s nothing to steal.

Download our short guide to de-risking vs de-scoping to read more. Or, get in touch if you'd like to know more about contact centre technology

About the Author

Claire Lynam

Claire Lynam

Marketing Manager

Claire is a professional marketer with 30 years experience in marketing, communications and PR, creating content and collateral that resonates with an organisation's audience. Having worked in multi-national companies and SMEs, Claire has expertise in creating messaging that works for both B2C and B2B markets. 

Connect with us on LinkedIn

Latest Blog Items

  • What if your contact centre was a car?

    Wednesday, 19 February 2020 What if your contact centre was a car?

    Imagine, you buy a car and you buy a three-year care plan so all your servicing and repairs are covered. After three years you opt for an extended care plan for another two years - it's a bit more expensive, but the car is doing just what you need and you don't want to change.
  • Contact Centre of the Future Part 4 - Payments

    Tuesday, 18 February 2020 Contact Centre of the Future Part 4 - Payments

    How will customers make purchases via the Contact Centre of the Future? In the fourth part of our series, Ashley Burton, Head of Product at Eckoh, examines what's ahead for payments.
  • Challenge #5: Help when purchasers wobble at the checkout

    Tuesday, 11 February 2020 Challenge #5: Help when purchasers wobble at the checkout

    Are your online customers getting cold feet on the final payment screen — and giving up? If so, there's an effective tool you can use to get them over line.

Tweets by @Eckoh

Eckoh (@Eckoh)

Eckoh (@Eckoh)

Do you feel you’re being forced into upgrading your contact centre to the next, new shiny version? Even after all the time and investment you’ve put into it? No, it doesn't have to be that way. There is an alternative... eckoh.com/resources/blog…
Eckoh (@Eckoh)

Eckoh (@Eckoh)

Ineffective solutions could be wasting your time and money. What are these ineffective solutions and what can you do to fully de-scope your contact centre. Read the latest blog and find out how to prevent the risk of fraud and the impact of data breaches. eckoh.com/resources/blog…
Eckoh (@Eckoh)

Eckoh (@Eckoh)

In the fourth part of our 'Contact centre of the future' series, Ashley Burton, Head of Product at Eckoh, reveals how customers will make purchases via the Contact Centre in our latest blog. Click the link and find out more.. eckoh.com/resources/blog… #payments

  • icon facebook
  • icon twitter
  • icon linkedin
  • icon youtube