"But we NEED to keep the PAN in call recordings." Really?

As I've discussed before, I often hear call centre executives tell me that they retain the PAN in call recordings. One point which they claim makes it acceptable or sensible is:

"We need to keep the PAN in our call recordings, because of [some requirement] "

What is that reason?

Is it useful to you in any way at all? You may think it is, and I've heard several answers to this question. Let's list them, and my responses.

"I use it for refunds."

OK, so if you need to give a customer a refund, you take a minimum of 5-10 minutes to locate the exact recording on which the customer made the purchase (how are you planning to find that exact call?), you then listen to the call in order to find the point at which the card number is spoken to the agent, and issue a refund based on that number?

I'll be blunt: that is madness.

You need a process for issuing refunds which doesn't require reference to the call recording.

"I use it for internal fraud detection."


"I work in an industry where law enforcement or regulated financial services officers require the full card number for investigating crime or fraud."

I appreciate this argument, honestly. As much as the PCI and anti-fraud community wants to rid card data from as many places as possible, we have to understand that there are many organisations like police forces who feel comfortable (or require) handling real card data. (And remember that the law always trumps PCI DSS.)

So the question here becomes: How does a merchant limit both their PCI scope and fraud risk, while complying with legal requirements?

The answer is tokenisation

(Or tokenization. Whatever you're into.)

If you tokenise card data, and only store it tokenised, then you can implement a process whereby authorised staff members can switch a token back into the PAN. This can then be passed on to fraud/crime investigators. You don't need to store the PAN in the call recording (or anywhere else).

In general, actually, the answer to many (all?) of the above concerns is tokenisation.

Settlement, chargebacks, adjustments and refunds are also then handled using the token.

"But implementing tokenisation is really difficult."

Well, that's probably correct if you are picturing a traditional approach where you have to change your payment processes entirely and spend capex to implement tokenisation. But there are certainly (way) easier approaches. (This is not a sales piece.)

So I see no good reason why you 'need' to keep PANs in call recordings.

But am I wrong? Are there in fact good reasons you NEED to keep PANs, which I haven't understood properly?

Please do let me know in the comments - I am keen to learn.

Loading Conversation

Posted by eckoh at 1:38 PM on Nov 4, 2015


Recent Posts

Does it feel like it's panto season in your contact centre every day? If so,…


We've all watched on in horror ... as an out-of-control child creates havoc at a…


Are customers mysteriously falling out of love with your business — despite your…