Contact centers must protect customer card data — but the wrong PCI DSS strategy can hold back your business. Sometimes, only a security rethink will give you the freedom to thrive.
As we explored in recent blogs, card-not-present (CNP) crime is a growing issue that's impacting contact centers and the strategy of deploying expensive Band Aids will create its own problems.
But attempting to keep up with the shifting sands of PCI DSS compliance using multiple methods can also have a deadening effect on customer-facing organizations. Instead of shaping your operation around the customer experience, security issues can start to dominate and stifle your business.
Here are three ways this can manifest itself:
Effect #1: PCI DSS issues can play havoc with your IT roadmap
Once your contact center environment — IVR, switch, payment service provider, network — are embedded into your compliance process, it becomes problematic to change them when new regulations are introduced. You have to redo the plumbing and wiring again at great expense in terms of time and money, which could use up money that would be better spent on IT projects that add real value to your business.
Effect #2: PCI DSS fears prohibit home-working agents
Hiring remote agents gives organizations the sought-after skills and flexibility they need to deliver the quality experience that customers demand today, especially during busy spells and outside regular office hours. However, a multi-solution approach to PCI DSS compliance creates security and training challenges that are difficult to overcome for home workers, leaving fewer choices and less flexibility in staffing your contact centers. This could prove a costly hindrance to delivering outstanding customer service.
Effect #3: PCI DSS worries mean you're reluctant to innovate
Today's consumers want the extra choice and convenience of using new channels, such as making secure payments via Web Chat sessions with agents. They like the idea of using Apple Pay and other e-Wallets. Consumers see this as part of a friction-free experience where they take control. But this can present a security threat to cautious organizations. What they really need is a PCI DSS strategy that will enable new payment channels to be adopted easily as new opportunities arise. If you can't offer this, then a competitor will.
DIY compliance narrows your options
What's clear is that attempting to manage PCI DSS compliance and contact center security yourself — using a patchwork of point solutions — starts to stifle business performance and flexibility.
Managing PCI DSS compliance can become a dangerous distraction. It can start to devour more resources, more time and more focus, when the real battleground is the customer experience.
A much better way is to take a step back and rethink the issue. What organizations really need most is a strategy that takes away the threat fraud and also liberates them to focus on adding real value.
Wondering how it's done?
Discover how to protect yourself against fraud in the contact center in the best way possible by downloading your copy of Why you need to rethink your PCI DSS strategy.
Inside, you'll find nine reasons why change is needed — and how you can embrace an approach that lifts the security burden off your team. Rather than holding you back, your PCI DSS strategy can then enable you to innovate and offer new payment options that please customers and help to win their loyalty.