College Student Credit Card

Posts Tagged ‘technology’

In late 2004 the major credit card brands American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa united to establish standards (PIC DSS) to ensure organizations followed standardized practices to protect card holder information. Today these standards apply to any company accepting credit card from their customers in any shape or form.

For over 20 years, organizations through out North America have been employing Interactive Voice Reponses (IVR) systems to take payment over the telephone. With PCI every company who is automating the collection of credit card and transmission for processing must be currently be PCI DSS compliant. However what is troublesome is that there are still 1000′s of companies who are still taking payment over the telephone, not following the basic PCI guidelines.

Fort the majority of companies whoa are still working without being PCI compliant, it appears to be a case of not being aware that they are not meeting PCI. They have outsourced IVR credit card processing, and have always assumed that they are following the rules, when their providers don’t specialize in payment application, therefore don’t understand them themselves.. For other the cost of being PCI compliant is to high, so they are choosing to ignore them, at potentially huge risk and cost.

One such example was a home service company who approached us to implement a telephone payment solution that would help them take payment from their customers. The total number of transactions amounted to over 500 a day, with the average transaction amount being in the neighborhood of $90. We explained that the hosted PCI telephone process would entail an additional transactional fee in addition to what they were paying their processor, which would probably not have been more than 0.85% of the chartable amount in the case, they declined it flat out. I was surprised to hear this, since it was little to pay for ensuring a PCI compliant process, and not much more than what most credit card processors charge for basic telephone transactions (which don’t offer any of the customization and integration options). After doing some investigation, I discovered that this company was storing customer credit card information in an Excel file, over 10,000 valid credit cards. The process being used by this company failed every PCI requirement, and compromised the security of the thousands of customers. We followed up in several occasions, to ensure they understood the risks. We were told that they were taking steps to secure their credit card data.

Every day we speak to companies who are learning one way or another that their telephone payment processing has to be PCI compliant, which means that there are still many companies still not following PCI. It is the responsibility of every company to ensure their telephone payment processing is PCI compliant. PCI compliance is an time-consuming and expensive process in this is why many service providers have opted to focus on core IVR services, and not payment related applications.

Datatel provides PCI Ready Hosted IVR Payment Processing Solutions . Learn more about how to achieve call center PCI compliance.

Incoming search terms for the article:

• ivr transaction
• what is ivr transaction
• transaction plus
• ivr transactions means
• IVR PCI
• Powered by Article Dashboard discover credit card application
• Powered by Article Dashboard pci-express video card
• transactions plus
• pci-dss ivr
• pci ivr compliance