Our PCI Products

PCI For Voice & e-Commerce
Secure Payments
PCI Payment Processing
Call Payment Processing: Assist
Call Payment Processing: Focus
Call Payment Processing: Unite
Call Payment Processing: Assist Demonstration
PCI Standards

PCI Standards

The information and guidance from the PCI Standards guide (available to download below) is intended to provide payment security advice for merchants and service providers who accept and/or process payment card data over the telephone. This information highlights the key areas organisations with call-center operations need to address in order to process payment cards securely, and how best to protect their business and their customers from the risks of data compromise and fraud.

The intent of the document is to provide supplemental guidance, and the information provided does not replace or supersede PCI DSS requirements. The PCI Security Standards Council (PCI SSC) is not responsible for enforcing compliance or determining whether a particular implementation is compliant. Merchants and service providers should work with their acquirers or payment card brands, as applicable, to understand their compliance validation and reporting responsibilities.

Why Telephone Card Payment Security is Important

In face-to-face and e-commerce environments, risk-mitigating technologies have helped significantly reduce fraud rates, resulting in a shift of card fraud towards the Mail Order / Telephone Order (MOTO) space.

Additionally, a number of regulatory bodies are requiring some companies to record and store telephone conversations in a range of situations. The Payment Card Industry Data Security Standard (PCI DSS), however, stipulates that the three-digit or four-digit card verification code or value printed on the card (CVV2, CVC2, CID, or CAV2) cannot be retained after authorisation, and full primary account numbers (PANs) cannot be kept without further protection measures.

As such, there is a risk that organisations taking customer payment card details over the telephone may be recording the full cardholder details to comply with various regulatory bodies, thereby causing them to be in contravention of PCI DSS requirements and potentially exposing cardholder data to unnecessary risk.

Note that PCI DSS does not supersede local or regional laws, government regulations, or other legislative requirements.

To find out more please contact us or download a copy of the PCI Data Security Standard (PCI DSS) pdf using the download button below.

Download PCI Standards

You can download a copy of the PCI Data Security Standard (PCI DSS) on Protecting Telephone-based Payment Card Data using the download button below.

Our PCI Products

PCI For Voice & e-Commerce
Secure Payments
PCI Payment Processing
Call Payment Processing: Assist
Call Payment Processing: Focus
Call Payment Processing: Unite
Call Payment Processing: Assist Demonstration
PCI Standards
Download PCI Standards

You can download a copy of the PCI Data Security Standard (PCI DSS) on Protecting Telephone-based Payment Card Data using the download button below.

PCI Standards

The information and guidance from the PCI Standards guide (available to download below) is intended to provide payment security advice for merchants and service providers who accept and/or process payment card data over the telephone. This information highlights the key areas organisations with call-center operations need to address in order to process payment cards securely, and how best to protect their business and their customers from the risks of data compromise and fraud.

The intent of the document is to provide supplemental guidance, and the information provided does not replace or supersede PCI DSS requirements. The PCI Security Standards Council (PCI SSC) is not responsible for enforcing compliance or determining whether a particular implementation is compliant. Merchants and service providers should work with their acquirers or payment card brands, as applicable, to understand their compliance validation and reporting responsibilities.

Why Telephone Card Payment Security is Important

In face-to-face and e-commerce environments, risk-mitigating technologies have helped significantly reduce fraud rates, resulting in a shift of card fraud towards the Mail Order / Telephone Order (MOTO) space.

Additionally, a number of regulatory bodies are requiring some companies to record and store telephone conversations in a range of situations. The Payment Card Industry Data Security Standard (PCI DSS), however, stipulates that the three-digit or four-digit card verification code or value printed on the card (CVV2, CVC2, CID, or CAV2) cannot be retained after authorisation, and full primary account numbers (PANs) cannot be kept without further protection measures.

As such, there is a risk that organisations taking customer payment card details over the telephone may be recording the full cardholder details to comply with various regulatory bodies, thereby causing them to be in contravention of PCI DSS requirements and potentially exposing cardholder data to unnecessary risk.

Note that PCI DSS does not supersede local or regional laws, government regulations, or other legislative requirements.

To find out more please contact us or download a copy of the PCI Data Security Standard (PCI DSS) pdf using the download button below.

NSL Telecoms

Quick Links

Home
Portal Logins
Faults
Codes of Practice
Contact Us

Services

DR Planning
Consultancy
Professional Services
Voice & Data Connectivity
Telecoms Acronyms
Telephone Numbers

Connect With Us

0345 678 6646
NSL Telecoms are pleased to be part of the FCS
NSL Telecoms are proud members of the UKCCF

Quick Links

Home
Portal Logins
Faults
Codes of Practice
Contact Us

Services

DR Planning
Consultancy
Professional Services
Voice & Data Connectivity
Telecoms Acronyms
Telephone Numbers

Connect With Us

0345 678 6646