Select Page
February 26, 2022

PCI Compliance: Top Challenge of 2022?

Share this story

Contact Center Executives Indicate PCI as a Top Challenge

Facing Tougher Security Requirements, Contact Centers are Finding Ways to Offload Costs

In a Q4’2016 industry survey* of 2k+ contact center executives that manage inbound or blended operations, a growing majority indicate that PCI security is a top challenge as shown in the diagram on the right.

Why is PCI such a prominent focus for contact centers this year?

Mounting PCI Audit Scrutiny Threatens PCI Re-Certification

Pressure of PCI audits and their focus points continue to mount and evolve each year with version 3.2 looking to be one of the toughest. For contact centers to confidently re-certify their PCI 3.2 accreditation, they are likely required to take on the equivalent of a major renovation of their infrastructure with a corresponding cost that can range from $100k’s at the very low end to millions at the high end. An effort many are ill-prepared to take on.

Let’s take a look at why, and more importantly, how to avoid it.

Mounting Scrutiny = Mounting Costs = Mounting PCI Risks

There is no doubt that a changing consumer base is putting pressure on regulatory bodies like the FTC to enforce stricter security standards. What once may have been given a pass may now result in a fail. The bar for encryption standards and intrusion detection programs are prime examples. Encryptions must now be ensured for both data in transit and at rest while intrusion detection programs must cover a much wider reach. Joe Gray, an enterprise security consultant, summarizes this trend in his summary of the evolution of PCI up to the latest version, 3.2.

“The PCI Council has resolved to continue to strengthen its controls as threats and technology change. Expect to see PCI grow in the following years as credit card data is still a lucrative target for attackers”

How much would it cost to keep up with these changes?

Be Prepared for the Sticker Shock….

To confidently meet both the basic and broad PCI requirements in the coming year, contact centers must examine and update every aspect of their ecosystem that may fall under the growing scrutiny of PCI – from storage system encryption, to in-transit encryption, to agent hardware controls.

This will require significant changes at both the hardware and software levels of a contact center’s complex and multi-layered application and database network – a project scope that easily and very quickly add up to a million dollar or more hurdle.

Facing such budget pitfalls, there is no doubt why the industry is concerned.

The Never Ending Rabbit Hole of Security……

Not to mention, these requirements must be updated for each contact center location – compounding the costs and risk of ensuring security.

But most challenging of all, like any regulatory requirement, if or when these updates are finally made across the network, it is more than likely required to change again during the next review cycle. SRTP, or in transit encryption protocols for example, are already set for changing in the coming year. Making security in today’s age a never ending rabbit hole of cost and time.

It is therefore no surprise that contact center executives view PCI as a top challenge.

Offloading the PCI Burden with Cloud

The inherent challenges presented by PCI certification is a prime driver behind the rapid decline in hardware investments – it simply costs too much to adapt.

As a result, it is no surprise that our recent Q4’2016 survey results mimic numerous other surveys that note the increasing adoption of cloud, which is especially prominent in inbound and blended segments as shown in the diagram on the right

In addition, another recent survey by SkyHigh** shows an increasing majority of IT leaders, 64.9% to be exact, believe cloud is as, or even more secure than on-premise solutions when it comes to managing key systems of record.

Introducing a Cloud Based, Plug-and-Play Approach to Security

LiveVox, a leading cloud contact solution provider at the forefront of the PCI effort, is significantly reducing the cost of security with a cloud plug-and-play PCI platform and cutting edge capabilities. With a plug-and-play approach, businesses can essentially offload a vast majority of the original costs into a simplified pay-per-use model.

In addition, LiveVox’s cloud innovation model provides quarterly releases that helps ensure the latest security standards are met with each revision.

LiveVox’s cloud platform is not only a Level 1-PCI certified platform that handles the latest encryption requirements, it takes security one step further with new features such as PCI-focused payment IVR, Secure Payment Capture. Secure Payment Capture automatically locks down the agent leg, both key audio and visual aspects of a payment interaction, closing a material gap in payment risk exposure.

With LiveVox’s cloud approach to PCI security:

  1. Key encryption requirements are handled via LiveVox’s PCI certified platform
  2. Call recording is paused during the payment transaction
  3. Agents cannot see key payment information
  4. Agents cannot hear payment information
  5. PCI security is automatically transferred across all locations

This approach reinforces the strategic advantage adoption of cloud presents for many contact centers. Innovative features such as Secure Payment Capture assist in reducing the cost of ensuring security. Instead of allocating resources and time chasing down the never ending security rabbit hole, learn more about how LiveVox’s cloud solutions can help offload the cost of securing your operation.

To learn about more ways to help address your concerns around the costs of managing security, speak with one of our technology experts today.

*Q4016 survey participants were provided 10 choices of top challenges and were not limited to the number of choices entered.
**Skyhigh Survey of IT Leaders, “The Cloud Balancing Act for IT Between Promise and Peril”

Keep Up-To-Date on the Latest Contact Center News

Subscribe to our newsletter and stay current on all the latest technological advances in the contact center space.

About LiveVox

LiveVox (Nasdaq: LVOX) is a next generation contact center platform that powers more than 14 billion omnichannel interactions a year. By seamlessly unifying blended omnichannel communications, CRM, AI, and WEM capabilities, the Company’s technology delivers exceptional agent and customer experiences, while helping to mitigate compliance risk. With 20 years of cloud experience and expertise, LiveVox’s CCaaS 2.0 platform is at the forefront of cloud contact center innovation. The Company has more than 650 global employees and is headquartered in San Francisco, with offices in Atlanta; Columbus; Denver; New York City; St. Louis; Medellin, Colombia; and Bangalore, India. To stay up to date with everything LiveVox, follow us at @LiveVox or visit livevox.com.

To stay up to date with everything LiveVox, follow us at @LiveVox, visit www.livevox.com or call one of our specialists at (844) 207-6663.

You May Also Like

Cloud-Based Contact Center Solutions Buyer’s Guide

Cloud-Based Contact Center Solutions Buyer’s Guide

A contact center relies on its software to be able to deliver effective customer service and old legacy technology, with on-premise hardware may be hindering the way customers communicate with your company and vice versa. If you have been considering upgrading, then a cloud-based contact center solution is undoubtedly the right choice due to its advanced functions and scalability.

read more
What is a Power Dialer?

What is a Power Dialer?

Dialing technology has changed over time, as automation has taken over and made phone calls more efficient for agents to initiate. Businesses rely on calling campaigns to help reach goals and increase profits through telemarketing. This means agents in the contact center need to proactively call people to advertise to them. That is why it is essential that businesses implement the right resources and software to help maximize efforts.

read more
IVR Phone Systems: Pricing, Comparison, and Benefits

IVR Phone Systems: Pricing, Comparison, and Benefits

Some of most customers’ least favorite parts of doing business with a company include calling them and being put on hold for long periods of time, ultra-sensitive voice response prompts set off by the neighbor’s dog barking, and getting routed to the wrong department after an hour of being on hold.

read more