This report represents a major update to our research last conducted in 2016, and it couldn’t be more timely. Payment card data security has never been more of an issue and call centers are increasingly seen as the weakest link for organizations, vulnerable to fraud on multiple fronts both from outside and within.
New PCI DSS guidelines for contact centers have just been published by the global PCI Security Standards Council (PCI SSC), updated for the first time since 2011 and bringing them up to date with the numerous technological developments there have been since they were first published. The implementation of GDPR in May 2018 has also led organizations to think more about the security of the personal data that they store, as well as leading to wider consumer awareness of issues surrounding data security.
Our research shows that consumers are growing ever more concerned about payment card security when paying over the telephone and that expert advice is moving away from recommending the use of mitigating controls such as pause and resume and white rooming, towards the emerging new standard of DTMF masking or ‘keypad payment by phone’.