PCI DSS 'Payment Card Industry Data Security Standard' applies to UK businesses that accept credit card payments. The regulation is in place to ensure that cardholders data is hosted securely with a PCI compliant provider. Banks and Merchants are fining businesses that do not meet the payment standard.
Many business owners are not aware of PCI Compliancy and what it means. Instead they continue with their daily business, processing card payments unsecurely and facing fines from their bank or merchant provider. In order for a business to become PCI DSS complaint, a Level-1 MOTO payment solution must be integrated to take payments in an encrypted environment.
Telecoms World can provide secure a PCI Compliant gateway for processing payments over the telephone. There are a number of solutions for inbound and outbound calls using the telephone keypad (DTMF Keys) a website link sent via SMS or email, which allow funds to be transferred without the caller disclosing card details, or the information becoming visible to the call agent.
Avoid banking charges with the latest PCI Compliancy gateway for MOTO payments. Organisations commonly use a PDQ machine to take payments from face-to-face clients, the transaction is taken using the clients card information and the payment value. If a payment is made over the telephone using this method, then the payment is not PCI compliant and fines could be incurred. Our Secure Payment Gateway ensures that the transaction is safe, encrypted and prevents any non-compliancy charges to the business.
Install and maintain a firewall configured to protect your payment data. Our level-1 PCI compliant PDQ payment router or telephone gateway protects all security parameters.
Ensuring that the highest PCI compliancy level of hardware or connection must be supported by skilled staff understanding the vulnerabilities of handling your client's payment data.
An estimated £10 million is mishandled and sensitive client information is leaked across the internet each and every year. The PCI compliant solution ensures that this figure is decreased year on year.
No business handling payments is exempt from this fine, currently standing at 4% of annual turnover. Ensuring that your business is PCI compliant will stop the 4% fine and any future fines.
Calls are delivered into a secure environment from your existing phone line or phone system. Once within the cloud your client can make immediate payment to your bank account. You simply enter their payment details including the amount to be paid and then transfer the call to the Compliant Cloud, allowing your client to enter their credit card number using their telephone keypad. The call is then returned to the operator to finish the call; which is all compliant with PCI DSS.
Card fraud and payment card breaches are an ongoing battle for the banks so PCI compliance is a top priority for merchants and businesses that process electronic payments. There are approximately 288 PCI DSS controls that companies need to comply with in order to protect not only data at rest, but also data in transit. The consequences of not being PCI compliant could cost up to £10,000 which is levied by banks and credit card institutions.
There are two main ways that merchants are asked to demonstrate their compliance with PCI: Merchants may either indicate compliance by working through a self-reporting checklist on their own, or they may be required to undergo a full audit by a certified third-party security expert known as a Qualified Security Assessor.
Introducing Telecoms World Compliant Cloud, which creates a secure environment over the phone where your clients can disclose their bank details without their data ever becoming visible to an operator, or passed through company hardware. By simply transferring a caller to the Compliant Cloud, the caller is passed back to the operator through a secure connection. Now when the caller taps in their details, the data is being encrypted with only the notification of completion being made visible to the operator. Once the transaction is complete the funds are sent directly to your account without ever passing through your company’s hardware or being visible to staff.
If you decide to undergo a full audit by a certified third-party security expert, or ‘Qualified Security Assessor’, you may receive a detailed report on compliance and/or attestation of compliance from the assessor.
There are 4 levels of PCI compliance based on each merchant’s card transaction volume. Level 1 is classed as the highest level of compliance, for those processing over 6 million card transactions annually through all channels (card present, card not present and eCommerce).
Although you do not need any specific security systems in place, you must ensure that you are proactive in maintaining a decent level of security across your business. This includes regular testing of your security measures such as anti-virus software and firewalls.
The best way to stay compliant is to perform regular system audits. Ensure that passwords are regularly updated, policies are kept up to date and employee training is maintained.