Sabio research suggests that UK contact centres are still unsure about the specifics of PCI payment card compliance

Over half of those surveyed were either non-PCI compliant or uncertain whether their centres met PCI data security standards

Highlights requirement for clearer insight into how to comply with PCI standards aimed at fighting credit card fraud

LONDON – 23 April 2009 – New research findings from Sabio, the innovative contact centre services and solutions company, has found that many UK contact centre operators are still unsure about the specifics of PCI (payment card industry) compliance standards and how they impact their customer transactions. The PCI Data Security Standard (DSS) is a set of industry-wide requirements and processes aimed at fighting credit and debit card fraud established by the leading card operators. According to data collected during Sabio’s recent UK seminar series, a third of respondents said their contact centre operations were still non-PCI compliant, while a further third were uncertain of their current PCI status.

“It’s estimated that fraud can potentially account for between two and three percent of the bottom line for financial services companies, with Card Holder Not Present Fraud currently proving a key challenge for payment card providers and their merchants. As an industry, however, the contact centre sector still has a lot of work to do in helping organisations to meet their PCI compliance obligations,” commented Adam Faulkner, Director at Sabio.

“The PCI standard is especially applicable to the contact centre environment, where many organisations are failing their PCI DSS compliance audits through the incorrect capture and storage of prohibited customer card data such as account PIN blocks and CVV2 security codes,” he continued. “This is obviously a particular concern for businesses that have to record their calls for FSA compliance reasons, but don’t have any means of consistently halting recordings during the exchange of sensitive payment card data.”

To help contact centre operators address the PCI challenge, Sabio’s credit card payment solution – Sabio Secure Payments – helps organisations meet both their PCI DSS compliant obligations as well as their FSA compliance monitoring requirements. Sabio’s solution combines self-service and call recording technologies to create the first truly integrated answer to this challenge. Sabio Secure Payments acknowledges that operators can’t rely on live agents to always halt interaction recording at the critical payment stage, so instead shields agents from the need to handle sensitive customer data (and exposure to potential fraud) by transferring customers to a secure, speech-enabled credit card payments line.

Using Sabio Secure Payments, consumers benefit from the security and re-assurance of not having to share their card account details, while contact centre operators will receive a rapid ROI as the cost of the solution can be quickly recouped through the productivity savings that are achieved by automating the caller verification process.