If PCI guidelines are not strictly followed, business opportunities may be limited since many large firms will insist on evidence of this before awarding a contract.
London, UK (PRWEB) April 14, 2011
Whilst new guidelines have been produced to help call centres tackle card payment fraud, Phruit, a leading provider of telemarketing services, believes many may not be employing the right procedures and adhering to the guidelines properly. The PCI Security Standards Council cites that systems which store and record conversations - including card details - need to adhere to the guidelines to ensure personal financial information is protected.
David Coghill of Phruit, comments, “Companies outsourcing call centre services involving the taking of credit and debit card details need to be able to trust their service provider implicitly. They are entrusting the provider with the protection of sensitive information and ultimately their reputation. The consideration has to be, if a call centre lets you down and personal information is not held securely, what effect would this have on your company’s reputation and could your company survive such a security lapse?
“If, for example credit card details were stolen, the ICO (Information Commissioners Office) has the power to impose fines of up to £500,000. This is in addition to the credit card company’s penalty which could prevent you from being able to accept credit and debit card transactions in the future. In a call centre where a good proportion of the business is related to taking card payments, this could have a huge impact on business. Implementing the right procedures is important, as companies need to demonstrate that they are PCI compliant, preventing potential costly fines, as well as giving the benefit of reduced rates and fees.”
Phruit does more than just adhering to the guidelines and implements its own self-imposed security procedures. As well as daily rigorous checking of its own systems to ensure they are secure, it employs an external company to test the systems to safeguard against computer hacking. The offices where card payments are taken are also designated a ‘lockdown’ area – so staff working in that area are subject to rigorous security checks to ensure they have no instruments with which to record or remove sensitive personal details. Items such as paper, pens, pencils and mobile phones are not permitted and there is a clean desk policy.
Coghill added, “If PCI guidelines are not strictly followed, business opportunities may be limited since many large firms will insist on evidence of this before awarding a contract. In short, by not following the guidelines there could be a detrimental effect on those businesses providing call centre services. To operate outside the guidelines is a considerable risk, and I do not understand why any company within this industry would take such a risk.”
For further information about telemarketing services visit http://www.phruit.co.uk.