Cyberattacks are increasing in both frequency and sophistication. With payment data remaining a much sought-after and lucrative commodity, the issue of compliance should be a priority for any organisation that processes credit and debit card data.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.
Any merchant or service provider that processes or transmits cardholder data must be compliant with the PCI DSS at some level – including when they take credit card and bank transactions over the phone.
However, research indicates that many companies are failing when it comes to PCI compliance. Fewer than 28 percent of organisations were 100 percent PCI compliant in 2019 – an 8.8 percent drop from the previous year. This indicates a lack of awareness of their responsibilities, or that these companies are unable or unwilling to invest in ensuring their compliance.
Voiceflex says it wants to make PCI compliance simple for end customers, and at the same time, take the cost out of the process.
As a result, it is now offering PCI compliance on a per user basis. This means it can offer a SIP trunk that is capable of taking a PCI-compliant credit card transaction. This could be over the phone where the customer taps in their digits, or Voiceflex can send a message via mobile phone for them to input their details to enable to transaction to go through.
“Nobody in the market, that we’re aware of, is doing this,” says Paul Taylor, Sales & Marketing director at Voiceflex. “We can put it on any of our SIP trunks. We can put it on Microsoft Teams, direct routing SIP trunks, and we can also put it on our new hosted application, Voiceflex Flow. It’s there now, and we can put it on the application.”
Peace of mind
Large enterprise banks and insurance companies will invest hundreds of thousands of pounds on ensuring their systems are PCI-compliant.
The Voiceflex solution now gives smaller companies the same peace of mind, says Taylor. “We want to be low cost, maximum uptake. If an organisation has 20 agents, they might take 20 SIP trunks with PCI compliance. They don’t have to spend thousands of pounds on equipment and having it monitored. It’s just a very simple connection,” he says.
This will ensure any size of company is able to demonstrate PCI compliance in the event of a data breach. In addition to potentially avoiding a costly fine it provides assurance to customers dealing with smaller companies, he adds.
“A customer will normally pay around £500 to deal with Barclaycard, Apple Pay or PayPal. With us, it’s just a monthly cost straight down the line.
“This also gives our resellers and potential resellers a conversation starter with their customers. It’s important for us because BT don’t do it, Gamma don’t do it and Vodafone don’t do it,” says Taylor.
“It’s only a simple application, but it provides the opportunity for anybody who’s connected to a traditional BX or SIP trunk in any format to provide PCI compliance for their customer base”
