Vulnerability Despite PCI Third-Party Outsourcing

White Paper

Vulnerability Despite PCI Third-Party Outsourcing

 

Outsourcing PCI Compliance?

Enterprises whose contact centers handle credit card transactions typically utilize PCI-certified third-party payment processors to offload the regulatory hurdles and compliancy mandates dictated by the PCI Security Standards Council, the organization formed by the major card brands to monitor and ensure data security for card-based financial transactions.

Often contact centers believe that, because they use a third party for processing credit card payments, they are insulated and exempt from PCI mandates which can include costly annual audits and significant ongoing IT resource commitments. But there’s a hole in that thinking. According to the PCI Council, any business that touches any part of a communication involving a credit card transaction is considered “within scope” of rigorous PCI mandates — or face harsh financial consequences.

Read the full featured article by Govolution President, Greg Gentile.