Traditionally, in an IVR environment, as the consumer reads their payment card information over the phone to complete a payment, this information is digitized and stored within the Call Center Solution call recordings for quality assurance, remittance, verification, or other reasons. This creates PCI scope issues, and more recently risk issues because call recordings are searchable, for the merchant or service provider which introduces tremendous overhead and cost from a compliance standpoint. Add to the complexity of the situation, most of these types of software packages are tremendously expensive and configured specific to a call center flow which has proven positive for customers. Changing these environments or purchasing additional modules and components, while possible, generally come at a cost to the merchant or service provider. Using TokenEx, our customers have been able to reduce PCI scope in varying degrees and absolutely
Using TokenEx, our customers have been able to reduce PCI scope in varying degrees and absolutely reduce risk by leveraging our platform to tokenize data before it is ingested into other parts of the Call Center environment or other downstream systems. Customers have leveraged the ability to make web service call from the IVR environment to tokenize data so downstream applications and systems only receive tokenized data. This only leaves a small number of devices in scope for PCI. For more information and strategies around achieving PCI compliance or reducing risk by eliminating sensitive data sets from IVR environments, please contact TokenEx.