Feeds

Survey: Call centre data standards 'routinely ignored'

Poor practice creates 'vast reservoir of sensitive data'

Secure remote control for conventional and virtual desktops

More than 95% of call centres were found to store customers' credit card details in recordings of phone conversations in breach of industry rules, according to a survey conducted by a call recording technology company.

Veritape said that when it talked to 133 call centre managers, only 39% of them knew about industry rules against the storing of the information and just 3% of them wiped credit card numbers from recordings of phone calls. Veritape provides call recording services to the call centre industry.

"The routine practice of storing unedited audio recordings of calls is creating a vast reservoir of sensitive data on the servers of call centres across the UK, in direct breach of global industry standards drawn up by the Payment Card Industry Data Security Council," said a Veritape statement.

The industry guidelines are contained in the Payment Card Industry Data Security Standard (PCI DSS), which governs how companies should treat data, whether they be physical shops, websites or call centre sales operations.

Veritape pointed out that one clause of the Standard forbids the storing of the three digit verification number on the back of cards in transactions conducted remotely. "Sensitive authentication data must not be stored after authorization (even if encrypted)," says a footnote to the Standard highlighted by Veritape.

Veritape said that its survey of 133 call centre managers found that of the 97% who did not comply with this rule in relation to audio recordings, 61% did not know of the rule, 18% said it would be too difficult or expensive to comply, 11% were ignoring the issue and 6% were working to become compliant.

“What we have is a global industry standard that is routinely ignored by call centres throughout the UK,” said Cameron Ross, managing director of Veritape. “The storage of this actionable data creates a huge reservoir of sensitive information that is putting the financial resources of millions of people at risk."

Veritape said that its software records phone calls and can process data contained within calls, acting, it said, "as a powerful telephone search engine".

Copyright © 2009, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Choosing a cloud hosting partner with confidence

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.