Two-thirds of call centres put sensitive data at risk

Sensitive data is being put at risk in two out of three UK call centres because of a lack of awareness of data security standards. In a survey carried out by audio recording specialists Veritape among 133 call centre managers, 61 per cent said they were unaware of the stipulations of the Payment Card Industry Data Security Standard covering credit card numbers and security codes.

Clause 3.2.2 of the PCI DSS states: “Do not store the card verification code or value (three-digit or four-digit number printed on the front or back of a payment card) used to verify card-not-present transactions.”  The standard also states:“Sensitive authentication data must not be stored after authorisation (even if encrypted)”.

Yet this information is being widely retained, typically in the recordings of calls during which numbers and security codes are requested from callers. In 19 out of 20 call centres surveyed by Veritape for a white paper, “The Great Credit Card Gamble”, transactional recordings do not delete or mask these details.

“What we have is a global industry standard that is routinely ignored by call centres throughout the UK,” says Cameron Ross, managing director of Veritape.  “The storage of this actionable data creates a huge reservoir of sensitive information that is putting the financial resources of millions of people at risk. Despite clean desk policies and the use of encryption, successful hacking incidents are rising steadily.”

In addition to a lack of awareness, 18 per cent of call centre managers said they were aware of the standard, but couldn’t comply because of technical or budgetary reasons. These included the administrative complexity of safely discarding recorded credit card details. Another 11 per cent were aware of PCI DSS but were ignoring it. Only 6 per cent were both aware of the standard and working towards compliance, while just 3 per cent were fully compliant.

Latest from Marketing Week

NOT REGISTERED? IT'S FREE, QUICK AND EASY!

Access Marketing Week’s wealth of insight, analysis and opinion that will help you do your job better.

Register and receive the best content from the only UK title 100% dedicated to serving marketers' needs.

We’ll ask you just a few questions about what you do and where you work. The more we know about our visitors, the better and more relevant content we can provide for them. And, yes, knowing our audience better helps us find commercial partners too. Don't worry, we won't share your information with other parties, unless you give us permission to do so.

Register now

THE BEST CONTENT

Our award winning editorial team (PPA Digital Brand of the Year) ask the big questions about the biggest issues on everything from strategy through to execution to help you navigate the fast moving modern marketing landscape.

THE BIGGEST ISSUES

From the opportunities and challenges of emerging technology to the need for greater effectiveness, from the challenge of measurement to building a marketing team fit for the future, we are your guide.

PERSONAL AND PROFESSIONAL DEVELOPMENT

Information, inspiration and advice from the marketing world and beyond that will help you develop as a marketer and as a leader.

Having problems?

Contact us on +44 (0)20 7292 3711 or email subscriptions@marketingweek.com

If you are looking for our Jobs site, please click here