Tighter Security for the Call Center
Verint Systems announced today optional security enhancements to its workforce optimization suite Impact 360. Leveraging RSA’s Key Manager technology, which typically provides encryption services at the application and database levels, Verint has added another layer of security over audio files collected during contact center interactions.
This addition is a response to Payment Card Industry Data Security Standards (PCI DSS), established in January 2005 to ensure sensitive data like credit card numbers, customer names, and expiration dates are secured within a merchant’s environment.
"What we’ve seen over the past couple of years is a focus on encrypting data at the database level or application level," says Dave Howell, RSA’s senior manager of solutions marketing. "And now they’re looking at other parts of their environments that might store numbers in a less-than-expected format, which is audio."
Security at the database and application levels are strictly regulated by auditors and, according to Verint’s principle consultant Kristyn Emenecker, that concern is now trickling down into the call center environment. "People are starting to realize now, and I think we’re at the beginning of the curve, is that sensitive information is contained within their call recordings, and that presents a potential liability," says Emenecker. She cites a British televised investigative report in which an undercover journalist was able to purchase credit card information from call center operatives in India.
Verint Witness Actionable Solutions, which records phone conversations with customers, pauses audio capture when sensitive information is uttered. Call center managers hear an audio logo so they know the call hasn’t simply been dropped.
Emenecker cites roughly a dozen early adapters of the solution—mostly large banks and telecom companies—and claims there’s a great deal of interest.
"The credit card companies who created the PCI standard are holding to the fire first," she says. "The big, big banks and telecom companies. That will trickle down and I expect we’ll see the tier-two or tier-three companies deploy in the near future."