PCI Compliance

PCI Compliance | Asterisk Consulting

PCI Compliance at Asterisk Consulting

Asterisk Consulting is a PCI Compliant company catering for businesses seeking VoIP Systems and contact centre solutions throughout the UK and Ireland. When you consider that fraud can potentially account for between two and three percent of the bottom line for financial services companies, it's hardly surprising that payment card providers and their merchants are targeting issues such as Card Holder Not Present Fraud. That's why the leading card operators came together to create the Payment Card Industry Data Security Standard (PCI DSS) - a set of industry-wide requirements and processes aimed at fighting payment card fraud.

The main issue addressed by PCI compliance is data storage, making it an offence to store both the credit card numbers and three-digit security codes on premises, which together can be used to make fraudulent transactions.

The PCI standard is especially applicable to the contact centre environment, where many organisations are failing their PCI DSS compliance audits through the incorrect capture and storage of prohibited customer card data such as account PIN blocks and CVV2 security codes. This is obviously a particular concern for businesses that have to record their calls for FSA compliance reasons, but don’t have any means of consistently halting recordings during the exchange of sensitive payment card data.

The PCI Compliance Requirements

1.    Install and maintain a firewall configuration to protect cardholder data.
2.    Do not use vendor-supplied defaults for system passwords and other security parameters
3.    Protect stored cardholder data
4.    Encrypt transmission of cardholder data across open, public networks
5.    Use and regularly update anti-virus software
6.    Develop and maintain secure systems and applications
7.    Restrict access to cardholder data by business need-to-know
8.    Assign a unique ID to each person with computer access
9.    Restrict physical access to cardholder data
10.    Track and monitor all access to network resources and cardholder data
11.    Regularly test security systems and processes
12.    Maintain a policy that addresses information security for employees and contractors

Contact Us

IRL: 353 21 7011600
UK: 44 20 31356020
Connect on LinkedIn
Download our Brochure

Client Testimonials

Asterisk Consulting set up and established the optimum cost effective VOIP telephony system for our business: Asterisk Open Source! The partnership with Asterisk Consulting has not only delivered the best solution but has highlighted the importance of Asterisk, especially during a recession. We now have an enterprise-standards solution at a fraction of the equivalent proprietary cost that can be managed directly by Carlow County Council staff. As Asterisk can be used as a telephony platform to rollout full Unified Communication, phase two will include the integration of all our mobile devices as extensions on the asterisk telephone system and full IM functionality with presence, across the organization.