Call centres criticised for credit card policy
By UK CreditCards.com
UK call centres are keeping hold of recordings containing customers' credit card details, contrary to payments industry guidelines.
This is the key finding of new research from call recording firm Veritape, conducted to mark National ID Fraud Prevention week.
According to a poll of 133 call centres conducted by the firm, over 95% of those call centres that store customer transaction conversations are not deleting mentions of credit card details.
PCI DSS, a global security standard developed by payments firms, states that this sensitive information should not be kept.
Moreover, 61% of call centres told Veritape that they were not aware of these guidelines and 18% said that they were aware, but would not comply because of "technical or budgetary reasons." Another 11% were aware of the guidelines but were choosing not to follow them.
"What we have is a global industry standard that is routinely ignored by call centres throughout the UK," Cameron Ross, Veritape managing director, said.
"Hardware and software interventions are available that automatically delete credit card data from audio recordings."
Records of credit card-related conversations from call centres are highly useful to fraudsters, who can use the details to access accounts and steal money.
Published: 20 October 2009
- What protections do credit cards offer (besides Section 75)? – Section 75 is a well-known credit card protection, but it's not the only one. Here are some lesser-known defences ...
- Equifax reveals millions affected in data breach – Millions of records were accessed and hundreds of thousands are at high risk after the Equifax data breach ...
- Equifax suffers major breach - are you affected? – A breach at Equifax exposed details of millions of US consumers - and some UK consumers. Here's what you need to know ...