Name: Breaking Down the PCI SSC’s New Guidance for Protecting Telephone-Based Payments
Start: 2019-03-14T11:00:00Z
End: 2019-03-14T11:00:46.000Z
Location: BrightTALK
Rating: 5

Semafone enables simple, fast, cost-effective PCI DSS compliance and data security for your contact center.

Taking payments over the phone is essential for many organizations. Customers need to know they can trust you with their sensitive personal information.

Semafone's signature solution Cardprotect makes it easy to tackle payment and data security issues in the contact center – without compromising on customer experience.

Consumers these days are savvy. They’re also a bit impatient. Constantly connected and with the world in the palm of their hands through their smartphones, they’ve become accustomed to instantaneous feedback to any issue that arises, especially with the businesses they transact with. They use a variety of channels to communicate, whether it’s email, SMS, webchat, social media, or IM, among many others, seamlessly switching from one to the next, and they expect brands to have the same ability.

For this reason, organizations must embrace a digital transformation and invest in omnichannel contact center solutions that allow them to communicate and collect payments via any digital channel to keep up with consumer demands. Learn from leading thought leaders in the industry in an exciting panel discussion how to do just that and more, including:

- How to embrace an omnichannel communications and payments strategy in your contact center
- Best practices for implementing a seamless customer experience between channels
- How to overcome common challenges along the way

Don’t wait – register now to reserve your spot!

The Omnichannel Contact Center: Implementing a Frictionless Payment Experience

Contact centers are the beating heart of organizations, serving as the frontline for customer communications and processing mountains of consumer data. However, with the passing of the California Consumer Privacy Act, new scrutiny will be placed onto the data security procedures of organizations processing the data of California citizens, presenting difficulties, as well as opportunities, for contact centers.

Is your contact center prepared to comply with the CCPA? In this webinar, Semafone will be joined by data privacy expert, Thomas Chisena from Foley & Lardner LLP, where we’ll lay out a blueprint for contact centers to lead their organization’s compliance efforts, based on best practices for existing privacy legislation such as the GDPR and PCI DSS.

We’ll cover the following:

•The main provisions in the CCPA, what they mean, and how they apply to your company
•Proposed amendments to the legislation that you need to pay attention to
•An action plan of data security best practices to help your contact center comply

Presenters
Thomas Chisena, Associate, Foley & Lardner LLP
Thomas Chisena is an associate with Foley & Lardner LLP, where he advises on all matters involving intellectual property and technology transactions, including licensing, procurement, outsourcing, and other technology law issues affecting companies of all sizes. He also advises on cybersecurity and privacy issues affecting all industries, including state, federal, and international laws and regulations. Prior to joining Foley, Mr. Chisena was an associate at an AmLaw 100 Boston-based law firm, where he focused his practice in the areas of intellectual property litigation, technology, and cybersecurity.

Aaron Lumnah, Senior Manager, Demand Generation

Aaron is a member of the Semafone marketing team, where he regularly contributes to the Semafone blog and authors many types of content around payment security, PCI DSS, and GDPR compliance.

California Consumer Privacy Act: How Contact Centers Can Lead Compliance Efforts

For any healthcare organization, the contact center is a major hub for patient communications, whether it’s processing a great deal of Protected Health Information or collecting payments for billing purposes. With healthcare organizations suffering the most data breaches of any industry, it’s never been more important to take the proper precautions to protect the contact center and prevent fraudsters from stealing this sensitive information.

While there isn’t a cure-all solution just yet, there are a number of steps healthcare organizations can take to secure their contact center and cut down the risk of a data breach. Join Semafone and InstaMed for an insightful webinar where we’ll offer a prescription to cure the data breach epidemic and better protect healthcare contact centers. We’ll cover:

- Common insider threats found within healthcare contact centers 
- Prevalent vulnerabilities unique to healthcare organizations
- Innovative solutions to secure payments within your contact center

Register now to reserve your space!

PCI DSS Compliant Payments: A Prescription to Secure Healthcare Contact Centers

With the recent release of the PCI SSC's updated guidelines for protecting telephone-based card payments, it has never been clearer that attaining PCI DSS compliance inside the contact center is a complex and onerous task for any organization. For the first time in seven years, the Council has clarified many previously misinterpreted  controls required for in PCI DSS compliance, resulting in increased scope (and all its associated risks) for many contact centers

One major clarification the guidance makes is targeting pause-and-resume call recording solutions and the potential for cardholder data to make its way onto recordings, thus breaching compliance.

Join Semafone and BT for an insightful webinar where we’ll cover the following:
 
- The deficiencies of Pause-and-Resume call recording solutions for PCI DSS compliance
- The additional onerous controls QSAs will mandate for organizations using this technology
- A better way to secure your contact center and keep cardholder data off call recordings 

Register now to reserve your space!

New PCI DSS Guidance: Highlighting the Deficiencies of Pause-and-Resume

Over the last seven years, the technologies used by call and contact centers to communicate with customers and complete card transactions have changed drastically. Networking methodologies like VoIP have since become widely adopted, while the number of applications organizations employ to process customer information has risen dramatically. For this reason, the PCI SSC recently released their highly anticipated updated “Guidance for Protecting Telephone-Based Card Payments” for the first time since 2011, offering several much-needed clarifications for organizations looking to achieve PCI DSS compliance inside their contact centers.

Join Semafone and Sec-1 Ltd. for this insightful webinar into the most pertinent changes, featuring two of the members of the PCI SSC’s Special Interest Group – Ben Rafferty, Chief Innovation Officer at Semafone, and Wayne Murphy, Senior Security Consultant at Sec-1 Ltd. We’ll cover the following:

• How to avoid scope-creep inside the contact center during PCI DSS compliance
• How Pause and Resume call recording solutions create more problems than they solve
• How most 3rd party services are now in scope for PCI DSS compliance
• How devices that control SIP Redirection are now also in scope

Breaking Down the PCI SSC’s New Guidance for Protecting Telephone-Based Payments

With the Holiday Shopping Season now upon us, consumers are opening their wallets in earnest, with some estimates putting spending at over $1 trillion in the US alone. Brands everywhere can expect to see a huge spike in sales, and along with it, an increase in payment fraud. Not only does the influx of transactions make it harder to detect fraudulent activity, but swarms of temporary seasonal workers can become insider threats that compromise an organization’s security procedures.

Join Semafone and PayJunction for an insightful webinar where you’ll learn the following:

- Why payment fraud spikes during the Holiday Season
- Ways to train and properly vet seasonal workers to ensure security
- How to implement technology solutions to help cut down on fraud rates during this holiday season

Make sure to reserve your seat by registering now!

Protecting Payments During the Holidays: Your Guide to Prevent Credit Card Fraud

Healthcare call and contact centers face some tough challenges when it comes to data security. In fact, healthcare data breaches are reported at a rate of more than one per day in the US alone, exposing patients’ personally identifiable information (PII)—from medical records to payment card data and beyond—to the wrong people.

Earlier this year, IBM published their 2018 Cost of a Data Breach Report, which stated that, for the 8th year in a row, healthcare organizations had the highest costs associated with data breaches—$408 per lost or stolen record. That’s nearly three times higher than the cross-industry average of $148.

These challenges are not unique to the healthcare sector. All call and contact centers face similar obstacles and need to consider if their Payment Card Industry Data Security Standard (PCI DSS) compliance strategy is sound.

Join Genesys, Semafone and Sutter Physician Services (SPS) in this webinar to learn how SPS:

• Overcame IVR frustration, improved customer service and reduced abandoned call rates
• Increased customer data security—no need to verbalize card data
• De-scoped for PCI DSS

Reserve your space now.

Curing the PCI DSS Headache for Contact Centers with Sutter Health and Genesys

On May 25, 2018, the  European Union's General Data Protection Regulation (GDPR) went into effect, becoming the world's strictest and most comprehensive data protection legislation. Companies around the world, regardless of whether they are physically located within EU borders, had to meet compliance requirements if they process the data of EU citizens, creating a huge headache for any organization running a call or contact center.

For contact centers that have troves of sensitive customer information, GDPR compliance can easily become a massive undertaking. However, using preexisting tried-and-true frameworks like the PCI DSS, companies can relieve the burden of meeting compliance obligations.

Join Semafone and NCC for this informative session, where you'll learn:
- How to achieve GDPR compliance in your call or contact center
- How to use existing data security frameworks like the PCI DSS to simplify compliance efforts
-  How to improve data security inside your contact center while enabling a more seamless customer experience

Additionally, registrants will receive a free copy of Semafone's GDPR Guide for Contact Centers.

Reserve your space now!

About Jay Trinckes:

John ‘Jay’ Trinckes, Jr., CISSP, CISM, CRISC, HITRUST CSF Practitioner leads NCC Group’s healthcare practice by assisting clients in managing their IT risk to ensure they are not subject to cyber-attack along with helping them validate their compliance with IT regulations such as HIPAA. Jay is the author of three books, “How Healthcare Data Privacy Is Almost Dead…and What Can Be Done to Revive It! (2017), "The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules" (2012), and "The Executive MBA in Information Security" (2009), and has a wide range of experience in computer networks, vulnerability and penetration testing, security, compliance, and risk assessment.

GDPR Compliance for Contact Centers: Using PCI DSS as a Proven Framework

In this session, we cover the newest payment methods organizations are using, and we'll discuss how executives plan the move to more secure and convenient ways to receive consumer payments. We'll also include exclusive research from Ovum!

Key Takeaways:

- Learn about the top ten new ways to pay
- Steps executives are taking to increase security
- New payment method that could reduce the number of PCI controls in your call center by up to 90%

Top 10 New Ways to Pay

PCI DSS compliance and data security is a perennial challenge for any organization, especially for those operating contact centers. With potentially hundreds of PCI controls to keep track of, it's easy for things to get lost in the mix.

When tackling compliance and cybersecurity issues, it's a common mistake to only focus on the organization's IT infrastructure, and neglect to examine the people and underlying processes handling sensitive customer and payment card data.

Join us in the webinar and you'll learn how to:
- Take a more holistic approach to PCI DSS compliance inside the contact center
- Understand the flow of information through your contact center & how people and processes touch payment card and sensitive customer data
- Create an action plan to reduce risk and achieve PCI DSS compliance once & for all

It’s Not Just Your IT: Why People & Process Matter for PCI DSS Compliance

Any company that takes payments over the phone must comply with the requirements of the Payment Card Industry Data Security Standards (PCI DSS), and all the costs and headaches that come with it. 

Learn about how to achieve PCI DSS compliance for your entire contact centre, and how to reduce the amount of applicable PCI DSS controls in your business infrastructure.

How to Descope Your Entire Contact Center for PCI DSS Compliance

Make no mistake—it isn't a question of if your company will be breached, but when. 

However, with such high rates of security incidents occurring, many organizations choose to put off implementing the right data security measures until it's too late.

Watch this informative on-demand webinar featuring some of the leading experts in the IT and payments security spaces where we'll cover:

- The various risk factors that threaten organizations—from both outside and within
- What happens to companies after a data breach
- How you can avoid a data breach of your own by complying with security frameworks like the PCI DSS

Additionally, you'll learn how to increase customer service and satisfaction, while reducing the associated security costs.

Improving Cybersecurity in the Contact Center: How to Prevent a Data Breach

Companies today must navigate a minefield of compliance and regulatory challenges, especially in highly regulated industries where call recording in contact centers is standard, if not a mandated requirement. At the same time, standards like the PCI DSS uphold that no Sensitive Authentication Data (SAD) from payment cards may be recorded at any time, creating a conundrum for companies trying to maintain full call recordings.

Although Pause & Resume call recording methods have become a widely used contact center practice, it does not necessarily deliver guaranteed or robust PCI DSS compliance. In fact, these solutions often cause more problems than they solve – and these flaws can result in systemic governance failures.

Watch this informative webinar featuring some of the leading experts in the financial services and payments security spaces where we'll cover:

- How to juggle multiple industry and payment security regulations
- Why techniques like Pause & Resume call recording don't fully meet compliance standards
- Alternative solutions to keep payment data completely out of the contact center

Additionally, you'll learn how to increase customer service and satisfaction, while reducing reducing the associated costs of PCI DSS compliance.

PCI DSS for Contact Centers: Perils & Pitfalls of Pause & Resume Call Recording

With cyberattacks happening with greater frequency every year, and the average cost of a data breach at $4 million in 2016 according to the Ponemon Institute, it has never been more important to ensure your organization is following security best practices to prevent a breach of its own.

View now for an informative webinar featuring some of the leading experts in the PCI compliance and call center payments spaces where we'll cover:

- The main components of PCI DSS and how they affect the call center
- Ways to reduce the time and cost of achieving PCI compliance
- How to protect your organization against payment fraud and the associated reputational risk

Additionally, you'll learn how to eliminate the need for customer cardholder data to be handled by your contact center agents or held in your contact center infrastructure, while improving customer service and satisfaction.

PCI DSS Compliance & Your Call Center: The Do's and Don'ts of Scope Reduction

Information Security in FinTech and Financial Services Sector

Fraud Reduction: A Canadian Approach

Trends in AML and KYC for Financial Services

5 Ways Fraudsters Fake IDs and how your face can stop them

AML and KYC: Best practices for the new era of compliance and security

Increase Access Protection Without Raising User Disruptions

Enabling Digital Transformation: Best Practices for Authentication

Impersonation and Personal Data: Securing and Protecting Financial Services

Digital Identity Verification: The Foundation for Onboarding and Authentication

Data Protection On-premises, and in Public and Private Clouds

To Be, To Have, To Know - Smart Ledgers & Identity Authentication

Will Post PSD2 be Post-Apocalyptic for Traditional Financial Services?

Beyond Managed Security: Why SOC-as-a-Service is Key for Financial Institutions

You’re PCI Compliant. But Are You Secure?

The Future of Financial Services Security

Blockchain or Bust? The Pros and Cons of using Blockchain in Financial Services

PSD2: Best Practices for Compliance and Risk Mitigation

Security and Risk in FinTech and Financial Services 2019

PCI DSS

PCI Compliance

PCI Security

PCI Standards

Payment Security

Cardholder Security

Payments

Call Center

Contact Center

PCI SSC

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Internal audit and compliance professionals are facing increasingly stringent regulatory requirements when it comes to compliance reporting and internal control procedures. Join the audit and compliance community to learn best practices from thought leaders on topics such as regulatory compliance, internal audit checklists and audit program strategies.

Audit and Compliance

Join this new, vibrant community to learn and connect with top thought leaders, startups and banks who are disrupting the financial services industry. Keep up with the latest news and trends in Fintech and take part in lively debates on topical issues and challenges.

Fintech

The accounting and finance community on BrightTALK features presentations from leading accountants and finance professionals. The accounting community includes tax planning strategies, QuickBooks webinars and other accounting webinars, while the finance community features presentations on financial capital regulations and forensic data analytics. Join the conversation by attending live financial and accounting presentations and connecting with industry thought leaders.

Breaking Down the PCI SSC’s New Guidance for Protecting Telephone-Based Payments

Presented by

About this talk

More from this channel