PCI DSS Call Recording

PCI Compliance WhitepaperMaintain compliance with our Payment Card Industry Data Security Standard (PCI DSS) call recording solution.

CallCopy's PCI DSS call recording bundle is designed to enable easy compliance with legal requirements. Flexible and secure call recording, secure storage and data management, and easy retrieval add up to a solution that helps organizations easily reach and comply with industry regulations.

PCI DSS requires that all companies that process, store or transmit credit card information must maintain a secure environment. CallCopy helps your organization ensure compliance via our PCI DSS call recording bundle.

CallCopy’s proven PCI DSS call recording bundle offers several unique features/components for PCI DSS call recording, including:

  • Cardholder Data Protection – provides access to audio and/or screen recordings based on company-defined user rights.
  • File-level Encryption – offers on-the-fly encrypted storage for video and audio files, meaning that no stored data can be read (decrypted) without the correct password/keyfile(s) or encryption keys.
  • Network Encryption – provides SSL encryption for all client-server communications – both in recording and playback mode. We can also provide encryption for all recordings stored in our system.
  • Blackouts – PCI DSS compliance recording requires that card security codes (CID, CAV2, CVC2, CVV2) are not stored. This feature offers start and stop triggers to define the beginning and end of a period within a call that contains this information, effectively pausing the recording of both voice and screen.
  • User Security and Audits – provides an extensive activity tracking system, supported by a database of all system activity. Managers can conduct full trace audits to determine who has accessed any recording in the system for playback, export or any other critical functions.

Restrict Access to Data

CallCopy's PCI DSS call recording bundle has a robust permissions feature set to allow granular security controls around access to and exporting of audio and screen recordings. CallCopy also provides a file hash audit trail to ensure that recordings remain intact and unaltered.

Network Encryption for PCI DSS Call Recording

CallCopy’s PCI DSS call recording bundle includes SSL encryption for all client-server communications, both in recording and in playback. We can also provide encryption for all recordings stored in our system.

More About PCI DSS Call Recording

The Payment Card Industry Security Standards Council (PCI SSC) was launched in 2006 by leading financial services firms including American Express, Discover Financial Services, JBC, MasterCard Worldwide, and Visa International. While the PCI Security Council established and maintains the Data Security Standards (DSS), each card brand still manages its own compliance programs. If you have questions or concerns regarding your company’s compliance status or the risks and penalties for falling out of compliance, we recommend you contact the payment brands you are contracted with.

To learn more, visit www.pcisecuritystandards.org.