18 01732 759725 COMPLIANCE Are you sure your customers are PCI-compliant? Scott Rixon, UK Solutions Director at Evolve IP, highlights major reseller opportunities around payment card information changes that came into force earlier this year. Significant reforms have come into force that change the game around payment card information (PCI) protection. Ignoring the rule changes could expose organisations to sanctions, fines, irreversible reputational damage and loss of customers. In March, PCI 4.0 was put in place by the UK government, requiring all businesses to have an evidence-based process for over-the-phone card payments. Companies now need to prove they are complying with the new regulations by providing real-life data and proof, rather than just verbally defending their business processes as they have done in the past. Moving to this model involves a fundamental shift in business practices and processes, and from the feedback we’ve been getting, it seems many businesses haven’t yet taken this on board, creating a massive opportunity for resellers to educate their customers and increase revenue. The regulations went live more than six months ago and any business audited since then will have been questioned about their compliance. Any business that has not yet been audited will need to make important changes if they are to avoid fines that already run into millions of pounds. Fully compliant It’s not just the risk of fines that businesses need to worry about. As awareness of PCI 4.0 grows, individuals that give credit card details over an unsecured line, perhaps to pay for a car MOT, place a deposit for a restaurant booking or order some flowers, will simply take their business elsewhere. I’m confident that there’s a huge number of companies across a whole range of industries that are currently not compliant and, in many cases, not even aware of the changes. Big organisations are likely to have compliance teams in place to ensure the new rules are met. Not so businesses at the smaller end of the market. With limited knowledge and resources, they are most exposed and least able to make the necessary changes. This is where resellers can come to the rescue by recommending a cost-effective solution that is not only easy to install but gives businesses the tools they need to stay fully compliant once up and running. No longer viable In most cases, the previous ‘Pause and Resume’ model, where credit card details were not recorded when taking payments over the telephone, is no longer fit for purpose. For me, it was never a perfect solution. It is notoriously unreliable and set up requires a manual procedure, giving space for human error and impacting the customer experience. Anyway, call and contact centre staff still hear the details and might key personal information into another system or write it down to double-check it’s correct (on paper that needs to be destroyed). Equally, in a world where we all walk around yelling into our mobile phones, the person giving their card details is at risk of being overheard, especially if they are in a public place. What’s in scope? The whole PCI compliance issue is about what’s in scope, and there’s a massive amount for businesses to consider and for auditors to look at and assess. It’s no longer good enough just to say ‘we have a process’. Organisations need to prove they are operating correctly and provide evidence they are doing so. This is a huge swing. Imagine having to prove every single pause and resume call hasn’t been compromised. It would be so time-consuming and almost impossible to do. Compliance made easy As a white-label service provider, Evolve IP believes solutions should work for everyone. That’s not always been the case with PCI. Some PCI solutions require a minimum deployment of, say, 50 users which simply isn’t viable for small independent businesses. Others need to be able to scale up to meet the needs of larger enterprises. It is also the case that payment models for certain services are sometimes based on a low cost of entry and higher transaction fees. Evolve IP’s Secure Call solution provides an alternative that avoids these excess costs and ridged pre-packaged software offerings. It’s become a powerful addition to our Anywhere Product Suite. From one person to one thousand, it’s simple to set up and has been rigorously tested by our technical team. Traction is building and our resellers are seeing the opportunities with this technology. Any business taking card payments needs to have confidence in their processes so that they can sleep at night! Resellers can make money whilst protecting their customers. Ensuring compliance is a win-win for everyone. Evolve IP boasts an international carrier-grade Unified Communications platform. It delivers integrated, remote workforce technologies that enable employees to work anywhere – remotely and securely from any location. Find out more at www.evolveip.net/en-gb or call 0203 326 0800. Scott Rixon
RkJQdWJsaXNoZXIy NDUxNDM=