PCI-DSS

on Thursday, 15 March 2018. Posted in blog

PCI-DSS compliance

PCI-DSS Secure Payment Systems - Automated or With Live Agent

Payment Card Industry Data Security Standard, or PCI DSS, is the regulatory commission that ensures that companies are keeping to various fraud prevention and security measures when handling customer’s sensitive credit and debit card information.

Solutions you can count on

We offer the complete solution for online and over the phone trading. We help enable you to obtain a merchant ID and provide you with our fully PCI Compliant payment gateway.

Becoming PCI DSS compliant is necessary for any business, and rightly so; however implementation is an expensive time consuming, and ever evolving process that often involves invasive processes, interrogative procedures, system upgrades and tedious checkups. For most businesses, PCI DSS Compliance problems range from operational difficulties of clean room environments, to the technical difficulties of data encryption, deletion and storage management.

How can Creative Telecoms help my company become PCI DSS compliant?

At Creative Telecoms we understand that becoming PCI DSS Compliant can be a headache, and often feels like just another hassle you don’t have time for. With Creative Telecoms you can remove the stress caused by PCI DSS requirements by letting us take care of it for you. There are a number of benefits to being PCI DSS compliant:

Decreased risk of security breaches
PCI compliance isn’t just about satisfying a list of guidelines — it’s a very real and proven way to protect you and your customers’ data from outside attacks. In fact, a recent Verizon study found that compliant businesses are 50% more likely to successfully withstand a breach.

Peace of mind for you and your clients
With breaches much less likely to happen, you’ll have one less thing to worry about in the daily course of running your business. You’ll appreciate this peace of mind, and over time, your customers will, too (see the next benefit below).

Boost in customer confidence
Your customers may not currently understand every detail about what it means to be compliant, but their awareness about the issue is growing. Every day, more and more of your customers are growing savvy about how their data is protected when they use their credit cards. It’s only a matter of time before customers see PCI compliance as a sign that your business follows best practices. That feeling of security will directly increase buyers’ confidence, and make them more likely to choose you over a non-compliant competitor.

Avoid costly fines
PCI compliance dramatically lowers your likelihood of getting breached, but it doesn’t completely eliminate the possibility. If you are breached, fines can grow as high as £500,000 per incident. Companies who are PCI compliant significantly reduce their risk of a breach, and therefore, their likelihood of receiving a fine. If a company is breached, regardless of their state of compliance, they must immediately inform customers and their processor of the data breach in writing. The processor or bank will initiate an audit on that company to see if the merchant was in fact PCI DSS compliant at the time of the breach.

Relatively quick & easy
This is one benefit that comes from what PCI compliance doesn’t do: with the right partner, you won’t have to make any substantial changes or disruptions to your business while attaining compliance. The process may seem complicated (and in many ways, it is), but a good compliance partner will shield you from the complexities and make it seem simple.

With Creative Telecoms’s hosted PCI DSS Solutions you can carry on your business without having to take on the day to day element of becoming PCI DSS compliant.

Our solutions, such as our agent assisted automation and secure payment processing can be easily integrated into any business model, leaving you with the most secure and up to date software and systems that will quickly help your company become fully compliant and leave your customers feeling secure and confident to use your services time and time again.

PCI credit card processing solutions such as agent assisted automation allow your operator to collect credit card information without ever seeing or hearing it. Once the system has been easily integrated‚ it reduces the need for a vast number of PCI DSS requirements and expensive fraud prevention because sensitive card data is no longer processed within your network.

How does Creative Telecoms’s PCI credit card processing solution work?


1, Customer asked to enter card details
2, At the point that the customer is ready to make a transaction they will be asked by your operator to enter their card details using their telephone keypad.
3, Progress is shown
4, When your customer enters the credit card number, expiry date and security code‚ asterisks are all that appears on your operators screen to show the progress of the caller’s keypad entry.
5, DTMF is not transmitted
6, DTMF is not transmitted through to the operator at any point‚ which means that any recording systems will not be able to pick up any DTMF signals of your customer sensitive card information.
7, Creative Telecoms’s hosted network instantly encrypts received data
8, Our hosted network instantly encrypts the received data, and securely transmits the payment to your chosen payment provider. The system doesn’t retain any sensitive credit card data within the network.
9, What are the benefits of PCI Credit Card Processing?
10, Decreased risk of security breaches
11, Peace of mind for you and your customers
12, Boost in customer confidence
13, Avoid costly fines
14, Relatively quick and easy

Should you choose Not to be compliant

If I’m not compliant, what may happen to me and my business?

You may be liable for non-compliance fines if you do not work towards compliance with your acquirer and ultimately your acquirer may be forced to terminate your relationship, which will prevent you from accepting payments by card.

Your customer’s data may be at risk of compromise and subject to fraudulent use. Fraudsters target the weak links in the payment chain to steal payment data (card numbers and card security codes) and customer’s personal information (names, addresses, phone numbers, email, date of birth etc.) for the purpose of committing fraud.

If your environment is identified as a common point of purchase (CPP) for fraud.

(If you are suspected to have suffered a data compromise), you will be required to engage with a PCI Forensic Investigator (PFI) to establish the source of the breach to ensure any compliance gaps are closed. The cost of a forensic investigation can run into thousands of pounds you will be liable for these costs if evidence of a compromise is established.

There are considerable Card Scheme fines associated with non-compliance following a data compromise; these can range from ten to hundreds of thousands of pounds. Many non-compliant merchants have ceased trading because the fines could not be accommodated. The fines are passed from the Card Scheme to the acquirer and then onto the merchant. Reputational damage is also a consideration if you are compromised and lose card data. Because it may lead to loss of customer confidence which could seriously impact their willingness to continue to do business with you.
If you have any questions regarding PCI DSS, please contact your acquirer bank.

Creative Telecoms are pleased to announce that our inbound PCI-DSS product range now covers the majority of western Europe, countries including the countries listed below.

The Creative Telecoms PCI-DSS offereing in the most advanced currently on the market, it can be used with a call agent or can programed to automaticaly take payments via an IVR system all via your chosen payment gateway.

As each of the PIC-DSS systems we bring live are spicific to the individual customer we alsoways recomend that you speak to us with you exact requirement so we can build a bespoke plan for your business.

Austria - Belgium - France - Germany - Holland - Italy - Spain - Sweden - Switzerland - Ireland - Portugal

Should you require PCI-DSS for any countries which are not mentioned here please contact the office as we are currently bringing on the rest of the World. 

Please email  or call 0800 109 1002 from outside the UK + 44 (0) 207 129 8880

We look forward to hearing from you.