[asterisk-biz] PCI Compliance for Credit Cards Over the Phone - how?
Avi Marcus
Avi at GetBestFone.com
Mon Dec 19 06:34:45 CST 2011
On further thought, any business using VoIP has this issue just to accept
credit card information over the phone.
I'm running out of a data center w/o personal physical access, so #1 is out.
#2 or #3.. 3 is probably easier to set up?
So who has USA DIDs or TF with SRTP/ZRTP? I only need a few for now with
pretty low volume.
And that means it never went over open net unencrypted, e.g. the supplier
has TDM/BRI/whatever or is the actual CLEC.
I don't recall seeing that offered around...
-Avi Marcus
BestFone
On Mon, Dec 19, 2011 at 2:26 PM, Alex Balashov <abalashov at evaristesys.com>wrote:
> On 12/19/2011 06:54 AM, Avi Marcus wrote:
>
> I haven't really heard of any end-to-end encrypted origination
>> lines. Is this guideline ignored? How do people deal with this?
>> Does someone have T1 lines and offers encryption for
>> origination...?
>>
>
> It's a can of worms, and there are a myriad of answers. The
> acceptableness of many of the possible answers to PCI auditors, despite
> their technical viability, is uncertain.
>
> 1. Dedicated end-to-end TDM circuits fall within the traditional
> guidelines, as do dedicated point-to-point data circuits.
>
> 2. Some VoIP origination providers will deliver the traffic to you via
> various inter-site VPN technologies, both for signaling and bearer.
>
> 3. SIP with TLS transport, and ZRTP+SRTP for voice.
>
> --
> Alex Balashov - Principal
> Evariste Systems LLC
> 260 Peachtree Street NW
> Suite 2200
> Atlanta, GA 30303
> Tel: +1-678-954-0670
> Fax: +1-404-961-1892
> Web: http://www.evaristesys.com/
>
>
> --
> ______________________________**______________________________**_________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/**mailman/listinfo/asterisk-biz<http://lists.digium.com/mailman/listinfo/asterisk-biz>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-biz/attachments/20111219/8570e2d2/attachment.htm>
More information about the asterisk-biz
mailing list