[asterisk-biz] PCI Compliance for Credit Cards Over the Phone - how?
Avi Marcus
Avi at GetBestFone.com
Mon Dec 19 06:38:15 CST 2011
Yes, that would help with the issue of recording the call without storing
sensitive data, so you could have an IVR take the credit card number.
It doesn't help with the guideline of the call being encrypted until the
point it reaches your server, though.
-Avi
On Mon, Dec 19, 2011 at 2:34 PM, leightonbrennan
<leightonbrennan at telcom.ie>wrote:
> Hey
> I have seen in some other vendor call recorders that they are able using
> dtmf digit that once the user is saying there card info that once the
> dtmf digit is dialled the recording is paused and then when finished the
> dtmf digit is pressed again and the recording resumes.
>
>
>
> Best Regards,
>
> Leighton Brennan
> Technical Manager
> Telcom LTD
> A2 Nutgrove Avenue
> Rathfarnham
> Dublin 14
> Ireland
>
> -----Original Message-----
> From: asterisk-biz-bounces at lists.digium.com
> [mailto:asterisk-biz-bounces at lists.digium.com] On Behalf Of Alex
> Balashov
> Sent: 19 December 2011 12:30
> To: asterisk-biz at lists.digium.com
> Subject: Re: [asterisk-biz] PCI Compliance for Credit Cards Over the
> Phone - how?
>
> On 12/19/2011 06:54 AM, Avi Marcus wrote:
>
> > I haven't really heard of any end-to-end encrypted origination lines.
> > Is this guideline ignored? How do people deal with this?
> > Does someone have T1 lines and offers encryption for origination...?
>
> It's a can of worms, and there are a myriad of answers. The
> acceptableness of many of the possible answers to PCI auditors, despite
> their technical viability, is uncertain.
>
> 1. Dedicated end-to-end TDM circuits fall within the traditional
> guidelines, as do dedicated point-to-point data circuits.
>
> 2. Some VoIP origination providers will deliver the traffic to you via
> various inter-site VPN technologies, both for signaling and bearer.
>
> 3. SIP with TLS transport, and ZRTP+SRTP for voice.
>
> --
> Alex Balashov - Principal
> Evariste Systems LLC
> 260 Peachtree Street NW
> Suite 2200
> Atlanta, GA 30303
> Tel: +1-678-954-0670
> Fax: +1-404-961-1892
> Web: http://www.evaristesys.com/
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-biz
>
>
>
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-biz mailing list
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-biz
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-biz/attachments/20111219/b41853ab/attachment-0001.htm>
More information about the asterisk-biz
mailing list