Cognia Live Brings PCI Compliance into the Cloud Era

PRESS RELEASE: Cognia, a leading provider of cloud-based communications intelligence solutions announced the launch of Cognia Live, the first PCI-DSS compliant, QSA-validated solution to be delivered from a global cloud architecture. With Cognia Live’s dual-tone-multi-frequency (DTMF) suppression capabilities, sensitive card data is automatically prevented from reaching the agent or entering contact centre systems, all while maintaining continuous customer interaction.

69 percent of U.S. contact centers carry out card payments over the phone and 84 percent record calls. Moreover, with the average cost of a data breach at $136 per record, and the cost of non-compliance with PCI being on average, more than 2.5 times greater than compliance, brands and call centers are more focused than ever on becoming PCI compliant.

However, PCI DSS states that Sensitive Authentication Data (SAD), such as the 3-digit verification codes on the back of cards, should not be stored in any format, encrypted or not, including digital audio recording. This poses a significant challenge to merchants and payment processors who are required to record calls in order to comply with other regulatory bodies, or for their own business development needs.

“Fraud is a very serious issue for the credit and debit card industry. PCI- DSS was introduced by the top 5 credit and debit cards in 2004 to help companies mitigate this risk,” said Donna Fluss, president of DMG Consulting LLC. “The challenge is for a company to select and implement a solution that helps them comply with the regulations, without negatively impacting the customer experience or agent productivity.”

Cognia Live uses dial tone masking instead of voice to input sensitive payment card data. Because these push-button dialing tones are distinct and standard across landline, mobile and Internet calling devices, Cognia Live’s DTMF automatically identifies and masks these tones so that the agent cannot hear them and they never enter the call recording system. With DTMF suppression, the conversation between the agent and customer continues without disruption, while keeping call recording simple and PCI compliant.

Cognia Live is powered by the Cognia Cloud, the first cloud-based service provider in the world to achieve QSA-validated (Level 1) PCI DSS compliance for a global cloud telephony and payment service platform. The system requires no on-premise equipment or software, and deploys quickly and cost-effectively across sites in any location. Cognia Live’s global cloud platform also ensures that contact centers can cleanse archived recording data or move it to a cloud-based storage model at a far lower cost than traditional PCI compliance or recording storage solutions.

The launch of Cognia Live follows closely the establishment of Cognia’s official presence in the United States and the hiring of Frank Ortiz as Head of Global Sales & SVP. Announced in June 2014, Ortiz is now leading Cognia’s U.S. operation, developing Cognia’s partner and direct sales functions leveraging his expertise in the PCI DSS market from working at companies such as NICE Systems and Convergys.

“With recent events like Target’s and Home Depot’s massive data breaches, coupled with regulations like the Dodd Frank Act and the looming EMV deadline in the U.S., merchants are experiencing pressure from all corners to make their payment processing systems more secure,” said Ortiz. “Add to that the increasing number of remote contact center agents that aren’t within a merchant’s environment and PCI compliance can seem more challenging than ever. Cognia Live helps companies turn PCI compliance into a business asset, reducing contact center costs, and improving the protection of their customers’ information, as well as their own brand reputation.”

“Additionally, our cloud-based dial-tone masking solution means that contact centre recordings are never physically stored within brands’ infrastructure, minimizing our customers’ equipment costs, staff time spent installing, configuring and maintaining systems, and most importantly, compliance burden.”