Eliminating Contact Center Fraud & Data Breaches

As we bring everybody together here preparing for the session this morning, I did a little bit of research and it was interesting in terms of some of the reports that are being surface now with 2019 data. There are some interesting statistics that are being shared around data breaches and fraud in 2019. Through January of July of 2019 this year alone, over 31 million records were exposed in the 13 largest data breaches. You know, this is a fact that is not trending positive. It seems like we don't go by a day or a week without reading about another organization being breached. No industry is immune to this, including Healthcare breaches.

I read in terms of preparation for the session this morning that Healthcare breaches are costing that sector over $4B dollars this year, outpacing the security and Technology spend that the industry is trying to focus on. These breaches are hitting that industry along with their every other industry very hard. Specific to PCI compliance and payment security that really is the topic of what we're going to be talking about today. By 2020, it is estimated that card-not-present fraud is going to reach over 7.2 billion dollars and with a lot of this fraud taking place in the Contact Center. This really is hitting home for today's discussion.

What we're going to talk about today is helping organizations understand what sort of challenges are out there with Ribbon and Eckoh together. What we hope to do is to share some insight in what you can do to head off some of this this fraud and these compliance challenges and really challenge you to think about why you need to rethink your PCI DSS strategy.

The thought that PCI DSS compliance doesn't equal security sometimes is a puzzling statement for a lot of organizations. What we have found, and this is kind of an industry statistic, that where organizations experienced a breach those organizations were in fact PCI Compliant at the time of the breach. All the information that we are going to share this morning is going to point back that there's truly a false sense of security out there when it comes to PCI compliance. Just because you're compliant at one point in time it does not mean that that the organization is not under constant barrage in terms of the fraudsters trying to take away sensitive data.

It's important to remember that just because you're compliant doesn't mean that that fraud still can't happen. So exactly what is happening with PCI compliance? What we're finding and as most Enterprises are finding PCI DSS compliance is a moving target for them. Guidelines are constantly being updated and what that means for the Enterprise and the Contact Center is that they've got to quickly adapt to remain compliant and secure. Just this past November the PCI Council released updated guidelines around handling VoIP payments and what we're seeing is a lot of organizations are now dealing with those changes. Just this past September, the PCI Council has released an update which is around the PCI DSS 4.0 guidelines. And while it's going to take a bit of time for those guidelines to be implemented what we're seeing is that organizations are going to have to answer and work with their Auditors. Whereas they might have been able to pass a PCI audit through some compensating controls. Those controls may not be applicable anymore with all these updated guidelines that are coming and with this constant change in the guidelines and regulations and we must consider what this really means to the Enterprise. The Enterprise must protect their customers data and it really translates to Brand loyalty within the contact center. All these moving targets mean additional operational costs and training those contact center agents so that they're following processes that are that are not only compliant but they're protecting the customers end-data.