Many business owners have asked us how to accept credit card information over the phone in a PCI compliant manner.
Some have even assumed that because there’s a human involved the activity must be non-compliant. The good news is that you can take credit cards over the phone (or hand key a customer’s credit card information) and be PCI compliant!
In this “Ask the QSA” video, we ask ControlScan QSA Brad Chronister to explain how taking credit cards over the phone works with PCI compliance. Learn how your business can evaluate its people, processes and technology to achieve and maintain compliance, even if credit card information is taken by phone.
After watching the video, be sure to also review this helpful document from the PCI Security Standards Council (while it was issued several years ago, the information it contains is still relevant): Protecting Telephone-based Payment Card Data.
ControlScan has security and compliance experts that can help. Give us a call at 800-825-3301, ext. 2.
Be sure to subscribe to this blog for additional tips and webinar announcements.