“Hello, what is your credit card number?” Have you ever found yourself in a situation where you have been asked for your credit card information over the phone? Have you ever wondered where that person was working?
Whether you are paying a healthcare bill or covering an insurance premium, there are several healthcare transactions that may require consumers to verbally give out their credit card to someone unknown to them over the phone. Credit card data and healthcare data continue to be a prime target for hackers, which is why it is important to ensure all points of interaction with cardholder data are secure, including phone calls.
Thankfully there is technology that can both protect this cardholder data while allowing healthcare organizations to offer a great customer experience without your staff hearing credit card numbers.
What Is VoIP?
VoIP is an acronym for Voice over Internet Protocol, or in more common terms, phone service over the Internet. What this means is if you have a reasonable quality Internet connection, you can place and receives calls over your Internet connection instead of relying on physical, copper telephone lines. If you are reading this at your office desk, odds are that the phone on your desk leverages VoIP. VoIP phones allow your IT and Network teams to run an ethernet cable to your desk and have it provide both Internet connectivity for your computer and also telephone services. If that phone on your desk is made by Avaya, Cisco, or ShoreTel chances are that it leverages VoIP. While this integration is great for your IT and Network teams, it can introduce significant PCI challenges articulated by the PCI Council.
PCI and VoIP
Securing Credit Cards for Call Centers
Healthcare organizations can leverage technology to address this challenge. How would this work you might ask? VoIP protection technology sits on the edge of your network and masks cardholder data before it is transmitted throughout your organization’s network. Instead of consumers speaking the credit card number to your employee, they enter the credit card number on the keypad – either physical or virtual (e.g., iPhone). The dial tones created by the keying in of the credit card number are intercepted and then sent back to the call center agent as flat notes via a process
As an additional benefit, the phone call may be recorded without the risk of the recorded call containing the tones of a consumer entering his or her credit card number on the phone or saying it aloud.
It is important for all healthcare organizations to ensure that consumer payments made through any channel, including VoIP, online, and front/back office are secure. With VoIP protection, Point-to-Point Encryption (P2PE) and the InstaMed Secure Token healthcare organizations can protect payments regardless of how a consumer chooses to pay. Are you concerned about your organization’s handling of credit card transitions on your VoIP network? Contact us to discuss payment security for your organization.