Stop Giving Your Q/A Team Your Client’s Credit Card Numbers

Have you ever had someone ask for your credit card number over the phone? That question always makes me uncomfortable.  My personal policy is to never give it out if I’m the one who was called. If I have called in, and it makes sense in the context of the call, I give it out over the phone.

This presents a challenge to the call center. They need to be able to accept sensitive information that could be problematic in the wrong hands. Credit cards are the biggest example, but Social Security numbers, drivers license numbers, or even account numbers and passwords are all things you’d like to keep confidential.

One simple security measure you can take is in the call recording. The Q-Suite script builder, for instance, allows agent-side recordings to be stopped, started or restarted on page load or button press. By creating recording segments, identified by prefixes, you can choose the parts that should be made available for listening, and hide or delete the segments that cannot be kept due to containing sensitive information.

Another method that Q-Suite supports is security levels for particular script fields. You can set the security level on a field so that the agent can collect the data, but your Q/A team cannot read the data while looking at the call. Combined with segmented recordings, your Q/A team never needs to access the sensitive information to verify that the script was followed, or that the sale is valid.

One possible leak of data is DTMF in the recordings. If a client is asked to enter numeric data via the dialpad on the phone, the tones are usually still audible to anyone listening to the recording. With only a dozen tones available on standard telephones, it’s not difficult to have those tones converted back into digits. In those cases, scrubbing of DTMF tones from the channel or the recording may have to be done.

There are other options, of course, but do make sure that you aren’t leaking client data before it’s too late.