Why PCI Compliance Matters

by Natalie Chilton


When it comes to security, companies can be a little lenient on the necessary steps to securing their sales systems.

It takes a lot of time and money, and frankly it is easier to keep pushing it off than to roll up your sleeves, dig in, and get it done. Some companies unfortunately, even wait to take these protective measures until after they’ve experienced a data breach.

Companies such as TargetWendy’sChipotleGameStop, and Yahoo have had user accounts, customer identification, and payment card information hacked from their systems. Businesses are no longer just physical places, but virtual ones that can be accessed, and breached, anywhere at any time from multiple devices. These breaches are expensive and time-consuming to recover from legally, and usually require the hiring of an entire team to help in rebuilding your customer’s trust.


Handling customer’s credit card data is serious. When consumers hand over their sensitive information, they trust that your business is taking the appropriate measures to keep their bank accounts and identities safe and secure. Therefore businesses need to do everything in their power to anonymize and protect that data, no matter the cost. That is why VoiceBase made the decision to prioritize achieving PCI DSS Level 1 certification and is committed to providing the highest level of cloud-based speech analytics services to its customers. Being PCI compliant means that we are actively protecting our customers’ data and defending against any data breaches. We want to help invest in the long term health of businesses and providing them with a higher standard of security. We have gone through great lengths to ensure that our customers’ sensitive information is safe.

“VoiceBase’s completion of the PCI DSS Level 1 certification illustrates our dedication to ensuring that we provide a secure and reliable speech analytics processing environment for our customers’ critical business applications,” said Walter Bachtiger, Founder & CEO VoiceBase. â€śWe process massive amounts of PCI sensitive data across various industries, and are committed to meeting a wide range of regulatory requirements.”

What is PCI Compliance

The Payment Card Industry Data Security Standard (PCI DSS) was developed by the founding brands of the PCI Security Standards Council, which includes American Express, Discover Financial, JCB International, MasterCard Worldwide, and Visa Inc. to encourage and enhance cardholder data security and facilitate consistent data security measures globally.

The PCI Data Security Standard requires that any merchant that outsources the transmission, processing, or storage of payment card data to a third party provider verify that the provider adheres to the standard.

The standard includes twelve requirements of which the goals are to:

  •      Build and Maintain a Secure Network
  •      Protect Cardholder Data
  •      Maintain a Vulnerability Management Program
  •      Implement Strong Access Control Measures
  •      Regularly Monitor and Test Networks
  •      Maintain an Information Security Policy

What MUST be redacted?

What else MIGHT be redacted?


Being PCI DSS Level 1 Certified ensures customers that VoiceBase is safely handling PCI data spoken in recordings sent by our customers. Businesses send VoiceBase contact center sales and service calls all day with credit card information spoken, because our PCI Detection & Redaction feature allows you to spot the start and end times of PCI data and have it either redacted by VoiceBase or in-house. This ensures that future queries can be ran on those recordings to leverage other insights, with no risk of access to someone’s personal credit card information.

Below is an example of how VoiceBase’s API redacts the Customer’s credit card information during the call.

More From the Voice analytics blog

Predictive Analytics for Strategic Insights

Predictive Analytics for Strategic Insights

Predictive analytics is an advanced form of data mining that leverages machine learning to identify patterns in voice recordings, intuit a speaker’s intent, and predict a future outcome — be it a sale, account cancellation, or one of many customized “X” signals your clients might request.

read more