Amazon Connect & and the PCI-DSS Compliant Contact Centre

In the last 8 years I’ve worked on a number of labour intensive and expensive projects to ensure contact centres are Payment Card Industry Data Security Standard (PCI-DSS) compliant. These projects have had professional services and licensing that added up to the hundreds of thousands of dollars just to de-scope the contact centre from PCI-DSS audits. It meant that only the larger organisations could afford to take this approach to securing credit card payments.

It also meant that most contact centres still rely on manual systems, pausing voice recording or transferring to a separate IVR to take credit card payments.

This process has been radically simplified in the last couple years with Amazon Connect. We are now able to establish a PCI-DSS compliant contact centre in a matter of days, all integrated to the agent’s desktop and bank payment gateway.

I’ve written before about the openness of Amazon Connect and the AWS Cognitive CX suite. It is highly flexible and allows integration to secure credit card payment solutions in a few simple steps. Benefits:

  • Agents can stay on the phone with the customer while the credit card payment is taken
  • The agent does not hear or see any personal information
  • The customer can receive a receipt immediately
  • The solution handles tokenisation for additional security
  • The solution can be integrated into CRM and IT Service Management systems
  • The call stays within Amazon Connect at all times
  • The contact centre is de-scoped from PCI-DSS audits

Like all AWS services, the pricing is consumption based so there are no upfront licence charges. A secure contact centre can be up and running in a matter of days.

Global Touring, which includes brands such as Topdeck Travel, has recently shared how they solved PCI-DSS compliance in their contact centre. You can read about it here.