PCI DSS compliant in Chat

EilidhB · March 16, 2021, 1:55pm

Hi there,

I've seen notes/documentation on being able to mask sensitive information within chat e.g. card details.
I just want to check, does this mean the customer types in the details and the agent wouldn't be able to see them?
Is this automatic/apart of the standard widget capabilities and doesn't need extra code to include this feature?

Is there a possibility that the customer could type the details, the agent sees the details but once the chat is done the card details are masked after the fact? Or would we have to integrate some sort of payment facility within webchat that we direct the customer to so that we can take payment via chat?

At the moment we have to direct the customers to call us or we arrange a call back and this defeats the point of us using chat as a way to reduce phone traffic.

Cheers,
Eilidh

anon39326996 · March 16, 2021, 2:24pm

Hi, we automatically mask credit card data as noted here: https://help.mypurecloud.com/articles/pci-dss-compliance/

Web chat does not fall into our PCI scope and cannot be used to pass credit card data.

EilidhB · March 16, 2021, 3:42pm

That's helpful actually, that link suggests Google dialogflow may be able to do this. I will investigate further, thanks.

anon39326996 · March 17, 2021, 1:20pm

Thanks for pointing that out. The PCI compliance is only for voice, not web chat or messaging but I agree the article seems to be worded in a way that is ambiguous. We'll fix that.

system · April 17, 2021, 1:31pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.