Stenocall

Features of Our Service

  • Serving Our Customers Since 1954
  • Certified PCI DSS Compliant
  • Secure Credit Card Processing
  • 24 hour, 365 day Operation
  • Backup Emergency Power
  • Bilingual Operators
  • Per-second billing - no rounding up to full minutes
  • 100% On-Site Operators
  • High Security
  • Customized Conversation Flow
  • Web Enabled Call Center
  • Interactive Voice Response
  • Data Entered Into Your Web Site
  • Flexible Data Transfer to You
  • Live Text Chat
  • Live Push-Page
  • Custom Telemarketing
  • Overflow Service
  • After Hours (Part Time) Service
  • Database Management
  • Custom Reporting
  • Real-Time Call Reports
  • M.O.M. Software Compatible
  • Continuous Quality Control

Stenocall PCI Compliance Certification


Stenocall Call Center is Level 1 PCI Compliant!

This Attestation of Compliance (PDF) is your assurance that Stenocall can securely handle your credit card orders without subjecting you to data breaches, non-compliance penalties, or your auditor's frowns.

But if you don't want to read all 10 pages of it, here's the really important part (top of p. 8) - Click below for a larger image:

PCI DSS Attestion - Validation section - Click for a larger image

PCI Compliance - Here's what you need to know:

  • If you take phone orders with credit cards, you need a PCI compliant call center.
  • The credit card industry is ramping up enforcement of these standards.
  • If not compliant, you could lose your credit card processing and/or be assessed fines.
  • Your auditors are going to be pestering you about this. If not already, then very soon.
  • Some outfits fill out a questionnaire to be compliant (Levels 2 through 4). You never know if they really are.
  • Stenocall is independently certified PCI compliant -- i.e., Level 1, the highest level. This gives you true peace of mind.

Why is Outside Certification Important?

There are four validation levels for PCI compliance. Stenocall qualifies at Validation Level 1 -- the highest level. Levels 2 through 4 fill out a self-assessment questionnaire, but Level 1 has a qualified outside auditor come in to actually look at the systems and operations.

Obviously, even better than a PCI compliant call center is a PCI certified compliant call center. Yes, we could have filled out a self-assessment to meet the PCI requirements. Many smaller firms do, but then you don't know if they fully understood the requirements, or "fudged" on them.

We've seen someone say, for instance, that they just installed a new firewall, and that made them compliant. Far from it! See Common PCI Myths (PDF). There are 12 major requirements, consisting of nearly 300 separate rules, many of which are ongoing procedures and network tests for "hacker resistance."

So we felt it was important to our clients to take the extra step (and cost) to have our network, software, and procedures audited by an independent Qualified Security Assessor (QSA). This leaves no question that the requirements are met.

So Stenocall is not merely PCI Compliant; we are certified PCI Compliant.

What PCI Compliance means to you

You hear it on the news almost every week it seems -- some company has been hacked and thousands of credit card numbers stolen. In response to this problem, the Payment Card Industry (PCI) has established Data Security Standards (DSS) which vendors and outsourcers must meet in order to process credit and debit cards, or face stiff penalties -- monetary fines, or even a cutoff of credit card processing.

So if you take orders with credit cards, you need a PCI compliant call center. Their rules say this applies even if the credit cards are only stored on your own computers. Because the card numbers go through the call center's network and computers, the call center needs to be PCI compliant also.

Responsibility on Both Ends

Be aware that if you store, process, or transmit credit card data in your own system, then you need to be PCI compliant also. For instance, for those clients where we capture the data on our systems, we transmit all credit card data to you encrypted. (Not only encrypted in transit, but the file is still encrypted after you receive it.) At the point where you decrypt this file, the computer(s) on which this is done and stored need to be compliant.

Idea Checklist

  • Order Taking / Order Processing
  • Cross-selling and Up-selling
  • Direct Response Marketing
  • Govt. Assistance Programs
  • Catalog Requests
  • Customer Service
  • Disaster Backup
  • Product Help Line
  • Troubleshooting
  • Pledge Drives
  • Lead Generation
  • Lead Qualification
  • Dealer Locator
  • Phone Card Reloads
  • Warranty Service / Replacement
  • Applicant Screening
  • Hotel Reservations
  • Conference Registration
  • Business Continuity
  • Literature Fulfillment
  • Appointment Scheduling
  • Complaint Line
  • Consumer Information Line
  • Infomercial (DRTV) Response
Stenocall