Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .




Many industries today are required to record and store customer calls for compliance reasons. Others choose to record calls for training purposes and to improve their customer service. This has resulted in huge banks of ‘legacy’ calls being built up, many of which contain sensitive payment and personal information that needs to be securely protected. Matthew Bryars, CEO of Aeriandi, discusses the issues facing many businesses regarding such recordings and explains what can be done to prevent sensitive data from ending up in the wrong hands.

We are all familiar with the phrase ‘your call may be recorded for training and monitoring purposes’ and most of us have little objection to it. We understand the need for companies to comply with regulations such as the Financial Conduct Authority (FCA) when handling payment transactions, and we know that our calls may be used to train future customer service employees. But do we know, or even stop to consider, how the content of our calls is managed?

Making these considerations could give rise to a number of questions: ‘Where are these legacy calls stored?’ ‘How are they protected?’ ‘Who can access them?’ ‘How long will they be kept?’ Not knowing the answer to these questions can be particularly concerning when you’ve made a payment over the phone and divulged all the information required by a criminal to commit fraud. If legacy calls are not stored securely then these sensitive details will remain at risk until either the recording is destroyed or the payment details expire, long after you’ve forgotten the call ever took place.

PCI DSS – keeping customer data away from prying eyes

The good news is that the implementation of the Payment Card Industry Data Security Standard (PCI DSS) will significantly reduce legacy concerns over time. While it is not a legal requirement for businesses to adhere to PCI DSS, the reputational and monetary risks associated with a customer data security breach are strongly encouraging vendors to ensure compliance is met. The latest version of the standard instructs businesses to:

Refrain from storing authentication data after it has been authorised;

Render all data unrecoverable once the authorisation process is complete.

There are a number of technologies available today which can help businesses to comply with PCI standards, ranging from rudimentary pause/record, through to secure telephone payment platforms that ensure sensitive payment information never enters the call centre in the first place, thus eliminating the legacy issue.

Securing your legacy archive

The bad news is that while the solutions above can solve the compliance issues facing businesses now and in the future, many have already been collecting and storing legacy data for decades, frequently archiving recordings onto tapes or discs. So how can they mitigate this security risk? Locking thousands of tapes in a secure vault is impractical and would make it almost impossible to access the data should it be needed for legitimate business reasons. This would be especially inefficient for public sector bodies that are required to respond to Freedom of Information (FOI) requests within 20 working days and therefore need to have call recordings readily accessible as well as secure.

Data analytics software that can automatically scan and delete sensitive information may be an option in the future, but the technology is not yet reliable enough to make it viable. As such, the best option for many businesses is to implement a secure legacy archiving solution. With this approach, old recordings stored on tapes or discs are digitised, the tapes destroyed, and the digital copies stored in a secure cloud that complies with PCI DSS.

This solution enables businesses to preserve the quality of call recordings, access data quickly and free up the office space that was previously taken up by recording equipment and tapes. Secure legacy archiving can also significantly reduce the compliance burden facing businesses that process card payments, making it quicker and easier for them to keep customer data secure and accessible.

In the not too distant future, the loopholes surrounding phone payment processes and legacy call recordings will be eradicated and increasing compliance with PCI DSS will ensure that secure data storage is standard practice. However, until that time it is necessary for businesses to be alert to the security risks posed by call recordings and ensure they have processes in place to keep their customers’ confidential data secure.

Global Banking & Finance Review


Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!

By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post