Compare CallGuard
Compare CallGuard with other methods for making your call recording solution PCI DSS compliant
When properly implemented, the methods below are all PCI DSS compliant.
| Feature | CallGuard | Turn off recording | Transfer to IVR |
Auto Pause & Resume | Central DTMF blocking - in phone network | Central DTMF blocking - on premises |
| Your curent call recording system | ||||||
| Works with any call recording system | Y | Y | Y | no | Y | Y |
| Scales from small to large installations | Y | Y | Y | Y | Y | Y |
| Can be deployed to virtual- or cloud-based recording | Y | Y | no | no | Y | Y |
| Customer experience | ||||||
| Uses touch-tone data entry (shown to improve customer confidence) | Y | no | Y | no | Y | Y |
| Can automatically check that customers’ card data has been entered correctly | Y | no | no | no | Y | Y |
| Customers continue to talk with call centre agent throughout call | Y | Y | no | Y | Y | Y |
| Customer is able to ask questions during the payment process | Y | Y | no | Y | Y | Y |
| Agents | ||||||
| No change to agents’ existing payment process | Y | Y | no | Y | no | no |
| Increases agents’ personal security by barring access to card data | Y | no | Y | no | Y | Y |
| Minimal training required | Y | Y | no | Y | Y | Y |
| Agents do not waste time waiting for customer to enter card details to IVR robot | Y | Y | no | Y | Y | Y |
| Your current payment processor | ||||||
| Allows you to keep your current payment processor | Y | Y | no | Y | Y | Y |
| No back-end integration with your payment processor required | Y | Y | no | Y | no | no |
| Does not require payment providers to make any changes to their systems | Y | Y | Y | Y | Y | Y |
| Gives the flexibility to switch payment provider in future, with no additional changes | Y | Y | no | no | possible | possible |
| Works with web-based payment providers with no integration | Y | Y | no | no | no | no |
| Works with application-based payment processes with no integration | Y | Y | no | no | no | no |
| Works with thin-client or RDP-based payment processes with no integration | Y | Y | no | no | no | no |
| Your contact centre IT/telephony environment | ||||||
| You can switch telephony, payment and IT systems in the future, with no changes, and maintain PCI DSS compliance for call recordings | Y | Y | no | no | no | no |
| Works in PRI/TDM/E1 environment | Y | Y | Y | Y | Y | Y |
| Works in VoIP environment | Y | Y | Y | Y | Y | Y |
| Does not negatively impact average handling time (AHT) | Y | Y | no | Y | Y | Y |
| Avoids additional outgoing call charges | Y | Y | no | Y | Y | Y |
| Does not require changes to call routing provider | Y | Y | Y | Y | no | Y |
| Security | ||||||
| Can stop agents seeing card data | Y | no | possible | no | Y | Y |
| Can stop agents hearing card data | Y | no | possible | no | Y | Y |
| Can stop screen recording systems capturing card data | Y | no | possible | no | Y | Y |
| Outsourced contact centres | ||||||
| Protects your clients’ brand integrity by ensuring breaches involving customer data cannot occur | Y | no | no | no | Y | Y |
| Allows you to show clients that your staff have no access to customer sensitive card data | Y | no | no | no | Y | Y |
| A single implementation that works across all your clients’ systems | Y | Y | no | no | no | no |
| Works with client-hosted payment processes which cannot be tailored or customised | Y | Y | no | no | possible | possible |
| Proof of Concept | ||||||
| Allows you to do a small scale Proof of Concept easily and quickly, using live systems | Y | Y | no | no | no | no |
| Installation | ||||||
| True plug and play with telephony systems | Y | n/a | no | no | n/a | Y |
| True plug and play with desktop/terminals | Y | n/a | no | no | n/a | n/a |
| No integration required with agent’s payment processes | Y | n/a | no | no | no | no |
| Simple configuration with any desktop payment process | Y | n/a | no | no | no | no |
| Implementation time measured in days not weeks | Y | Y | no | no | no | no |
| Very low complexity for payment system and IT integration | Y | n/a | no | no | no | no |
| Resilience | ||||||
| No additional potential single point of failure introduced to entire payment process | Y | Y | no | Y | possible | no |
| No additional potential single point of failure introduced to telephony/call path | Y | Y | no | Y | Y | no |
| Regulatory requirements | ||||||
| Approach is acceptable to financial services regulators like FSA | Y | no | Y | no | Y | Y |
| Further PCI DSS specifics | ||||||
| Works with other descoping tools | Y | no | no | no | Y | Y |
| Fulfills PCI SSC’s best practice guidance that agents should not enter card data | Y | no | Y | no | Y | Y |
| Integrates with tokenisation systems to further eliminate card data from your environment | Y | no | no | no | possible | possible |
If you are currently using a different method such as one listed here, it may not be compliant.