[VoiceOps] PCI Compliance and VoIP

Matthew S. Crocker matthew at corp.crocker.com
Wed Oct 19 19:25:50 EDT 2011


Most card processors work over IP now. Drop the pots entirely and reconfigure the customer to clear credit cards over the Internet



On Oct 19, 2011, at 5:47 PM, Justin B Newman <justin at ejtown.org> wrote:

>> I am wondering what you folks out there do when a customer needs their voice
>> service providers to be PCI compliant.  We use many ITSPs over the public
>> internet and it doesn’t seem that any of them support any type of SRTP.  Do
>> we need to step back and go TDM to our ULC for ‘secure’ customers?  Anyone
>> know of any good inbound/outbound ITSP that is PCI compliant AND supports
>> SRTP over the public network?
> 
> One way to approach the issue would be to work with the customer on
> the actual requirements. PCI does not specifically identify a
> requirement that brings voice service into scope. I believe that any
> interpretation that would bring voice telecommunications into scope
> would end up applying to TDM, just as they would to VoIP.
> 
> -jbn
> Justin B Newman
> 
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
> 



More information about the VoiceOps mailing list