[VoiceOps] PCI Compliance and VoIP
Oren Yehezkely
orenyny at gmail.com
Wed Oct 19 20:21:40 EDT 2011
Can you encapsulate VoIP traffic in a VPN?
The question then would be if they will understand and accept that as a
solution.
Good Luck,
On Wed, Oct 19, 2011 at 7:42 PM, Geoffrey Mina <gmina at connectfirst.com>wrote:
> That's the example scenario I'm working on. We are public internet to our
> itsp. There are call center agents on our network taking CC info on the
> phone. They are claiming that for pci 1 they can't use a service like ours.
>
> Geoff Mina
> CTO/Co-Founder
> Connect First Inc.
> 720.335.5924
> 888.410.3071
> gmina at ConnectFirst.com
>
> Sent from my iPhone
>
> On Oct 19, 2011, at 5:35 PM, Justin B Newman <justin at ejtown.org> wrote:
>
> >> 11.1 If the payment application sends, or> facilitates sending,
> cardholder data over public> networks, the payment application must support
> > On Wed, Oct 19, 2011 at 6:26 PM, Hiers, David <David_Hiers at adp.com>
> wrote:
> >> This PCI requirement covers the entire Internet, regardless of protocol:
> >>
> >
> > It covers the Internet when _payment applications_ are facilitating
> > sending cardholder data. While I can identify ways this would apply, I
> > wouldn't see this applying (as an example) to VoIP lines running to a
> > call center, where the operators key in cardholder data to a payment
> > applications.
> >
> > -jbn
>
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20111019/6de52ccc/attachment.html>
More information about the VoiceOps
mailing list