Posts Tagged ‘data security’

Video Identification Is Now Available On VCC Live Desk

Posted on: May 24th, 2019 by dorarapcsak No Comments

In an age of digitalization and increasing customer expectations, the demand for remote identification services is growing faster and faster. And video, which has shown continued growth over the past few years, is the ideal tool to make customer identification simpler than ever.

At VCC Live®, our mission is to constantly focus on innovation and look for new ideas to create an as convenient as possible customer experience. As such, we’re delighted to announce that video identification is now available as part of VCC Live®’s solution.

Video identification is a simple, quick and highly secure method of remotely verifying customers. It helps prevent identity fraud, speeds up customer service and increase customer satisfaction – and it’s definitely a technology that is here to stay.

How does video identification work on VCC Live Desk? It’s simple:

  1. An agent offers a customer the opportunity to be identified via video call
  2. The agent sends an SMS with instructions and a link to the video call
  3. The customer clicks on the link and the video call begins
  4. The customer looks into the camera and holds up an appropriate identification card
  5. The agent takes a photo and checks the quality
  6. The agent informs the customer if the identification was successful

Customers increasingly expect companies to provide them with a smooth and convenient customer experience. However, in the banking industry, for example, until recently, because of the need for personal identification, customers usually needed to go physically to their nearest bank to get their issues resolved.

Now, though, with VCC Live’s video identification, customers can verify themselves at any time, and from anywhere. This method of identification at VCC Live is not only highly secure, it is also recorded and can be replayed at any later date.

Interested in our video identification feature? Check out our demo video! 

Our Data Security Steps to Keep Your Business Covered

Posted on: April 4th, 2019 by dorarapcsak No Comments

In our ever-connected world, data is everywhere. But having access to an ever-increasing amount of information has also led to a number of challenges. One challenge is that organizations storing sensitive customer data have become a major target for cybercriminals.

Although there is no complete escape from a potential data breach, with thorough preparation, it is possible to mitigate the risks.

At VCC Live®, we’ve always been committed to data security, and took several data security steps throughout the years to keep your business covered. Among other things, this is why we’ve been working hard over the past years to make our company fully GDPR compliant.

Furthermore, being proud holders of the PCI DSS certificate and ISO27001 and ISO22301 certificates – some of the strictest data privacy certificates around– is the ultimate proof of our success in keeping our business data safe and secure.

The PCI DSS certificate applies to any organization that accepts credit and debit card payments. We are proud that this year saw our certificate renewed for the fourth time.

The ISO27001 certificate outlines guidelines for information and data security, and matches the GDPR regulation introduced in 2018. The aim of the ISO22301 certificate is to guarantee business continuity and create stable company practices.

These certificates are absolutely invaluable when we’re assessing internal and external risks, and are equally important when we’re preparing detailed plans for all potentially critical business situations.

With the evolution of cybercrime, businesses handling valuable customer data really do need to take all necessary measures to protect their data. Still, regardless of how thorough your preparation is, data breaches do happen at even the biggest organizations, causing disastrous financial consequences.

In such cases, Cyber Liability Insurance can make or break your business. As such, reflecting our continued desire to be at the cutting edge of security, we have taken the next step towards our dedication to data privacy, and are more than delighted to announce that VCC Live® has signed a Cyber Liability Insurance.

We are proud to say that we are at the cutting edge in this respect too, being among one of only a few companies in this industry who take data security 100% seriously. Nothing proves this better than our GDPR compliant processes and data privacy certificates, along with our new Cyber Liability Insurance.

VCC Live® Has Been Awarded the PCI DSS Certificate for the Fourth Time

Posted on: March 6th, 2019 by dorarapcsak No Comments

Another year, another successful IT audit! We’re more than delighted to announce that, after our latest comprehensive yearly audit, VCC Live® has once again been awarded the PCI DSS international certificate. VCC Live® has been PCI compliant for a number of years, and this year saw our certificate renewed for the fourth time.

For those not aware, PCI DSS (Payment Card Industry Data Security Standard) is one of the strictest card holder data security standards in the world, and is backed by the five largest credit card issuers in the market.

The PCI DSS certificate applies to any organization that accepts credit and debit card payments, and PCI DSS compliance validation is performed annually or quarterly. As VCC Live®’s unique VCC Live Pay feature provides customers with the opportunity to make real-time payments during a single phone call, being PCI DSS-compliant is of utmost importance to us.

With the evolution of cybercrime, and with cybercriminals becoming more advanced than ever, businesses handling valuable customer data really do need to take all necessary measures to protect their data. Still, according to the following, alarming statistics conducted by EY, it seems that the majority of companies are still not prepared for a potential data breach. Their research found that:

  • Only 38% of global organizations are prepared for a complex cyber attack
  • Only 4% of organizations are confident that they have fully considered the information security implications of their current strategy
  • Only 12% feel it is very likely they would detect a sophisticated cyber attack

We are proud to say that we are at the cutting edge in this respect, and among one of only a few companies who take data security 100% seriously. Nothing proves this better than our fourth PCI DSS certificate, along with our two additional ISO027001 and ISO022301 certificates.

PCI DSS certificate vcc live blog

Balázs Zsolt, Information Security & Process Manager at VCC Live® and Miklós Tassi, Consultant and QSA Auditor at AperSky 

Here at VCC Live, data security and privacy have been at the heart of the company from the very beginning, and we’re proud of the fact that our company has been built with customer privacy in mind.

This fourth renewal of our PCI DSS certificate clearly reflects our dedication to data privacy, and determination to continuously review our IT security and business continuity processes, including successfully undergoing the yearly audits required for all three certificates.

Case Study: Managing Customer Data 100% Securely

Posted on: January 4th, 2019 by dorarapcsak No Comments

When it comes to making an online purchase, customers expect speed and convenience. Therefore, leveraging real-time payment is definitely the next big thing in customer service. Keeping customer data 100% safe, however, is a major concern for most businesses embarking on this journey.

You may not think so but customer motivation is at its highest during a conversation, dropping immediately after the end of a call. The greatest chance for successful conversion is thus during a conversation. And this is where VCC Live®’s real-time payment feature comes into action: thanks to VCC Pay, it is now possible for agents to initiate bank card payments during a single phone call.

The Case

Cloudagents, a global leader in providing multilingual call center services solely relying on remote agents, was trusted with the delivery of a customer service, telesales and technical support project in more than 80 countries. As the project required strict data security, the company decided to turn to VCC Live®.

Our latest case study describes how Cloudagents managed to carry out a 400 billion dollar project with the help of VCC Live®. In this case study you will learn:

  • how we helped Cloudagents make the most of their home-based workforce model
  • how we allowed them to initiate payments during a phone call in more than 80 countries
  • how VCC Pay enables them to initiate payments while ensuring their agents handle customer data in a 100% secure way

Introducing VCC Pay has made all the difference for Cloudagents, making their payment process quick and easy while guaranteeing data security at all times.

Read our case study and learn more about the benefits of VCC Live Pay!

Call Center Fraud: How to Prevent Social Engineering

Posted on: August 24th, 2018 by dorarapcsak No Comments

The concept of call center fraud – such as social engineering that typically targets call centers—is nothing new. What has changed is the ever-more sophisticated techniques that are used to fool people in order to gain valuable information from them.

Social engineering is considered one of the most dangerous cyber threats around, and for good reason: contrary to computer hacking, which targets mass information, social engineering targets individuals.

The reason for this is simple: it’s much easier to fool people into revealing confidential data than try and hack their computer and steal that same information.

It’s true that everyone learns best through their mistakes, but when your business is at stake, I think we can all agree that it’s better to play it safe.

We already talked about in a previous article what you need to do in order to prevent cybercriminals to break into your systems.

So, in this article, we’ll focus on the human factor and highlight how you can prepare your employees for a possible social engineering attack. I trust you won’t want to miss out on this one!

Why call centers? Being the bullseye in the target

Before we dig in, let’s quickly look at what “social engineering” means. Social engineering is the act of manipulating people into divulging confidential information with the aim of using it to carry out fraud. Amongst other things, social engineering can involve phishing, elicitation, intimidation and pre-text scenarios.

And when you consider that professional social engineers prefer targets that offer a low risk of being discovered, and have the potential for high payoffs, it quickly becomes clear why the call center industry is one of their main focuses.

The first and foremost reason why cybercriminals target call centers is the enormous amount of data call centers process and store. This customer data can include personal information, such as account details, as well as highly confidential information, including passwords and credit card information.

Secondly, let’s face it: it’s much easier to fool people than computers. Considering that today’s up-to-date technology solutions are based on highly secure systems, it’s no coincidence that cybercriminals started to target people rather than try and hack those same systems.

As already mentioned, social engineers target individuals, and often refer to sob stories, such as a divorce or the death of a spouse, to manipulate agents into providing account information. The results of 200 social engineering test calls carried out by TraceSecurity shows that 25% of calls led to a Total Comprise, meaning that testers managed to gather enough information to access accounts by taking advantage of call center employee’s empathy.

Turnover levels in the call center industry, as I’m sure you will be aware, are still extremely high, and in most call centers agents literally come and go. As a result, sensitive and confidential information can easily end up being handled by untrained staff. Of course, that’s a great opportunity for social engineers, as it is much easier to convince untrained staff to provide cybercriminals with valuable information.

Due to the above-mentioned factors, the chance of social engineers being caught in the act when targeting call centers is comparatively low. And thus there is simply no reason why you should think they are going to stop targeting call centers anytime soon.

So, how can you prevent social engineering affecting your call center?

Mitigating the risks of exposure to call center fraud such as social engineering needs to be a top priority for any forward-thinking call center.

We cannot emphasize enough the importance of comprehensive technology that provides 100% security for your systems. An advanced encryption system, for instance, can encrypt and decrypt data without employees having access to your valuable information.

But while investing in the latest technology solutions is a prerequisite for any business, unfortunately on its own it’s not enough.

In fact, security starts with your employees. You can have all the latest security technology in the world, but if your agents are not well-educated about different forms of cyberattacks, chances are that the consequences will be disastrous.

Therefore, make sure to provide your agents with frequent security awareness training sessions. During such training sessions, the main goal should be to help agents learn how they can recognize and react to different forms of social engineering. (Also, don’t forget that GDPR also came into effect on 25th May, so educating your staff about data privacy and security is now more important than ever.)

Once you have proper technology and well-educated staff in place to help you maintain security at your call center, it’s time to test your procedures. Social engineering tests in particular allow your business to review how easy it potentially could be to gain information from your call center agents.

And as cybercriminals continue to evolve their methods regarding call center fraud, if you want to keep your data safe, repetition is the key to success.

Security risk assessments, security awareness training sessions and social engineering tests need to be both frequent and up-to-date.

Call center fraud, such as social engineering, poses a huge threat to all kinds of businesses, and call centers, who accumulate an astonishing amount of data, are definitely no exception. So make sure you really try and follow our tips, as they will help ensure your call center employees don’t fall victim to social engineering attacks.

Articles and entries on vcc.live/blog do not constitute legal advice. Should you have any legal questions, please contact your lawyer or legal advisor. VCC Live® will not take any responsibility or liability for any damages, disadvantages or losses that may arise from the results of any interpretation of the contents of the blog.