Collection agencies, debt buyers and call center firms are among the next group of service providers that need further guidance to become complaint with payment card PCI security standards, according to a new TowerGroup report.
The report from Senior Analyst Brian Riley notes that compliance with PCI security standards is strong among large and mid-size merchants but that the six other industry segments constitute “Security Hot Spots” and need attention.
The six industries are strongly integrated with the payment card industry, and include collection agencies, debt buyers, call center service firms, reward fulfillment companies, direct marketing vendors, and print and digital media companies.
Riley notes that collection agencies often having access to full cardholder account information, and that debt buyers acquire blocks of delinquent accounts. Debt buyers “might not have access to live transaction data, but they can provide information that, if revealed, could have other adverse effects on cardholders,” according to Riley. Call centers provide customer acquisition and service though digital or human interaction.
There are a number of safeguards these six industry verticals can take until PCI security standards are better defined. Three core principals include instituting strong access controls, conducting vulnerability management, and ensuring the protection of stored cardholder data.
The major payment card networks joined in 2006 to create the Payment Card Industry Data Security Standards, typically called PCI, according to the report, “Extending Influence of Data Security into the Card Ecosystem: The Next Trend in PCI Compliance.”
The group, including American Express, Discover, Japan’s JCB, MasterCard, and Visa, created a standards council to oversee the implementation of PCI. The council’s initial focus has been on ensuring that card-accepting merchants reach and maintain PCI standards, writes Riley.
Level 1 merchants, defined as those conducting more than 6 million card transactions annually, achieved a PCI compliance rate of nearly 80 percent in 2007, TowerGroup reports. Level 2 merchants, conducting 150,000 to 6 million card transactions a year, had a compliance level of 65 percent last year. Riley reports that the PCI council plans to turn its attention to improving the compliance rate among Level 3 and Level 4 merchants.
The PCI council could address the six hot spots after more merchants pass certain security milestones.
![the word regulation in a stylized dictionary [Image by creator from ]](/media/images/Credit_Report_Disputes.max-80x80.png)
![Cover image for New Agent Onboarding Manuals resource [Image by creator from insideARM]](/media/images/New_Agent_Onboarding_Manuals.max-80x80_3iYA1XV.png)
![[Image by creator from ]](/media/images/Finvi_Tech_Trends_Whitepaper.max-80x80.png)
![[Image by creator from ]](/media/images/Collections_Staffing_Full_Cover_Thumbnail.max-80x80.jpg)
![Report cover reads One Conversation Multiple Channels AI-powered Multichannel Outreach from Skit.ai [Image by creator from ]](/media/images/Skit.ai_Landing_Page__Whitepaper_.max-80x80.png)
![[Image by creator from ]](/media/images/paper-collections_triggers_1_1.max-80x80.png){kind=small}
![Report cover reads Bad Debt Rising New ebook Finvi [Image by creator from ]](/media/images/Finvi_Bad_Debt_Rising_WP.max-80x80.png)
![Report cover reads Seizing the Opportunity in Uncertain Times: The Third-Party Collections Industry in 2023 by TransUnion, prepared by datos insights [Image by creator from ]](/media/images/TU_Survey_Report_12-23_Cover.max-80x80.png)
![[Image by creator from ]](/media/images/Skit_Banner_.max-80x80.jpg)
![Webinar graphic reads RA Compliance Corner - Internal Controls: When and how to Effectively Use Them 6-15-24 2pm ET [Image by creator from ]](/media/images/RA_Web2_6.12.24_Landing_Page.max-80x80.png){kind=small}
![Webinar graphic reads Help Wanted: Predictive, Collaborative and Intelligent Contact Data April 25 at 3pm et by TransUnion [Image by creator from ]](/media/images/Landing_Page_2_KAmAKW1.max-80x80.png){kind=small}
![Webinar graphic reads Multi-Channel AI: Improve Contacts & Increase Revenue Compliantly April 4 at 2pm et [Image by creator from ]](/media/images/Skit.ai_InsideARM_Landing_Page_1200x627.max-80x80.png){kind=small}
![Streamline Your Collections Process with Voice AI [Image by creator from ]](/media/images/Streamline_Your_Collections_Process_with_Voice.max-80x80.png){kind=small}
![How to Connect with Today’s Digital Consumer [Image by creator Editor from insideARM]](/media/images/finvi_webinar_thumbnail.max-80x80.png){kind=small}
![Customizable or Configurable? Webinar [Image by creator Editor from insideARM]](/media/images/Landing_Page_2.max-80x80.png){kind=small}
![How to Launch an Omnichannel Collection Strategy [Image by creator Neustar from insideARM]](/media/images/omnichannel-webinar.max-80x80.png){kind=small}
![Breaking Down the CFPB's Opinion on Convenience Fees [Image by creator Editor from insideARM]](/media/images/2022-11-convieniance-fees-webinar.max-80x80.png){kind=small}