Call recording software and PCI: all you need to know

Now that call recording software is much cheaper and easier to implement than in the past, many companies have begun to use it for their calls. There are many reasons for this, mainly due to protecting themselves from any potential issues. However, with the new PCI regulations things have changed for businesses that are involved with taking payments over the phone. So, how will this affect your business?

Taking card details

If you take card payments over the phone while using call recording software then you may fall foul of the new PCI regulations. In this situation storing the card details, via the call recording software, would breach the regulations. There are a number of ways to comply with the regulations when taking card payments and the methods depend on the capabilities of your call recording software.

The first method is to pause the recording while taking the card details and then resuming it once the transaction has been carried out. Most modern call recording software has the ability to automatically pause the recording based on the conversation that is going on, however older call recording software will need to be manually paused.

The second method is to mute the sound that is sent to the call recording software while the card number is being read out. Again, like the pausing method, most modern call recording software can do this automatically based on the conversation which does take away some of the effort required to remain compliant.

Other methods and issues

It is also possible to take away the need to collect card numbers verbally. This is done by inputting the details with the keypad on the phone. This stops card numbers being recorded by the call recording software but does throw up some issues.

All of these issues have problems associated with them. Not all of them are foolproof. The pause and mute methods can both provide problems with it being activated in time, which can lead to the accidental recording of numbers. The keypad method can lead to the numbers being recorded because of the different dial tones of each number.


Despite the methods not being perfect, carrying them out does ensure that your business remains compliant with the current regulations. So there is no need to worry about falling foul of PCI regulations as long as your call recording software is calibrated to carry out one of these methods.

Was this post helpful?