Want to create interactive content? It’s easy in Genially!

Get started free

2024 C3 PCI Compliance Training

Signet Jewelers

Created on March 20, 2023

Start designing with a free template

Discover more than 1500 professional designs like these:

Tech Presentation Mobile

Geniaflix Presentation

Vintage Mosaic Presentation

Shadow Presentation

Newspaper Presentation

Zen Presentation

Audio tutorial

Explore all templates

Transcript

2024 Customer Connection Center PCI & PII Compliance

START

Objectives

  • PCI & PII Compliance Expectations
  • Workspace Requirements
  • Workspace Expectations

PCI & PII Compliance: Expectations

  • All calls, both inbound and outbound, are to be paused when obtaining/processsing credit card information
    • These steps will be further outlined in the next section
  • All credit card information is to be processed through the website on a private browser
  • No credit card information is to be stored or recorded systematically or manually
    • Example provided in the next section

PCI & PII Compliance: Expectations

  • When taking credit card information from a customer, the agent should NOT be repeating the card information back to the customer, unless absolutely necessary.
    • Standard practice should be that team members ask the customer to repeat the card number back to ensure accuracy.
    • If it is absolutely necessary for the agent to repeat the card number back to the customer (i.e. disability or language/speaking barrier), this should be clearly documented.
      • In the rare instance that it is necessary to repeat the card number to the customer, the agent should document as follows: "To meet customer needs, I repeated the card number back to the customer during the verification process to ensure accuracy".
  • As a reminder, any time we are taking credit card information from a customer, the Pause Recording feature in Genesys should always be used.

PCI & PII Compliance: Pause Recording

Click through the numbers to the right for more information on pausing your recording while in the Genesys Cloud app on your desktop.

PCI & PII Compliance: Pause Recording

Before taking any credit card information, be sure to select the "Secure Pause" icon here. The icon will turn red to indicate the recording is paused. When the credit card information is not available on screen anymore, click the icon again to resume the recording.

PCI & PII Compliance: Pause Recording

It is important to remember that when making outbound calls, you must call on behalf of a queue in order for the "Secure Pause" button to be functional. You will do this by selecting the 'Interactions' option in your Genesys window. You can call on behalf of any queue that you are a member of.

PCI & PII Compliance: Pause Recording

SERVICE TEAM MEMBERS ONLY:

Click through the numbers to the right for more information on pausing your recording while in the Genesys Interaction window in Salesforce.

PCI & PII Compliance: Pause Recording

Before taking any credit card information, be sure to select the "Secure Pause" icon here. The icon will turn red to indicate the recording is paused. When the credit card information is not available on screen anymore, click the icon again to resume the recording.

PCI & PII Compliance: Pause Recording

It is important to remember that when making outbound calls, you must call on behalf of a queue in order for the "Secure Pause" button to be functional. You will do this by selecting the 'Interactions' option in your Genesys window. You can call on behalf of any queue that you are a member of.

PCI & PII Compliance: Pause Recording

Click on each card below to learn more.

  • Obtain the Case number and/or Interaction ID associated with the call/chat
  • Contact your supervisor with the information and explain that credit card information was recorded during your interaction with the customer
  • Your Supervisor will escalate to the QA Team and have the recording deleted from our system to prevent the information from being stored

2. Next Steps

What action do we take to correct it?
  • If a customer provides credit card information before you are able to pause your recording
  • If you forget to pause your recording, before the customer provides credit card information
  • If the customer's credit card information is recorded during a chat

1. Systematic/ Manual Recording

How can this information be recorded/ stored by our system?

PCI & PII Compliance

A private browsing window should be used anytime we place an online order for a customer or field team member. This protects our customer's private information and ensures that order information from one customer is not accidentally shared with another customer. After any order is placed, close the window and open a new private browsing window.

Chrome
Firefox

PCI & PII Compliance

After opening the private browser, the AOS site must be used to place the order on behalf of the customer (www.BANNERNAME.com/aos). The team member will enter their name, employee ID, and one of the below store numbers for Service team members:

Kay - 9043 Jared - 9047

Kay Outlet - 9048ZPP (Zales, ZO, Banter, Peoples) - 9044

PCI & PII Compliance

The below store numbers are to be used by VJE/Sales team members:

Kay - 3925 Jared - 3941

Zales - 3958Banter - 3973 Peoples - 3996

PCI & PII Compliance - Live Person

When placing an order on behalf of a customer via LivePerson, we will need to use the AOS Link and the Secure Payments widget in LivePerson to track the sale and attribute it to the agent who placed the order. While commission is not given to C3 Team Members, it will add to your selling metrics and conversion rates.

  • Build the customer's Shopping Bag on the AOS version of the banner website
    • Including any warranties, St. Jude donation, customer provided promo code
    • Excluding Customer Service promo code
  • Use the "Cart" button in AOS to copy the Shopping Bag link
  • Go back to the messaging window in LivePerson to send the customer the link to the shopping bag via the Secure Payments widget (see next steps)

PCI & PII Compliance - Live Person

  • Once back in the LivePerson message, click the "SP" widget, which will open the Secure Payment link generator
  • Paste the copied Shopping Bag URL (copied with the Cart Button in AOS) into the Secure Payments widget/link generator
  • Click "Send"
  • The Secure Payments link will now populate in your messaging window
  • The Secure Payments widget will update with the message "Shopping Cart Status: Checkout Pending"

PCI & PII Compliance - Live Person

  • Send the Pre-Defined Content to your customer regarding the Payment link.
  • If the customer doesn't place the order within 5 minutes, the widget will update to "Checkout Not Complete". Send Pre-Defined Content promptly to offer assistance/inquire if they are experiencing issues placing the order.
  • Once the customer completes their order, the widget will update and notify "Checkout Complete".

PCI & PII Compliance

Chat

Click through each of the cards below to learn more.
  • To place an order for a customer via chat, Team Members must send the AOS Link to the customer, or may use the Credit Card Secure Form as a backup.
  • If the customer submits their credit card data through the chat platform, the chat software will attempt to recognize the data as credit card data and will mask the data at the server level.

If the chat software fails to recognize credit card data, team members are required to involve management so that a ticket may be submitted to Live Person support for the removal of the information.

Administrative functions are restricted to the leadership team and team Members who have been given administrative rights for leadership-based responsibilities.

PCI & PII Compliance

Call Recordings

Click through each of the cards below to learn more.

Members of leadership have access to recorded calls which are protected and stored on an internal server.

All customer and internal interactions may be recorded and/or monitored.

Call recordings are retained for two years to ensure compliance with Reg E EFTA requirements for payment processing.

PCI & PII Compliance

Correspondence

Click through each of the cards below to learn more.

Account numbers are masked (only the last 4 digits are given) when appropriate to include in any form of correspondence (chat, email, mail).

It is required to encrypt emails when it is necessary to send the cardholder data. Emails can be encrypted by typing "Confidential" as the first word of the subject field and applying the "Confidential" sensitivity tag.

Written correspondence that must be retained is stored in a locked drawer and transferred to the warehouse after three months.

PCI & PII Compliance

Third Parties

Click through each of the cards below to learn more.

Examples of personal information to use for verification:

  • Name
  • Address
  • Order number/ email address
  • Last four digits of credit card number associated with purchase
  • Date of Birth or SSN - used only for Signet credit accounts that did not transition to a provider

Before releasing information to a caller, Team Members must verify the customer with 3 pieces of personal information.

Reminders: Work at Home Expectations

Requirement for Workspace Equipment & Resources

Team member must have high-speed Internet connection via standard DSL, Cable or fiber optic connections like Verizon FiOS or AT&T U-verse. The minimum required speed of internet is 50 mbps and latency of 100 ms or less; anything lower in speed will not properly support the equipment.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Work area must be private and inaccessible to others during working hours.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Work at home is not a substitute for dependent (Child/Adult) Care. Childcare or Adult care is required to be resolved as if working on-site.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Work area must be free from background noise & distractions.
Distraction Examples:
  • Team member stepping away from tasks and/or phones due to call received via personal phone
  • Team member stepping away from tasks and/or phones due to doorbell ringing
Background Noise Examples:
  • TV/Radio playing in the background which is disruptive to tasks/calls

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team members are required to keep workstations clean and free from written notes containing any form of cardholder or PLCC data. Team members are not permitted to use pen and paper to take any types of notes. All documentation/notes must be recorded as required via documentation policy.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Personal cell phone usage is not permitted at workstations. Do not contact guests or customers from a non-Signet device.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
All team members using the Microsoft Speech to Text feature are required to always use a Signet approved headset(s).

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.

Computers must be locked when team members are away from their workstation and logged-off at the end of the workday.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team Members are required to have Audio and visual participation during any and all training, meetings, or conferences.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Customer personal information should not be written down and should only be recorded in the appropriate system.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
System passwords must not be written down.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
When calling off for a scheduled shift, team member must report call off to the Dugout by calling 330-576-1608. If your supervisor requires direct contact, please reach out to them as well.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team Member must notify supervisor immediately in the event of any interruption of work by a technical situation that cannot be resolved within 24 hours, including but not limited to a malfunction of Company's equipment, or Internet/telephone service interruption.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
If service cannot be restored within a 24-hour period, Team Members located within 50 miles of the Akron home office are expected to report to the Support Center Workstation at 375 Ghent Road, Fairlawn, OH 44333 for scheduled shifts.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Internet or Power Outages greater than 2 hours require “proof of outage ” which includes date/time outage began and date/time outage restored. Once proof is provided, team members will avoid unexcused absence and may be permitted to use vacation or PTO when available.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team member must meet all quality and performance goals as established for the position.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team member is not permitted to use alcohol, tobacco or vapor products while working. Use of tobacco or vapor products must be restricted to break times.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team member must comply with all Company/Department policies and procedures.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team member will be accessible by phone, teams, and email during the Team member’s scheduled shift.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team member will respond to leadership/coworker emails/Teams messages the same business day if received in the 1st half of the shift and no later than the next scheduled day if received in the 2nd half of the shift.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team member will inform their supervisor when they will be unavailable or inaccessible for an extended period, for either personal or business reasons.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Performance and progress achieved during Remote Work will be discussed with the team member’s supervisor during periodic one-on-ones to promote team member’s success and to foster effective communications.

Reminders: Work at Home Expectations

Workspace Requirements

Click through the cards below to learn more.
Team member must comply with all Company employment policies, procedures, and guidelines, including, but not limited to, Company’s Code of Conduct, Information Security, and all policies regarding technology, confidentiality, workplace safety, and discrimination and harassment.

Congrats!You are now a Compliance Pro!

You may now exit this module & complete the PCI & PII Compliance Assessment.