Talkative’s policy on PCI Data
PCI data should not be sent using Talkative. Talkative does not currently have the secure capabilities and access controls required to store credit card information.
What data does PCI apply to?
The PCI standard applies only to storing completed credit card numbers.
PCI DOES NOT APPLY TO
- Bank Account Numbers
- Card Expiry Dates
- The last 4 digits of a credit card
- Recent transaction history
PCI APPLIES TO
- The whole number of the credit card.
Whole credit card numbers should not be handled within Talkative.
Accidental data sending via Talkative
If a credit card number is accidentally sent via Talkative, it needs to be removed from the platform immediately.
Automated masking
Talkative takes measures in automatically masking credit card numbers, whenever possible. These numbers will arrive as asterisks over a chat channel. Currently, there is no automated masking of credit card numbers over Voice calls or Email channels.
Manual removal
While Talkative provides a best effort masking solution, payment data can still get around those masking solutions.
If an Agent notices the customer has sent payment
The agent needs to reach out to a Talkative Supervisor, who can clean the Interaction. This process needs to be done as soon as reasonably possible to comply with legal requirements. The data can be cleaned from the Interaction Logs page
If a supervisor notices the customer has sent payment information
The data needs to be immediately cleaned. This can be done from within the Interaction Logs page (see above)