PCI-Compliant Contact Center Software

Enterprise-grade contact center software requires high levels of security and compliance to protect all customer data. As an enterprise provider, Bright Pattern upholds the highest level of Payment Card Industry (PCI) compliance.

Our cloud contact center software infrastructure and practice have been third-party certified by CompliancePoint for compliance with the Payment Card Industry Data Security Standard (PCI DSS 3.2).

What Is PCI DSS 3.2?

PCI DSS 3.2 is an industry-standard baseline of security requirements mandated by the Payment Card Industry Security Standards Council to ensure compliance surrounding credit card transactions and cardholder data.

When customers make purchases using payment cards, they disclose sensitive credit card information, such as their credit card number, CVV codes, and expiration dates. Special security standards such as PCI DSS 3.2 are in place to prohibit contact center agents from viewing sensitive information, to protect customer information from outside sources, and to avoid saving cardholder data in the system.

PCI DSS 3.2 compliance means that your business agrees to:

  • Build and maintain a secure network and systems
  • Protect cardholder data
  • Maintain a vulnerability management program
  • Implement strong access control measures
  • Regularly monitor and test networks
  • Maintain an information security policy

Compliance for Contact Centers

PCI compliance should be a top priority for any contact center that accepts payment cards in customer service interactions. Although our software has been independently certified for compliance with PCI DSS 3.2, certification alone does not guarantee compliance by our customers.

A common misconception is that the compliance of a cloud provider automatically ensures the compliance of the contact center using it. The truth is that PCI compliance needs to happen at every level of infrastructure, from the cloud provider to the business to the agents to the paying customer.


Through Bright Pattern Contact Center software, we provide the tools to protect and secure payment data, but it’s up to our customers to use these tools properly. Read our list of best practices for PCI-compliant contact centers.