Genesys Cloud - Main

All, 

Intention is to capture customer PCI data like account number or credit card number etc from customer through IVR call flow.

We setup main call flow announcing Welcome Announcement and later transfer the call to secure flow. Within secure flow, plan is to ask customer for the account details and password. Later we use the REST API to authenticate the customer using account number and password provide by customer before.

Within secure call flow, we will set participant data for the customer verification status based on outcome of REST API and transfer the call to main call flow or another call flow.. 

Question is

1. how we can mask the PCI data within secure call flow.
2. Avoid to set Participant data for Account number or password
3. Pause the recording when in secure call flow.      

  

#Implementation

------------------------------
Shishir Srivastava
BT Communications Ireland Ltd
------------------------------

Hello Shishir, 

I believe your questions are already handled on when a customer enters a secure flow. Please see this document for more details. 

1. I dont know your org configuration but to mask secure data you can always turn on PCI and Mask sensitive data.
2. The secure flow does not collect information and I believe this information would need to be gathered in a main call flow. 
3. This happens automatically in a secure flow, but I believe if the customer is already with an agent they can use the secure pause feature. 

Hope this helps!

Cheers, 

------------------------------
Cameron Tomlin
Online Community Manager/Moderator
Genesys - Employees
------------------------------

Thanks Cameron for the quick response.

Is this mean, we have to enable Sensitive Data Redaction for Payment Cards or Sensitive Data Redaction for Personal Information on Org level.

Once this is enabled and using Secure flow, below data will be masked. 

• Credit card and debit card numbers [card number]
• Card expiration date [card expiry date]
• Card Verification Value (CVV) or Card Identification (CID) number, a three-digit or four-digit number printed on the front or back of the card [card number]
• Person name [card number]

• User information such as usernames [user info]
• Phone number [phone]
• Email address [email]
• Person name [name]
• Zip or postal code [postal code]
• Passwords [user info]
• Locations [location]
• National Identification Number [national id]
• Other PII such as license plate number and bank account number [personal info]

Is there any way to configure what to mask and what's not. Also how, Genesys detect that specific KVP or variable value is name or phone number which need to masked. If Person name need to mask, should we store Person name as key or variable name

------------------------------
Shishir Srivastava
BT Communications Ireland Ltd
------------------------------

Original Message:
Sent: 10-01-2024 08:03
From: Cameron Tomlin
Subject: Secure Flow

Hello Shishir, 

I believe your questions are already handled on when a customer enters a secure flow. Please see this document for more details. 

1. I dont know your org configuration but to mask secure data you can always turn on PCI and Mask sensitive data.
2. The secure flow does not collect information and I believe this information would need to be gathered in a main call flow. 
3. This happens automatically in a secure flow, but I believe if the customer is already with an agent they can use the secure pause feature. 

Hope this helps!

Cheers, 

------------------------------
Cameron Tomlin
Online Community Manager/Moderator
Genesys - Employees
------------------------------