Secure flows overview

When processing credit and debit card payments by phone, IVR technology is more secure than live phone support. Users don’t have to hand over sensitive financial data to an actual person. Genesys Cloud’s secure IVR technology is designed to make it easy for Genesys Cloud customers to handle any sensitive information safely. When used with credit cards, it allows Genesys Cloud customers to comply with the Payment Card Industry Data Security Standard (PCI DSS). This standard provides guidelines for protecting consumers’ credit card information from unauthorized use.

For example, a caller speaking to an agent wants to make a payment toward a bill. Use a secure flow for a secure payment option that prompts customers to enter sensitive data, such as credit card or bank account information. The secure flow handles the payment processing and if configured, when it reaches the end flow action it returns the caller to the agent.

Implementing secure call flows can improve performance and reduce costs in many ways:

• Reduce exposure to PCI compliance issues due to manual handling of credit card payments
• Reduce agent-assisted processing
• Improve the accuracy and efficiency of payments by phone
• Improve customer satisfaction

Genesys Cloud allows you to retrieve a trunk’s diagnostics logs to help diagnose call issues. When you enable protocol and media diagnostic captures for troubleshooting purposes, the system does not encrypt data.

Enabling media capture and protocol capture logs all data entered in the system, including data entered via secure flows. This process can include sensitive data that the system should not expose or capture. It is recommended practice to avoid enabling these settings when using secure call flows.

If you are a PCI-compliant Genesys Cloud organization and have the PCI DSS setting enabled, then Genesys Cloud disables the Media Capture and Protocol Capture settings. For more information, see Enable media capture and Enable protocol capture.