PCI-DSS Level 1 Compliant
Kallina AI respectă cele mai stricte standarde de securitate pentru procesarea plăților cu card prin telefon.
PCI-DSS Requirements
Network Security
Firewall și network segmentation pentru CDE
Secure Configurations
No default passwords, hardened systems
Protect Stored Data
Encryption of stored cardholder data
Encrypt Transmission
TLS 1.3 for data in transit
Anti-Malware
Protection against malicious software
Secure Development
Secure SDLC și vulnerability management
Access Control
Need-to-know basis access
User Authentication
Unique IDs și strong authentication
Physical Security
Restricted physical access to CDE
Logging & Monitoring
Complete audit trails
Security Testing
Regular vulnerability scanning și pen tests
Security Policy
Documented security policies
Secure Payment Flow
1. DTMF Entry
Customer enters card via keypad (not spoken)
2. Secure Capture
DTMF captured în isolated PCI environment
3. Tokenization
Card data immediately tokenized
4. Payment Processing
Token sent to payment processor
5. Data Destruction
PAN never stored, immediately destroyed
DTMF Masking
Recording Protection
DTMF tones sunt mascate în recordings pentru a preveni captura PAN.
Transcript Protection
Numerele de card nu sunt transcrise sau stocate în logs.
Scope Reduction
In Scope
- • DTMF capture component
- • Tokenization service
- • Payment gateway connection
- • Encryption keys
Out of Scope
- • Voice AI processing
- • Call recordings
- • Transcripts
- • Analytics systems
Compliance Certifications
PCI-DSS Level 1
Highest compliance level
Annual QSA audit
AOC Available
Attestation of Compliance
On request
P2PE Certified
Point-to-Point Encryption
Maximum protection