PCI Compliance

TeloAI safeguards financial data by supporting PCI DSS-aligned operations, though we don’t directly store or process cardholder information.

Overview of PCI DSS

The Payment Card Industry Data Security Standard (PCI DSS) is a globally recognized framework for safeguarding cardholder data. It outlines strict protocols for collecting, transmitting, and storing payment information securely.

TeloAI's Approach to PCI Compliance

By default, TeloAI enables features such as voice call recording, transcription, and logging to support service quality. However, additional precautions are applied when handling sensitive payment data.

Security Configuration Highlights

  • Cloud Storage – Customers may opt to store recordings in PCI DSS Level 1 compliant storage systems (e.g., AWS S3, Azure Blob, Google Cloud, Cloudflare R2).

  • Webhook Integration – Transcripts can be securely delivered via webhooks.

  • No Default Retention – If no storage or webhook is configured, recordings and transcripts are not stored.

Enabling PCI Mode

To align with PCI standards:

  1. Access your assistant's configuration panel in TeloAI.

  2. Enable the PCI Compliance option.

  3. Choose PCI-compliant models and voices.

  4. Optionally, configure cloud storage credentials and transcription webhooks.

Example configuration:

jsonCopyEdit{
  "compliancePlan": {
    "pciEnabled": true
  }
}

If no endpoints are set, the platform discards the data post-call, ensuring no residual storage.

Combined Compliance

TeloAI supports concurrent activation of HIPAA and PCI modes. When both are enabled, the strictest data handling rules apply—no data is retained or transmitted, even to external endpoints.

FAQs

Q: Does PCI mode affect service quality? No, it ensures secure data handling while maintaining core voice features. However, some in-platform features like reviewing transcripts or recordings may be restricted.

Q: Who should enable PCI compliance? Organizations processing payment data, such as financial service providers, should enable PCI settings for enhanced protection.

Q: Can I disable PCI mode later? Yes, you can toggle pciEnabled based on your compliance requirements, with the understanding that it impacts how data is retained and reviewed.

TeloAI continues to enhance its payment data protection capabilities in alignment with PCI DSS best practices.

Status: In progress

PreviousGDPR ComplianceNextSOC 2 Compliance

Last updated