PCI DSS Compatibility
To help an organization comply with PCI DSS PhoneUP supports the following:
- Meeting data transmitted across the network is protected using strong cryptographic protocols including Secured Real Time Protocol (SRTP) with AES-256 keys. The keys are dynamic and negotiated via DTLS for each call.
- Role-based access control for admin, supervisors, agents and other employees. Not only you can define users and groups to access the recordings, but you can also configure actions (view, play, download, delete) available for them.
- Web and application access are protected by User ID and password. Windows domain authentication and SSO is supported.
- Buttons to pause and resume call recording are available on the IP phone and Cisco Jabber. Its also possible to easily stop a recording in progress.
- Delay for disconnection of an idle user is fully configurable.
- User activities (log in / log out / call recordings access) are logged for further analysis.
- Application executables are digitally signed.
- Web app interfaces are securely available over TLS 1.2.
The upcoming releases will also include:
- Audio/video files may be configured to be encrypted prior to saving on the storage.
- API to allow a 3rd party app pause and resume call recording.