WIXLIB

Managing PCI ComplianceWhy vendor compliance methods fall shortWhile many call recording platforms provide their own process for PCI compliance, for the most part these solutions fallshort of full compliance due to limited functionality. Two of the most popular methods are highlighted below, to includehow they fall short of providing full compliance.AGENT IN ITIATED R EC OR D I NG PAU S EIn this method, agents are provided with a pause button that they will manually press during situations where PCI data isbeing communicated. This falls short of full compliance for a number of reasons.1. Agents can sometimes miss pausing the recording in time and card details can slip through into arecording. Callers are not inherently aware of the needs for pausing a recording and will occasionallyspeak their card number before an agent is prepared to pause the recording.2. Agents can utilize this pause button outside of scope for PCI to shield their quality assuranceagents from other aspects of a call.3. PCI DSS does not approve of manual intervention by staff for compliance.3DESK TO P AN A LYTIC SIn this method, desktop analytics packages are deployed to all user workstations that monitor cursor fields andautomatically pause recordings when a cursor falls into a PCI regulated field or a specific screen/web page is displayed.This falls short of full compliance for similar reasons as seen with agent initiated pausing.1. Callers may speak sensitive information before an agent has the ability to move their cursor/navigateto a protected portion of their CRM/other system. Due to the nature of this intervention these detailswill be included in the recording.2. PCI DSS does not approve of manual intervention by staff for compliance.3Tethr’s AI-powered redaction engine for PCI complianceTo meet full compliance with modern PCI DSS standards, a solution must never store or make available sensitivecardholder data. Furthermore, the removal of this information must be complete, must be rendered “non-queryable” andcannot rely on manual intervention for its removal. Tethr AI-powered redaction takes all of the guesswork out of PCIcompliance and renders call recordings as “out of scope” for all PCI compliance audits due to the following features.1. Zero manual intervention required to process redaction. Agents are not encumbered with theresponsibility of manually pausing recordings or ensuring that their cursors are in the correct fieldsprior to asking for cardholder data. This allows for a more natural agent experience and does not addto handle time, affording a more effortless experience.2. PCI sensitive data is never stored. PCI standards dictate that cardholder data cannot be stored even ifencrypted. Our automatic machine-based redaction engine removes all sensitive data prior to it beingcommitted to disk.3. Tethr takes the guesswork out of PCI compliance. Due to the fact that a machine is listening to 100%of the calls and removing any sensitive data, there is no need to worry about something slippingthrough the cracks and showing up as an audit finding. With automatic redaction on 100% of the calls,call recordings are now out of scope of a PCI audit.4. Tethr (through redaction and secure storage process) renders cardholder information unusable to thetop layer UI and does not store this information to disk.3Information Supplement: Protecting Telephone-based Payment Card nts/protecting telephone-based payment card data.pdfLearn more at: tethr.com or (512)-910-4440 2018 CollabIP, Inc. All rights reserved.4 of 9

Tethr’s Unrivaled Redaction SystemTethr redaction was designed from the ground up to ensure uniform compliance with current and evolving industrystandards. Tethr’s automated machine redaction is a core feature for purging PCI information contained in call recordings.Building blocks of complianceThe Tethr platform employs a sophisticated automatedredaction system for processing call center audio andtranscription data. The Tethr process for purgingsensitive information from call audio involves thefollowing logical stages:1.2.3.4.5.6.Audio Isolation & sentationTethr call redaction processAUD IO ISO LATIO N & P ROC E S S I NGA critical step in the Tethr process is to transfer call audio from potentially insecure or noncompliant sources to the TethrHosted PCI Compliant platform. Incoming audio is prepared for transcription in several stages. The audio may be passedthrough a stage of speaker detection and separation known as Diarization. This is done for calls recorded with more thanone participant in a single audio channel. The Diarization process detects each participant by identifying unique audiocharacteristics of each voice in the call. Each participant’s audio is then separated into a separate channel for processing.To perform this process, the audio is transferred to a diarization server via a secure connection. The diarization serverdetects the number of speakers in the call and identifies the time regions during which each speaker was talking. Theregions are then used to split the audio, into multiple channels, placing each speaker in their own unique channel.Learn more at: tethr.com or (512)-910-4440 2018 CollabIP, Inc. All rights reserved.5 of 9

The audio for each channel is separately broken into smaller segments based on brief intervals of relative silence. Thesesegments, known as utterances, are then submitted to transcription providers via secure connections.The diarization, channel separation, utterance segmentation, and transmission to the transcription providers are performedentirely within the server’s volatile memory.Results from the transcription providers are collected and assembled into a complete call transcript. Each word in thetranscript includes starting and ending timestamps, which allow it to be matched with the audio from which it wascreated. Associating individual word timings from the transcript with the audio stream is important for the redactionprocess.D E TECTIO NThe first step in PCI redaction is to tokenize incoming words and word sequences into several general classes, includingCommon Words, Key Words, Number Words, Digits, Numbers and Number Modifiers. In this context, common words arethose words which do not represent any of the other classifications.Key Words refer to individual words or word sequences that are specific to the type of information being redacted. In thecase of credit card information, words such as "credit", "debit", "card", "number", "Visa", "security", "code", "expiration","date", occurring alone or in specific sequences serve to indicate the possible presence of credit card data. Number Words,include words representing numbers or individual digits, such as "one", "two", "ten", "twenty" and so on.In addition to identifying specific number words, homophones – words which sound the same or similar to number words– are also identified. For example, the words "won", "too" and "for" may actually be errors in transcribing the words, "one","two" and "four" respectively. Such words are treated as potential number words during the detection process when theyoccur in the context of key words and number sequences. Digits and Numbers are literal values in text form, such as 1, 10,25, 150, etc.The transcription of numbers is highly dependent on the formatting of the transcription results. For this reason, both literalnumbers and number words are taken into account during the detection process. Number Modifiers are words such as"hundred", "thousand", etc. which alter the relative value of preceding digits and numbers within an utterance.Once words in the transcript have been tokenized into the aforementioned classes, the number words are parsed andconverted into literal digit sequences. For example, "one zero zero", "one hundred", "100", and "1 hundred" all convert to thedigit sequence 1, 0, 0. In this manner, all numerical values in word or literal form are converted into uniform digitsequences for use in the detection process.When a credit card number is given during a call, often the agent will ask for a "credit card number" or "card number", orthe customer may say something along the lines of "here is my card number" or "my card number is". These constitute avariable sequence of keywords which are closely followed by a series of digits or numbers.The agent may then ask for the "expiration" or "expiration date" or the customer may say "the expiration date is" followedby the name of a month or a pair of numbers such as "ten", "two thousand twenty-one" or "October of twenty-one". Inaddition to these elements, the agent may ask for, or the customer may offer, the "security code" or "code" followed by a3-digit number. Additionally, the agent may repeat the numbers spoken by the customer during or after the customerutterances for confirmation.The specific sequence of keywords and numbers which make up the exchange of a credit card number often varies fromone call to another, so the system must be highly robust with respect to how the information is presented in any given call.Learn more at: tethr.com or (512)-910-4440 2018 CollabIP, Inc. All rights reserved.6 of 9

CLASSI F ICATIO NClassification is based on the presence or absence of keywords and numbers in various sequences. Distances betweenthese components, measured in words, are also taken into account during the classification process. This is becausenon-relevant words and vocalizations may be interjected into a sequence as part of normal speech without significantlyaltering its meaning. Keyword and number sequences occurring in a context that is consistent with the presence ofsensitive information, results in redaction. The number sequence itself is treated as a general sequence of digits rather thana specific numerical value. In this context, the digit count of a sequence is by far the most important factor for identifyinginformation to be redacted.As the length of a digit sequence may vary due to transcription errors and other factors, an exact match for the number ofdigits expected is not required. In a long number sequence like a social security number, for example, it is quite likely thatsome of the numbers will be mistranscribed as non-numbers. For this reason, the context of the number sequence is veryimportant for classification.Some contexts may be considered stronger than others, based on number and strength of keywords encountered. Thestronger the context of a number sequence, the less strict matching requirement needs to be, and vice versa. For example,in a strong credit card context a number 9 digits long will be redacted, while in a neutral context the number must have atleast 13 digits before it will be redacted. Such parameters are configurable to accommodate the specific information to beredacted and the level of security required.Classification is based on a set of branching logical rules defining sequences of numbers and key words, and the relativedistances between them. These rules can be general, or they can be customized to meet different requirements. Word listsand their relative importance, distances between words and numbers, and digit sequence length requirements are allconfigurable to achieve optimal results. Different combinations of branches in the rule set allow the system to handlevarious ways that sensitive information may be spoken.Additional heuristics are used during sequence evaluationto account for sequence variations and intervening wordsor utterances within the sequence. When the logical valuefor a sequence of elements evaluates to “true”, based onthe rule set, all the associated words and elements areclassified as sensitive information. All elements in thesequence are then selected for redaction. The finaloutput of this stage is a list of time frames to beredacted, along with a reason for the redaction based onthe sequence classification.Categories that are redacted, (by default), are credit cardnumbers and their associated security codes(CAV2/CVC2/CVV2/CID3). Optionally, bank and checknumbers, as well as social security numbers, can beredacted, depending on the rules used and how thesystem is configured.The redaction occurs in two passes. During the first, theaforementioned rules are applied. A second pass checksfor remaining numbers that fully or partially matchnumbers redacted during the first pass and removesthem. This allows the system to handle cases where thenumber is repeated outside of its expected context.Learn more at: tethr.com or (512)-910-4440 2018 CollabIP, Inc. All rights reserved.7 of 9

PURGEIn the purge phase of the process, words and elementsclassified as a credit card numbers or other sensitiveinformation are removed from the transcript. In additionto redacting information from the transcript, all wordsand elements classified as sensitive information areremoved from the audio stream and replaced withsilence.Each word and element in a transcript has associatedtime-stamps marking the start and end of the word inthe audio stream. To remove the words from this audiostream, the section of audio between the start and endtime of each redacted word is replaced with silence.Everything within the time-frame, includingnon-numerical expressions, is redacted.This redaction process is applied to call data, includingaudio and transcripts, prior to the data being stored orindexed for search. Applying the redaction process priorto storage and indexing ensures that no sensitiveinformation is ever accessible once it is removed. Thus,sensitive information is removed before it can beaccessed, while non-sensitive information is unaffectedand can be accessed as needed for quality assuranceand other purposes.Rules used for redaction can be created and tuned based on anonymized examples of sensitive information. These rulesmay be manually customized to meet specific needs or generated automatically using Tethr machine learning technologies.As rule libraries grow they become more accurate, more powerful, and are able to accommodate more diverse types ofsensitive information. This flexibility in rule creation allows the system to quickly adapt to evolving security standards andneeds.ARCH IVALAfter a call is fully redacted, it is placed into the customer’s encrypted private storage instance for permanent archive.Customers can optionally access the redacted call transcript, audio, and related analysis by way of the Tethr Webhooks API.For engineering purposes, (development, quality assurance, etc.), whenever a customer transcript is pulled from storage, allnumbers in the transcript are replaced with random numbers having the same digit count. This masks and eliminates anypotentially sensitive information while still providing working examples of such information. These working examples canthen be used for rule creation, test, and evaluation without compromising security.PR E SEN TATIO NWhen the call is presented in the user interface, any words marked for redacted are no longer present. The UI displays anotice that sensitive information has been removed. The original audio for those time periods is deleted and replaced withsilence.Learn more at: tethr.com or (512)-910-4440 2018 CollabIP, Inc. All rights reserved.8 of 9

Summary: The New Security Frontier & Cloud-Based ComplianceAs discussed, the identification, sequestration and redaction of sensitive information in business communications is animportant part of modern security standards for the handling and storage of confidential data. Information securitycompliance standards such as PCI, HIPAA, HITRUST and others mandate that sensitive information in different types ofbusiness communications and records be safeguarded during both storage and transmission.An important part of meeting such compliance standards is the ability to redact specific types of sensitive informationfrom all records, both written and electronic. Manual redaction of such information during entry or early processing is astandard industry practice but may not always be fully followed. This is due to a variety of factors, including uncertaintyaround who is responsible, human error in processing vast amounts of digital, audio, and written information, and thefailure of vendor solutions to meet current standards requirements.For this reason, Tethr designed automated redaction as a core feature for purging PCI information to ensure uniformcompliance for current and evolving industry standards. Tethr redaction capability introduces a new model that helpscustomers achieve PCI compliance while outsourcing the risks and costs of doing so.In addition to meeting PCI DSS standards requirements, Tethr’s redaction service further benefits customers by offering ahosted, PCI compliant platform, for archive and playback of calls.CO N TAC T US TO L E A R N M OR E :TETHR.COM(512) 910-4440SALES@TETHR.COMDisclaimer: This document(s) is proprietary and confidential. Information contained is solely intended for the recipient and may not beused, published, or redistributed without Tethr’s prior written consent as covered in the existing NDA between the parties.Learn more at: tethr.com or (512)-910-4440 2018 CollabIP, Inc. All rights reserved.9 of 9

all PCI compliance audits. Not only does Tethr's redaction service meet all new requirements, customers benefit from the hosted PCI compliant platform with searchable call playback and analytics. Simply put, Tethr's model lets you outsource the risk and cost of PCI DSS call recording compliance. Tethr compliance lets you outsource risk and .