All resources used by C3 for Amazon Connect are PCI DSS compliant, as reported by Amazon. This includes the following services:
- Amazon Connect
- AWS Lambda
- AWS Secrets Manager
Amazon provides the current Attestation of Compliance (AOC) for customers in AWS Artifact.
Customer Dynamics is a PCI DSS Level 1 Service Provider and undergoes annual audits to ensure that we are compliant with the Payment Card Industry Data Security Standard (PCI DSS). This means that we have implemented the necessary security controls to protect your customers' payment information. In fact, Customer Dynamics does not have access to your customers' payment information at any time. By utilizing tokenization, we ensure that sensitive payment data is never stored or transmitted.
While Customer Dynamics is PCI DSS compliant, it is important to note that compliance is a shared responsibility. Because C3 for Amazon Connect is hosted using your own AWS infrastructure, you are responsible for ensuring that your environment is secure and that you are following the PCI DSS requirements. Additionally, you are responsible for keeping your infrastructure up to date with the latest security patches and updates that are released for C3 for Amazon Connect.
If you require an Attestation of Compliance (AOC) from Customer Dynamics to demonstrate our PCI DSS compliance, please contact us at support@customerdynamics.com and we will be happy to provide you with the necessary documentation.