PCI + AI for Support Reps: Handling Card Numbers

If you process card payments, you operate under the Payment Card Industry Data Security Standard (PCI DSS). Customer support workflows that handle card data have specific requirements.

AI tools in those workflows need to fit.

This is not legal advice. Talk to your PCI compliance team.

The simple rule

Don't send card data to AI services. Full stop.

PCI DSS treats cardholder data as a sensitive category. Sending it to an AI service expands your cardholder data environment (CDE) to include that AI vendor. That AI vendor needs to be PCI-compliant. Most aren't.

The right pattern is: AI never touches card data. Card data is handled by PCI-compliant payment systems. AI handles everything else.

How to keep AI out of cardholder data

Mask card data before it reaches support tools. Most CRMs and helpdesks have card-masking features. Enable them. The support rep sees " 4242". AI tools that index support tickets see the masked version.

Use payment processor links for collection. Don't take card numbers over chat or email. Send the customer a link to your payment processor's hosted page. The card data never enters your system.

Train support reps to NEVER paste card numbers anywhere. Including AI-powered draft tools. Including ticket fields not designated for cards. Standard PCI training extended to cover AI tools.

Auto-redaction on incoming messages. Some support platforms auto-detect and redact 16-digit numbers that look like card numbers. Enable.

When AI in support is fine

Most support work doesn't touch card data. AI for those tasks is fine: - Drafting responses to common questions - Categorizing tickets - Routing to the right team - Summarizing customer history (with card data masked) - Suggesting knowledge-base articles

The boundary is: AI sees masked or non-card data, NEVER raw card numbers.

When AI in support is not fine

AI that drafts replies including card numbers. If your support reps are pasting raw card numbers into chat with AI assistance, the chat tool is now in your CDE.

AI that suggests refunds or charges referencing card details. If the AI sees a card number to suggest "refund $X to card ending in XXXX," you've expanded your CDE.

AI scribes that record customer calls where card numbers are spoken. The recording or transcript contains card data. The AI scribe is now in scope.

The phone support angle

Phone support where customers might read card numbers aloud is its own challenge.

Compliant patterns: - Pause-and-resume recording during card collection - IVR or DTMF for card capture (the rep doesn't hear it) - Live agent steps off the line while customer enters card via DTMF - Don't transcribe calls at all if cards are spoken

AI scribes on calls with potential card discussion need special handling. Most firms exclude these calls from AI scribing entirely.

The chat angle

For chat support: - Block patterns that look like card numbers (regex catches 16 digits with spaces) - Auto-redact before saving to ticket - Train AI assistants to refuse to process anything that looks like a card

A specific compliant pattern

Customer asks for a refund. Support rep needs to verify identity and process refund.

The rep uses AI to draft the response. The AI sees: customer name, order ID, refund amount, status. AI does NOT see card number.

When the actual refund happens, the rep clicks a button in the helpdesk that calls the payment processor's API. The card number is referenced by token, not by raw value. The rep never sees the raw card number. Neither does the AI.

This pattern is PCI-compliant and AI-friendly.

What firms should do

• -Audit your AI tools' exposure to cardholder data
• -Confirm masking/redaction at every point card data flows through
• -Confirm AI vendors are NOT in your CDE
• -Update your PCI documentation to reflect AI tooling
• -Train support reps on the AI-specific rules

The bottom line

PCI + AI is simple: keep them separate. AI handles support work. PCI-compliant systems handle card data. Never cross the streams.

If your AI is touching card data, you have a scoping problem. Fix it before your QSA finds it.

Not legal advice. Talk to your QSA and PCI team.