“Trustera: A Live Conversation Redaction System,” a research paper written by a team of Interactions research scientists, details a new approach for redacting payment card industry (PCI) from audio data: Interactions Trustera, an AI-driven audio redaction service that redacts PCI data in real-time and protects the entire duration of the call.
The paper will be presented at the 2023 IEEE International Conference on Acoustics, Speech, and Signal Processing (ICASSP 2023), June 4 -10, 2023, in Rhodes Island, Greece. It highlights the significance of AI in protecting sensitive data from access by unauthorized users, ensuring compliance with Payment Card Industry Data Security Standards (PCI DSS).
Growing Need for Real-time Redaction Technology
The paper cites industry statistics that testify to the need for real-time redaction. Among these is a Gartner study (as reported by CIO) that projects the customer experience work-from-home (WFH) workforce will increase from 5% in 2017 to 35% this year, presenting an increased risk of sensitive customer data breaches.
How Trustera’s Real-time Redaction Works
Unlike post-call redaction, Trustera’s audio masking starts as soon as the customer speaks to any PCI entity, such as credit card number, security code, and expiration date, significantly reducing the risk of the data being intercepted or stored in insecure data storage.
The paper describes one method of real-time redaction, which consists of a cascading pipeline of automatic speech recognition (ASR), natural language understanding (NLU), and live audio redactor (LAR) modules. The system’s goal is threefold: detect the PCI entities as they are spoken, mask the PCI entities in the audio that goes to the agent, and capture the payment information to complete the transaction.
According to Shahab Jalalvand, Principal Inventive Scientist at Interactions and one of the paper’s primary authors, Trustera incorporates three distinguishing characteristics in its development: It must be fast, accurate, and light.
“Trustera has to be fast so as to not interrupt the natural flow of the conversation,” said Jalalvand in an interview. “The caller doesn’t feel that there is an AI technology in between.”
The two key components of “fast” are:
- Real-time audio redaction must happen as soon as sensitive data is spoken. Any delays mean the agent hears the PCI.
- Trustera should not interrupt the natural flow of the conversation.
Jalalvand added that Trustera must accurately capture PCI data because it is responsible for passing the information to the transaction’s payment systems. “The whole sixteen-digit card number, expiration date, zip code, whatever is there, we have to capture it accurately so we can process the payment automatically,” he said.
Regarding the third characteristic, light, Trustera is optimized for real-time processing with minimal CPU usage. “The platform triggers audio redaction close to the actual speaking time and maximizes the number of concurrent calls that can be handled on a single CPU,” Jalalvand said.
Because Trustera does not tax a server, the service is stable and reliable and protects more calls using the same server resources. Designing it on the CPU allows more customers to benefit from the redaction service without investing in expensive GPU hardware.
Trustera Redaction Techniques
The paper discusses several redaction techniques, including pattern matching and rule- and machine learning-based approaches. The authors propose combining these techniques, where pattern matching and rule-based methods are used to precisely redact known sensitive information while using machine learning algorithms to detect and redact unknown sensitive information.
“This is one way to provide the quality of redaction that customers need,” Jalalvand said. “Each module requires training separate machine learning models and evaluation. We are also advancing the state of the art through end-to-end architectures that compresses all these models into one large Transformer-based Deep Neural Network that simultaneously do all of the steps needed to redact in real time”.
Differences from Other PCI Compliance Security Software
Unlike other PCI compliance security software, Trustera protects the entire call by redacting sensitive data in real-time.
Also, Trustera’s combination of pattern matching and rule- and machine-learning-based approaches make it more accurate and effective than other solutions. Client data shows a greater than 95% success rate on PCI data redaction and ~60 seconds reduced average handle time compared to alternatives, resulting in natural, uninterrupted payment-related conversations and reduced cost per resolved contact, a key contact center metric.
Conclusion
The paper concludes by highlighting the effectiveness and significance of Trustera’s approach to real-time redaction of sensitive information from audio data. The authors note that their approach can be easily integrated into existing contact center and payment processing systems and customized to meet the specific needs of different organizations.
For more information about Trustera, download the research paper or visit the Trustera section of our website.
