Enhancing Security and Compliance: The Journey of BroadSource SecureCall on Webex
September 25, 2024
BroadSource is a leader in developing highly specialized software solutions for Cloud Communications and Cloud Contact Centers. This blog shares our SecureCall development journey, an innovative application designed to enhance security and compliance for Webex users.
SecureCall by BroadSource is designed to offer an additional layer of security by ensuring PCI DSS (Payment Card Industry Data Security Standard) compliance is achievable for all Webex customers, who take payments by phone. With the increasing reliance on cloud communication platforms, we recognized the need for a solution that provides enterprises and businesses, of any size, in any industry, with the peace of mind that their communications are secure and compliant with industry standards.
Businesses and enterprises benefit by:
- De-scoping their payments-by-phone transactions, demonstrating to their bank or qualified security assessor (QSA) that they are PCI-DSS compliant
- Reducing annual cyber security insurance premiums
- Reducing the costs of annual security audits
- Reducing costly Mail Order / Telephone Order (MOTO) processing transaction fees
- Avoiding customer card details being shared or stored when receiving payments pay by phone
SecureCall is a Level 1 PCI compliant cloud, available globally, that integrates with Webex Calling, Webex Calling Wholesale, Webex Essentials, Webex Contact Center and BroadWorks service providers.
Our Experience Building on the Webex Platform
The decision to build SecureCall on the Webex platform was driven by our commitment to delivering top-tier security solutions that integrate seamlessly with leading communication tools. Webex, with its robust set of features and a growing user base, was the perfect platform for us to achieve this.
Building on the Webex platform was a step forward in the use of Cisco’s Call Control APIs. BroadSource has decades of experience in developing applications against the Cisco BroadWorks platform and now the Webex APIs afforded the development team an improved environment to maximize SecureCall’s interactions with Webex.
APIs and SDKs Utilized in Building SecureCall
In developing SecureCall, we leveraged several Webex APIs and SDKs that were instrumental in helping us achieve our goals. The Webex Calling API was particularly valuable, as it allowed us to access and manage call data securely, ensuring that SecureCall could be applied seamlessly to calls between businesses and their customers.
The Review Process: Getting SecureCall on the Webex App Hub
Getting SecureCall reviewed and published on the Webex App Hub was thorough, ensuring that every aspect of SecureCall met Webex’s high standards for security and functionality.
While we anticipated a rigorous review, the depth of information we needed to provide about SecureCall’s security protocols was more extensive than expected. However, this only underscored Webex’s commitment to ensuring that only the best and most secure apps are available to its users.
For other developers looking to publish their apps on the Webex App Hub, our advice would be to invest time in thorough documentation. The more detailed and clear your documentation is, the smoother the review process will be.
Best Practices for Building on the Webex Platform
Based on our experience, here are some best practices for other developers looking to build successful apps on the Webex platform:
Deep Integration with Webex APIs
Take full advantage of the Webex APIs and SDKs available. They are powerful tools that can help you create apps that are both robust and user-friendly.
Security First
Ensure that your app’s security features are top-notch, especially if you’re dealing with sensitive data. The Webex platform is trusted by millions, and security should always be a priority.
Collaborate with the Webex Team
Don’t hesitate to reach out to the Webex Developer Support team. Their insights can be invaluable in helping you navigate challenges and optimize your app’s performance.
Thorough Testing
Conduct extensive testing across various scenarios to ensure your app works seamlessly within the Webex environment. This will help you catch any potential issues before your app goes live.
Visualizing SecureCall
As a part of the new Webex Calling sidebar functionality, SecureCall sits seamlessly withing the Webex experience. To give you a better idea of how SecureCall works, here are some screenshots of our app in action:
When a Webex user needs to process a payment, they simply click ‘Press to Secure,’ seamlessly adding SecureCall to the ongoing call using the Webex Call Control APIs.
Once SecureCall is integrated into the call, the Webex sidebar transforms into a credit card payment terminal. The Webex user and customer can continue their conversation, but instead of verbally sharing their credit card information, the customer securely enters the details using their phone's dial pad. The Webex user remains on the line to guide the customer through the process without being exposed to any sensitive information, ensuring a PCI-compliant Webex call.
These images showcase the seamless integration of SecureCall within the Webex Calling environment, providing users with enhanced security without disrupting their workflow.
Endless Opportunities for Innovation
The Webex platform is a powerful tool for developers. Our journey building SecureCall on the Webex platform has been both challenging and rewarding. We’re proud of the solution we’ve created, and we’re excited about the future possibilities of further enhancing security for Webex users.
We look forward to continuing our work with Webex and contributing to the future of secure, cloud-based communications.
To use SecureCall by BroadSource, visit SecureCall on the Webex App Hub.
Feel free to connect with us and share your experience.