Secure Call Flows

Section	Description
Feature Area	Architect / Flows
Flow Type	Secure Call Flow
Navigation	`Admin → Architect → Flows → Secure Call`
Primary Function	Temporarily mask audio and prevent recording/agent access to sensitive customer data (PCI payments, PII collection)
Compliance	PCI DSS compliant

Secure call flows protect sensitive customer data by masking audio paths and preventing system recording during specific portions of an interaction. The most common use case is collecting credit card or bank account information for payment processing without exposing that data to agents or recording systems.

Study Notes

Topic	Explanation
Secure Flow	A flow type in Architect that masks audio and data captured during an interaction to meet PCI/PII compliance requirements
Secure IVR	Bundles multiple tools — secure flows, secure variables, and secure actions — into a complete PCI-safe data collection approach
Secure Action	Any action in Architect marked as "secure" — triggers the flow to operate in secure mode
Secure Variable	A variable whose content is flagged as secure — also triggers secure mode when consumed
Key Icon	Visual indicator in Architect showing that an action or action beneath it is either secure or consuming secure data
PCI DSS	Payment Card Industry Data Security Standard — secure call flows help organizations comply with this standard for phone-based payments
Protocol Capture risk	Enabling trunk diagnostics/protocol capture logs all data, including data entered in secure flows — sensitive data is not encrypted. Avoid enabling when using secure flows
PCI DSS setting	If enabled in org settings, Genesys Cloud automatically disables Media Capture and Protocol Capture settings

Two Secure Flow Scenarios

Scenario	Description
Agent-referred secure session	Agent is on an active call with the customer → agent initiates the transfer to a secure flow → flow collects sensitive data → flow returns caller to the agent via Return to Agent action
IVR-only secure session	No live agent involved — caller interacts entirely with the automated flow — sensitive data collected and processed — flow ends with Disconnect action

Key Actions in Secure Flows

Action	Purpose
Transfer to Secure Flow	Used in an Inbound, Outbound, or In-Queue flow to transfer the caller into a secure flow
Return to Agent	Terminating action in a secure flow — reconnects caller to the agent after the secure session ends; passes stored variable values (e.g., confirmation number) back to agent's script
Disconnect	Terminating action for IVR-only secure sessions with no agent
Extract Secure Data	Retrieves secure variable values within a secure flow
Call Secure Data	Used to pass secure data between flow components

The Transfer to Secure Flow action is available in Inbound, Outbound, and In-Queue flows. For transfer actions within a secure flow: Genesys Cloud uses blind transfers (not consult). The defined failure path is overridden and the call is disconnected if the transfer fails.

Return to Agent Action — Key Details

Attribute	Detail
Type	Terminating action — ends the secure flow
Where used	Secure flows (agent-referred scenario)
What it does	Reconnects caller to the original agent; sends stored variable values to agent's script
If agent left before caller returns	Call is disconnected
Cannot transfer to new destination	Return to Agent does not support transferring to a different agent or number
Monitoring restriction	If a supervisor is actively monitoring the interaction, the agent cannot initiate the Transfer to Secure Flow; monitoring must be ended first

Analytics Impact

Secure flows affect the following agent metrics:

Metric Affected	Description
Time in IVR	Time spent in the secure flow counts against IVR time
Average Time in IVR	Affected by secure flow duration
Agent Handle Time	Impacted because the agent is technically handling the interaction during the secure session
Average Agent Handle Time	Affected
Agent Talk Time	Affected

Bot Integration with Secure Flows

If a bot session is initiated from a secure call flow, the bot inherits the secure characteristics of the secure call flow. This prevents logging and recording of data at the bot level, maintaining PCI/PII compliance.

Note: Dialog Engine Bot Flows are PCI DSS compliant and can be used in secure call flows. Digital Bot Flows are not PCI DSS compliant and must not be used in secure call flows.

Protocol Capture Warning (Exam Critical)

Situation	Risk
Protocol captures enabled for trunk diagnostics	System does not encrypt data — all data including secure flow inputs is logged
PCI DSS setting enabled in org	Genesys Cloud automatically disables Media Capture and Protocol Capture settings
Best practice	Never enable protocol captures while using secure call flows in production

Permissions

Permission	Purpose
`Architect > Flow > Add`	Create secure flows
`Architect > Flow > Edit`	Edit secure flows
`Architect > Flow > View`	View secure flows
`Architect > Flow > Delete`	Delete secure flows

Workflow — Agent-Referred Secure Session

Agent on call with customer
        ↓
Agent initiates transfer (Transfer to Secure Flow action in inbound/in-queue flow)
  Note: If supervisor is monitoring, transfer cannot be initiated until monitoring ends
        ↓
Secure Flow begins — audio masked — recording paused
  Agent can no longer hear customer input
        ↓
Customer enters sensitive data (e.g., credit card number) via DTMF
        ↓
Secure Flow processes payment or stores confirmation number in secure variable
        ↓
Return to Agent action executes
  Confirmation number passed to agent's script
        ↓
Customer reconnected to agent

Workflow — IVR-Only Secure Session

Customer calls in — routed directly to Secure Flow
        ↓
No agent involved
        ↓
Secure Flow processes sensitive data (e.g., account number, payment)
        ↓
Disconnect action terminates interaction

Key Takeaways

Topic	Summary
Purpose	Mask audio and prevent recording during sensitive data collection
PCI DSS compliant	Yes — designed for PCI compliance
Triggering condition	Any secure action or secure variable consumed in a flow activates secure mode
Two scenarios	Agent-referred (returns to agent after) · IVR-only (ends with Disconnect)
Transfer to Secure Flow	Available in Inbound, Outbound, and In-Queue flows
Return to Agent	Terminating action — passes data back to agent; call disconnects if agent left
Protocol Capture risk	Never enable protocol capture when using secure flows; PCI DSS setting disables it automatically
Bot support	Dialog Engine Bot Flows only (PCI-compliant); Digital Bot Flows must NOT be used
Analytics impact	Secure flow time counts against IVR metrics and agent handle time
Key icon	Visual indicator in Architect showing secure action/variable in use

Architectural Build Order

Avaya-to-Genesys Cloud Reference Guide

Locations & Floor Plans

Licensing & Editions

Global Settings

Onboarding & Access

Security & Compliance

Status & Presence Management

Technical & Routing Behaviours

Access Policies (Attribute-Based Access Control)

Authorized Organizations (Pairing)

Divisions (Access Controls)

Group Telephony & Routing

Groups (People & Permissions)

Roles & Permissions (RBAC)

User profile management

Work Teams

Call Routing & Message Routing

Emergency Groups

External Contacts

Scheduling & Schedule Groups

Queues

ACD Skills & Languages

Wrap-Up Codes

Utilization

Canned Responses & Response Assets

Email — Domains & Routing

Widgets — Web Chat & Web Messenger

Analytics Settings

Panel Manager

Scripts

Assistants

Knowledge Base

Chat & Messaging Configuration

Outbound Dialing — Overview & Settings

Outbound Dialing Modes

Outbound — Contact Lists & DNC

Outbound — Campaign Configuration

Callbacks

Predictive Routing

Agent Copilot (Agent Assist)

Architect Overview

Call Flow Components & Basics

Genesys - Architect - Call Flow UI Overview

Prompt Management

Queue Configuration Reference

Inbound Call Flows

Inbound Message Flows

Operating Schedules

Data Tables

Bot Flows

Common Module Flows & Outbound Call Flows

Inbound Email Flows & Inbound Chat Flows

Secure Call Flows

Virtual Agent Flows (Agentic)

Disconnect Interactions

API Usage

Integration Management

OAuth Clients

Authorized Applications

Single Sign-On (SSO)

Audit Viewer

GDPR and Data Subject Requests

Certificate Authorities

DID & Toll-Free Numbers

Edges & Edge Groups

Extensions

Sites

Topology

Trunks

WebRTC Phone Management

Phone Management

E911 and Emergency Locations

Telephony Connection Options — BYOC Cloud vs BYOC Premises

Development and Feedback

Evaluators

Evluation form

External Metrics

Policies

Programs