Security & Privacy

Security, Privacy and Data Integrity at an Enterprise Scale

Our Four Pillars Of Security

We take the security and privacy of our clients' data very seriously. Our omnichannel Intelligent Virtual Assistant collects and processes enormous volumes of both personal and payment data, making stringent security controls a critical priority.

Professional auditing teams recognize Interactions security model as an unparalleled security framework — one that has successfully secured data for some of the largest enterprises in the world.

voice wave


From offering multi-factor authentication for our clients to securing sensitive personal data for them, our security framework is embedded and enforced across our entire Intelligent Virtual Assistant platform.


Interactions provides a number of security measures to provide the relevant controls within digital and voice applications, in particular securing our patented use of Adaptive UnderstandingTM technology.

Data Handling, Storage and Logging

We understand the sensitivity of information that can be shared during customer care interactions. To respect this sensitivity, we’ve implemented a range of security controls including log encryption, real-time data blocking, and sensitive redaction.

Service Network

Interactions works with a network of service providers to operationalize Human Assisted Understanding (HAU) - provide a range of language skills, a distributed global footprint for business continuity, and scalability to meet our client growth needs. All service providers meet our security requirements, including client-mandated requirements and, industry-specific certifications.

AI Security
Secure AI
Secure Criteria

How Secure are IVA Platforms?

At Interactions, our mission is to create amazing customer experiences by advancing AI technology that understands and engages on a human level. In order to be true to our core mission, we strive to deliver our Intelligent Virtual Assistant (IVA) in a secure, compliant, resilient, and highly scalable way.

We are proud of the comprehensive and proprietary security model we have designed, and continue to improve and evolve this model in an on-going effort to respond to our clients’ changing needs. Some of the largest enterprises in the world have vetted and adopted our solution, proving we can handle the most challenging security requirements at scale.

Having successfully passed the diligence of our clients’ security, fraud, and audit teams, we have gained their confidence that our solution platform is safe and secure. Our extremely low rate of customer churn is further evidence of the confidence and value our IVA delivers. With more than15 years of continuous production operation and billions of transactions processed, Interactions has never faced a cybersecurity issue.

What are examples of AI privacy safeguards for IVAs?

Interactions follows a well-defined set of design principles to ensure the security of our infrastructure and our clients’ data. More specifically, our security design principles focus on data protection for our clients and their end customers, and ensuring compliance, security, and vulnerability best practices.

All sensitive information such as PII, PCI, PHI etc is redacted, or may be encrypted per client request to meet PCI-DSS encryption requirements. Our clients are in full control of how sensitive information is secured. Clients the security and privacy data operating models such as encryption, real time data blocking, redaction etc.

Secure By Design: Omnichannel Intelligent Virtual Assistant

On an annual basis, Interactions is audited and assured to be compliant against PCI-DSS and the AICPA SOC 2 Type 2 standards. Additionally, we meet and have annual assessments for compliance with SOC 2 requirements. Interactions is compliant with both U.S. and international privacy laws.

Moreover, we comply with HIPPA, meet FedRamp requirements in collaboration with our federal partner Maximus, and have implemented many ISO27001 requirements. Also, Interactions complies with EU regulations, international import/export laws, Privacy Shield Framework, and General Data Protection Regulation (GDPR) laws regarding the handling of personal data.

The omnichannel Intelligent Virtual Assistant is secure by design. We treat confidentiality, integrity and availability of your data with the utmost levels of care, focus, and importance. Interactions collects and processes enormous volumes of data, making stringent security controls a critical priority.

External, third-party auditing teams recognize the Interactions security model as an unparalleled security framework, one that has successfully secured data for some of the largest enterprises in the world. Interactions is proud of the proprietary security model we designed, and we continue to improve it to respond to our clients’ needs.

State, Federal and International Regulatory Requirements

Interactions uses data to both carry out customer transactions and to improve the provided services. For clients deployments, Interactions acts as a data processor and its clients act as data controllers.

We are committed to ensuring that our products and service can be used by our clients to support their GDPR obligations. We launched GDPR API that gives our clients the means to process requests from customers who reside in the Europea Economic Area (EEA), as outlined by the General Data Protection Regulation (GDPR), an EU data protection and privacy law.

Industry Specific Regulatory Requirements

With Fortune 500 clients in data sensitive industries such as banking and healthcare, Interactions works with its clients to ensure that relevant industry regulations governing data privacy (for example, HIPAA in US healthcare) are satisfied.

secure mac

We take security seriously at Interactions. That’s why we meet or exceed standards for:


SOC 2, Type 2 Audit

PCI DSS Certified Service Level 1

PCI-DSS, Level 1 Service Provider


Health Insurance Portability and Accountability Act

Want to learn more? Let’s talk.