PCI Security Standards Council Issues Guides On End-to-End Encryption for Transactions


If you follow PCI developments at all, you no doubt have heard of the new end-to-end encryption guidance released a couple of weeks ago by the PCI Security Standards Council (available at https://www.pcisecuritystandards.org/pdfs/pci_dss_emv.pdf and https://www.pcisecuritystandards.org/pdfs/pci_ptp_encryption.pdf).  The Council observed there are no clear standards for encryption for every step of the transaction process.  To assist merchants and others in better complying with the PCI Data Security Standard, the Council has issued this guidance.

Apart from assisting you in your own PCI DSS compliance efforts, this new guidance should be incorporated into your due diligence procedures in assessing the compliance of vendors and business partners with whom you may share cardholder information.

Insider: These ransomware situations can result in colossal outcomes
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies