White Papers for Federal Financial Institutions Examination Council (FFIEC)

Reduce the Burden of PCI Section 3: A New Approach to Credit Card Encryption

Paymetric

With the advent of the Payment Card Industry Data Security Standard (PCI DSS), encrypting stored credit card numbers is no longer optional. Any company that stores, processes, or transmits credit card information —regardless of size or volume of transactions —must encrypt stored credit card data or face serious consequences for non-compliance, including fines of up to $500,000, he loss of brand integrity, and erosion of market value. While the PCI standard offers road guidance —featuring rules on the proper use of firewalls, computer access controls, anti-virus software, and more —it s the encryption requirements that are proving to be among the most difficult or organizations to address. According to a study conducted by Verisign Global Security Consulting Services, failure to address the data encryption requirements of PCI is the most common reason for failing a PCI audit.

View the White Paper

Share or bookmarklet this web page at: