Visa releases End to End Best Practices! Big Kudos!!

Visa, always leading the charge for the card brands, has just released a new document on Data Field Encryption.  Visa's Best Practices document, known as Data Field Encryption Version 1.0 is intended to provide guidance for companies building end to end (or point to point) encryption solutions.  This marks a watershed moment in our industry. [...]

Visa, always leading the charge for the card brands, has just released a new document on Data Field Encryption.  Visa’s Best Practices document, known as Data Field Encryption Version 1.0 is intended to provide guidance for companies building end to end (or point to point) encryption solutions.  This marks a watershed moment in our industry. Finally a major card brand is acknowledging the value of encryption.  Here is a summary…

1) Limit cleartext availability of cardholder data and sensitive authentication data to the point of encryption and the point of decryption.

2) Use robust key management solutions consistent with international and/or regional standards

3) Use key-lengths and cryptographic algorithms consistent with international and/or regional standards.

4) Protect devices used to perform cryptographic operations against physical/logical compromises.

5) Use an alternative account or transaction identifier for business processes that requires the primary account number to be utilized after authorization, such as processing of recurring payments, customer loyalty programs or fraud management.

Based upon what I read, it looks like the  major players in the market all support Visa’ best practices.

BIG KUDOS to VISA for taking a big leap!!!

[Slashdot] [Digg] [Reddit] [del.icio.us] [Facebook] [Technorati] [Google] [StumbleUpon]

Read Full Article
GSO
Written on Tuesday, 06 October 2009 03:44 by GSO

Viewed 153 times so far.
Like this? Tweet it to your followers!
Published in Subscribe to the RSS feed of Network Security & Hacking News  Network Security & Hacking News / Subscribe to the RSS feed of Latest Security News  Latest Security News
Like this? Let your friends know now!

Rate this article

Latest articles from GSO

Latest 'tweets' from GovernmentSecurity

  • News Update: Cyber war is coming, the impact could be huge: CBS News reports that cyber.. http://bit.ly/1tx1kr | #Security Link Monday, 09 November 2009 07:35
  • News Update: Tenable Network #Security Podcast - Episode 11: Welcome to the Tenable Netw.. http://bit.ly/2Iqd6G | Security Link Monday, 09 November 2009 07:35
  • News Update: Consent will be required for cookies in Europe: EDITORIAL: A law that dema.. http://bit.ly/3JYgip | #Security Link Monday, 09 November 2009 07:35
  • News Update: CBS 60 Minutes tackles cyber-terrorism: Could hackers get into the compute.. http://bit.ly/2d5Y21 | #Security Link Monday, 09 November 2009 07:35
  • Blog Update: We have launched the new GovernmentSecurity.org: We decided to launch th.. http://bit.ly/2G1SSF | #Security Link Saturday, 07 November 2009 17:38
blog comments powered by Disqus
back to top

Site Search

Disqus Tools