Back to Dashboard
Req 4: Protect Cardholder Data with Strong Cryptography During Transmission Over Open, Public Networks
Encrypt data in transit across public networks.
Responsibility
Shared
Compliance Status
Compliant
100%Overview
Cardholder data transmitted over open, public networks (like the internet) is vulnerable to interception. This requirement mandates the use of strong encryption and security protocols to protect this data.
Key Actions for Compliance
A non-exhaustive list of actions your organization should take to meet this requirement.
- Use strong security protocols such as TLS, IPSEC, or SSH to safeguard sensitive cardholder data during transmission.
- Ensure that wireless networks transmitting cardholder data are configured with strong encryption.
- Never send unencrypted PANs by end-user messaging technologies (e.g., e-mail, instant messaging, SMS, chat).
Testing Procedures (Simplified)
How auditors may verify that this requirement is met.
- Examine system configurations to verify that strong cryptography is used for transmitting cardholder data over open networks.
- Interview personnel to confirm they understand the policy for not sending unencrypted PANs via end-user messaging.