Customer Service:
Mon - Fri: 8:30 am - 6 pm EST


ANSI X9.119-2013

Retail Financial Services - Requirements for Protection of Sensitive Payment Card Data - Part 1: Using Encryption Methods

This part of X9.119 defines minimum security requirements when employing encryption methods to protect sensitive payment card data. For the purpose of this standard ôprotectionö refers to maintaining the secrecy of the data from unauthorized disclosure. It applies to protection of the data from the point of encryption to the point of decryption, wherever those points may be in a given system. Additional parts may be created to address alternative methods for protecting sensitive payment card data. The following are outside the scope of the standard: ò Methods of cardholder authentication, such as Personal Identification Number (PIN) ò Physical or logical security requirements for protecting the sensitive payment card data at the point of entry prior to entering a Secure Cryptographic Device (SCD).

Content Provider
Accredited Standards Committee, Inc. - Financial Industry Standards [ASCX9]


As the voice of the U.S. standards and conformity assessment system, the American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.