Customer Service:
Mon - Fri: 8:30 am - 6 pm EST

 Most recent

ANSI X9.119-1-2016

Retail Financial Services - Requirements for Protection of Sensitive Payment Card Data - Part 1: Using Encryption Method

Theft of sensitive card data during a retail payment transaction is increasingly becoming a major source of financial fraud. Besides an optional encrypted PIN, this data includes magnetic stripe track 2 data: PAN, expiration date, card verification value, and issuer private data. While thefts of this data at all segments of the transaction processing system have been reported, the most vulnerable segments are between the point of transaction device capturing the magnetic stripe data and the processing systems at the acquirer. This document would standardize the security requirements and implementation for a method for protecting this sensitive card data over these segments. Several implementations exist to address this situation. This document would provide guidance for evaluating these implementations. Clarification based on card brand guidance for the encryption of the middle digits has been added to this document. This supports the automated fuel dispenser industry.

Content Provider
Accredited Standards Committee, Inc. - Financial Industry Standards [ASCX9]


ANSI Logo

As the voice of the U.S. standards and conformity assessment system, the American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment.

CUSTOMER SERVICE
NEW YORK OFFICE
ANSI HEADQUARTERS