Most recent

ANSI X9.119-1-2016

Retail Financial Services - Requirements for Protection of Sensitive Payment Card Data - Part 1: Using Encryption Method


Theft of sensitive card data during a retail payment transaction is increasingly becoming a major source of financial fraud. Besides an optional encrypted PIN, this data includes magnetic stripe track 2 data: PAN, expiration date, card verification value, and issuer private data. While thefts of this data at all segments of the transaction processing system have been reported, the most vulnerable segments are between the point of transaction device capturing the magnetic stripe data and the processing systems at the acquirer. This document would standardize the security requirements and implementation for a method for protecting this sensitive card data over these segments. Several implementations exist to address this situation. This document would provide guidance for evaluating these implementations. Clarification based on card brand guidance for the encryption of the middle digits has been added to this document. This supports the automated fuel dispenser industry.


CONTENT PROVIDER
Accredited Standards Committee, Inc. - Financial Industry Standards [ascx9]

Others Also Bought
Retail Financial Services - Requirements for Protection of Sensitive Payment Card Data - Part 2: Implementing Post-Authorization ...
Retail Financial Services Interoperable Secure Key Block Specification
Interoperable Method for Distribution of Symmetric Keys Using Asymmetric Techniques: Part 1 - Using Factoring-Based ...
Included in Packages
This standard is not included in any packages.
Document History
Revises:
Amendments & Corrections
We have no amendments or corrections for this standard.