Pro+ Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
November 2011

PCI council developing point-to-point encryption certification program

After issuing validation requirements for hardware-based point-to-point encryption, the PCI Security Standards Council is now developing a new program to certify point-to-point encryption products. A list of certified components is due out in April. Bob Russo, general manager of the PCI SSC, says the program will be modeled after certification procedures used for payment applications and PIN pad devices. The point-to-point encryption certification program will focus on securing and monitoring the hardware, developing and maintaining secure applications, and secure key management methodologies. “We looked at existing standards and referenced some best practices to come up with this program and certify some of these things,” Russo says. “I want to caution that anybody who thinks they are going to pick out a solution from this list and automatically be compliant is going to be surprised; there are still PCI compliance activities at the foundation of what they’ve got to do.” Point-to-point or end-to-end encryption has been touted by...

Access this Pro+ Content for Free!

By submitting you agree to recieve email from TechTarget and its partners. If you reside outside of the United States you consent to having your personal data transferred and processed in the United States. Privacy Policy

Features in this issue

Columns in this issue

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

-ADS BY GOOGLE

Close