Chapter 11
Requirement 4
Securing Cardholder Information in Transit
Apart from the security for the data at rest, it is equally important to ensure that cardholder information that is transmitted is secure. Attackers have relied on being able to intercept/read traffic that is being transmitted over a network to be able to perpetrate a number of attacks. In fact, some of the major cardholder information breaches occurred due to attackers being able to sniff network traffic and gain access to sensitive data based on said traffic.
Requirement 4 of the PCI-DSS deals with the transmission of cardholder information over open, public networks. In this chapter, we will discuss Requirement 4 and its implementation guidance. We will also briefly delve ...
Get PCI Compliance now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.