Encrypt transmission of cardholder data

Safeguarding data during transmission is key to protecting payment information, like cardholder data. When this information is transmitted over open networks, it can become more vulnerable to security issues.

Use secure transmission protocols

Transmit cardholder data using secure transmission protocols and practices including:

  • Trusted keys and certificates
  • Secure transmission protocols such as TLS, SSH, or VPN
  • Asymmetric algorithms in encryption
  • Tokenizaton, masking, and penetration testing with transmitting and displaying PANs
  • Restrict access to cardholder data
  • Access to sensitive information should be restricted on a need-to-know basis and given only to those authorized personnel with a business need

The recommended method to handle cardholder data is to tokenize the data instead of storing it. Tokenize the card with a specific payment processing provider and store the token, card type, and encrypted expiration date. You can use the token as a credential on file for future use as it is unique for each merchant only. Since the token is unique, if there is a security issue, the token in invalidated which helps to prevent fraudulent activity.

Additional information

If you are looking for recommended payment solutions by Adobe, consider Adobe Payment Services.

Previous pagePartner escalations
Next pageOverview