top of page
< Back

4.1 PCI DSS (v3.2.1)

Compliance Standard

Compliance Version

Control ID

PCI DSS

(v3.2.1)

4.1

Requirement 4: Encrypt transmission of cardholder data across open, public networks

(v3.2.1)

Use strong cryptography and security protocols to safeguard sensitive cardholder data during transmission over open, public networks, including the following:
• Only trusted keys and certificates are accepted.
• The protocol in use only supports secure versions or configurations.
• The encryption strength is appropriate for the encryption methodology in use.

Examples of open, public networks include but are not limited to:
• The Internet
• Wireless technologies, including 802.11 and Bluetooth
• Cellular technologies, for example, Global System for Mobile communications (GSM), Code division multiple access (CDMA)
• General Packet Radio Service (GPRS).
• Satellite communications.

bottom of page