19 October 2017
visit www.avoka.com

Secure POS Vendor Alliance releases end-to-end encryption requirements

27 May 2010  |  7505 views  |  0 Source: Secure POS Vendor Alliance

The Secure POS Vendor Alliance (SPVA), a non-profit business organization founded by Hypercom (NYSE:HYC - News), Ingenico S.A. (EURONEXT: ING) and VeriFone (NYSE:PAY - News) today announced the release of its End-to-End Encryption Security Requirements related to payment card data in payment card reading devices. Targeted to vendors of POS devices, this newly released framework marks a critical step toward SPVA's mission of widespread understanding of payment security issues and the adoption of best practices.

"The SPVA's end-to-end security requirements guidelines set a baseline for the industry and represent the first step to further strengthen payment security standards globally," said T.K. Cheung, SPVA chairman and Hypercom vice president global quality & security. "We will be enhancing this guideline as the security environment evolves and will announce each update as it occurs."

Prepared by the association's End-to-End Encryption Technical Working Group, the newly released SPVA guideline allows companies to engage different solutions and select products that can be trusted and are secure. Key elements covered by the SPVA-approved standard include:

* Data to be encrypted during transmission
* Key management
* Physical and logistical security of the Tamper-Resistant Security Module and key components
* Encryption monitoring and management systems requirements

The SPVA defines end-to-end as: the transmission of cardholder data in an encrypted form, from its point of presentment, such that it prevents the data from being known in plain text until the point of decryption.

"SPVA does not endorse any specific vendor's solution, nor does it have any intention of supporting one solution over another," said Steven Hughes, SPVA president. "We recognize that end-to-end encryption requirements can be complex. Against this backdrop, our goal is to use existing published standards and provide an auditable set of requirements that creates a secure payment environment."

Since its launch in April 2009, SPVA has experienced rapid growth with prominent industry leaders joining, including Atos Worldline, Heartland Payment Systems, Chase Paymentech, Radiant Systems, Inc., Voltage Security and many others. All members are eligible to participate in SPVA's Technical Working Groups and contribute to future industry standard publications.

Comments: (0)

Comment on this story (membership required)

Related company news


Related blogs

Create a blog about this story (membership required)
visit www.innotribe.comvisit www.fivedegrees.nl

Top topics

Most viewed Most shared
Ripple looks to drive bank adoption with $300m XRP rebate programmeRipple looks to drive bank adoption with $...
15781 views comments | 12 tweets | 4 linkedin
Swift positive on blockchain, but big challenges remainSwift positive on blockchain, but big chal...
8941 views comments | 16 tweets | 22 linkedin
satelliteGates Foundation backs Ripple collaboratio...
8026 views comments | 13 tweets | 10 linkedin
IBM uses blockchain to improve cross-border payments processingIBM uses blockchain to improve cross-borde...
7132 views comments | 9 tweets | 17 linkedin
Santander InnoVentures leads $6m funding round for Mexico's ePesosSantander InnoVentures leads $6m funding r...
6276 views comments | 6 tweets | 3 linkedin

Featured job

New York, NY - USA (some flexibility on location)

Find your next job