DigiCert Partner -PCI DSS Compliance

DigiCert Partner -PCI DSS Compliance
Section 4.1 Requires Strong Encryption

  • Section 4.1.a of the PCI-DSS requires ASVs and QSAs to verify that:
    -- Strong (at least 128-bit) encryption (e.g., SSLv.3/TLSv.1.0 )* is used wherever cardholder data is transmitted or received over open, public networks;
    -- HTTPS appears as a part of the browser Universal Record Locator (URL), and that no cardholder data is required when HTTPS does not appear in the URL; and
    -- Only trusted SSL/TLS certificates are accepted.
    -- Section 4.1.1.a contains similar requirements for wireless networks transmitting cardholder data or connected to cardholder environments.
    Data must be rendered unreadable using strong cryptography--Triple-DES 128-bit or AES 256-bit. ASVs must check SSL version, certificate validity, authenticity, and matching server name.
    -- Anything less than v3.0 of SSL is considered non-compliant (unless SSL 2.0 or older is enabled only for an initial handshake to identify that the browser needs to be updated).
  • DigiCert Certificates Offer End-to-End Solutions
    DigiCert offers Extended Validation (EV) certificates that provide a greater degree of online confidence. EV Certificates provide additional trust by consumers and cardholders because they activate a green address bar in web browsers whenever an SSL session is established with a merchant’s or issuing bank’s EV-validated site.

Copyright 2008, All rights reserved.