Encryption Key Management, Key Rotation and the PCI Data Security Standard
Enterprise Information Protection The Payment Card Industry Data Security Standards are a multi-faceted approach to the protection of cardholder data. The credit card associations Visa, Mastercard, American Express and Discover aligned their individual policy protection programs to create the Payment Card Industry Data Security Standard (PCI DSS). This alignment in standards provided an industry-wide framework that complemented each association's individual security policies - MasterCard's Site Data Protection program (SDP), Visa's Cardholder Information Security Program (CISP), American Express Data Security Operating Policy (DSOP), Discover Information Security and Compliance (DISC). The PCI DSS requirements provide a list of mandates designed to increase the overall level of security in the Payment Services Industry.