PCI DSS · Protect account data
Req. 4 Protect cardholder data with strong cryptography during transmission
Use strong cryptography to protect cardholder data when transmitted over open, public networks.
Mapped across 13 provisions
Equivalent and related requirements in other frameworks and regulations.
- NIST CSF 2.0EquivalentOfficial mapping
Source: PCI DSS v4.0 / NIST CSF 2.0
PR.DS-01 Confidentiality of data-at-rest protectedCryptography & data protection
- CIS Controls v8EquivalentCurated3.11 Encrypt sensitive data at rest
Cryptography & data protection
- DORAPartialCuratedArt. 9 Protection and prevention
Cryptography & data protection
- GDPRPartialCuratedArt. 32 Security of processing
Cryptography & data protection
- GLBAEquivalentCurated§314.4(c)(3) Encryption of customer information
Cryptography & data protection
- HIPAAEquivalentCurated§164.312(e)(1) Transmission security
Cryptography & data protection
- ISO 27001EquivalentCuratedA.8.24 Use of cryptography
Cryptography & data protection
- LGPDPartialCuratedArt. 46 Security measures
Cryptography & data protection
- NIS2EquivalentCuratedArt. 21(2)(h) Cryptography and encryption
Cryptography & data protection
- NIST 800-171EquivalentCurated3.13.11 Employ FIPS-validated cryptography
Cryptography & data protection
- NIST 800-53EquivalentCuratedSC-28 Protection of information at rest
Cryptography & data protection
- PCI DSSEquivalentCuratedReq. 3 Protect stored account data
Cryptography & data protection
- SOC 2PartialCuratedCC6.7 Restricting data transmission
Cryptography & data protection