Keyfactor Achieves Payment Card Industry Data Security Standard Compliance Certification

CLEVELAND–(BUSINESS WIRE)–Keyfactor, the machine and IoT identity platform for modern enterprises, today announced it is now Payment Card Industry Data Security Standard (PCI DSS) v3.2 certified.

Keyfactor’s PKI-based digital identity and integrity capability supports every facet of digital trust for devices that process, store and/or transmit cardholder data. While Keyfactor does not directly handle sensitive cardholder data, many of its customers do. With this new certification, Keyfactor customers will continue to prevent data breaches and further protect their own customers’ sensitive credit card information.

“Our clients trust Keyfactor for its commitment to putting security first. Part of that commitment is upholding current and future global industry standards,” said Earl Siedlecki, Senior Vice President, Cloud Operations & Compliance, Keyfactor. “As a cybersecurity company working with enterprises in regulated industries, it’s our responsibility to assure data and systems are protected. This new PCI certification validates why we are the most trusted machine and IoT identity management solution in the market.”

The Payment Card Industry Security Standards Council (PCI SSC) has overseen the PCI DSS since 2004, when it was first established by American Express, Visa, Mastercard, Discover Financial Services and JCB International. PCI DSS v4.0, which goes into effect by March 31st, 2024, replaces PCI DSS version 3.2.1 to better address and combat emerging threats and technologies. As part of the upcoming changes for 4.0, the PCI council requires more robust authentication controls to be enforced. Other new requirements include:

  • Access privileges must be reviewed twice a year;
  • Multifactor authentication (MFA) should be used for all accounts with access to sensitive cardholder data, rather than just the security administrators;
  • The use of strong, unique passwords for accounts, such as having at least 15 characters that include both numeric and alphabetic characters. PCI DSS indicates that prospective passwords be compared against a list of known bad passwords;
  • Vendor or third-party accounts should only be used as needed and monitored for security risks;

To learn more about Keyfactor’s security and compliance commitments, please check out:

About Keyfactor

Keyfactor is the machine and IoT identity platform for modern enterprises. The company helps security teams manage cryptography as critical infrastructure by simplifying PKI, automating certificate lifecycle management, and enabling crypto-agility at scale. Companies trust Keyfactor to secure every digital key and certificate for multi-cloud enterprises, DevOps, and embedded IoT security.

The post Keyfactor Achieves Payment Card Industry Data Security Standard Compliance Certification appeared first on Cybersecurity Insiders.


See Our Latest

Blog Posts

admin June 18th, 2024

Credit: Edgar Cervantes / Android Authority Google has quietly updated its requirements for Gemini in Google Messages. The integration no […]

admin June 17th, 2024

Telenor, the renowned Norwegian telecom giant, has launched Telenor Cyberdefense, marking its entry into the cybersecurity sector. This strategic move […]

admin June 12th, 2024

Bringing machine learning (ML) models into production is often hindered by fragmented MLOps processes that are difficult to scale with […]