| ๐ผ 4.1 Processes and mechanisms for protecting cardholder data with strong cryptography during transmission over open, public networks are defined and documented. | 2 | | | |
| ย ย ย ย ๐ผ 4.1.1 All security policies and operational procedures identified in Requirement 4 are documented, kept up to date, in use, and known to all affected parties. | | | | |
| ย ย ย ย ๐ผ 4.1.2 Roles and responsibilities for performing activities in Requirement 4 are documented, assigned, and understood. | | | | |
| ๐ผ 4.2 PAN is protected with strong cryptography during transmission. | 2 | | | |
| ย ย ย ย ๐ผ 4.2.1 Strong cryptography and security protocols are implemented to safeguard PAN during transmission over open, public networks. | 2 | | 9 | |
| ย ย ย ย ย ย ย ย ๐ผ 4.2.1.1 An inventory of the entity's trusted keys and certificates used to protect PAN during transmission is maintained. | | | | |
| ย ย ย ย ย ย ย ย ๐ผ 4.2.1.2 Wireless networks transmitting PAN or connected to the CDE use industry best practices to implement strong cryptography for authentication and transmission. | | | | |
| ย ย ย ย ๐ผ 4.2.2 PAN is secured with strong cryptography whenever it is sent via end-user messaging technologies. | | | | |