Reencrypting Credit Cards

Credit cards stored in a database must be encrypted using a key that is distinct to the venue per PCI DSS standard 3.6. This must occur:
  • Immediately after the initial implementation and data conversion has taken place
  • on a minimum of an annual basis. If the procedure is not invoked manually, it will be done automatically during any upgrade.
  • if there is any suspected security breach at the organization
It can be invoked manually by using a button on the System Preferences on the PCI Security Screen to re-encrypt cards.