 |
Credit cards stored in a database must be encrypted using a key that is distinct to the venue per PCI DSS standard 3.6. This must occur:
- Immediately after the initial implementation and data conversion has taken place
- on a minimum of an annual basis. If the procedure is not invoked manually, it will be done automatically during any upgrade.
- if there is any suspected security breach at the organization
|
It can be invoked manually by using a button on the
System Preferences on the PCI Security Screen to re-encrypt cards.
