Sign In

Communications of the ACM

ACM TechNews

Data Security Rules Instituted for U.S. Payment Processing System

View as: Print Mobile App Share:
Using an ATM.

New data security rules governing how money changes hands in the U.S. have gone into effect, forcing major digital money processors to render deposit account information unreadable in electronic storage.

Credit: ZDNet

New data security rules governing the payment system that facilitates direct deposits and direct payments for nearly all U.S. bank and credit union accounts are now in effect.

The National Automated Clearinghouse Association (NACHA) stipulates that an account number used for any Automated Clearinghouse (ACH) payment must be rendered indecipherable while stored electronically.

This mandate is applicable to any facility where account numbers related to ACH entries are stored.

NACHA has instructed ACH originators and third parties that process over 6 million ACH transactions annually to render deposit account data unreadable when stored electronically, recommending measures that include encryption, truncation, tokenization, and destruction.

The regulator said access controls like passwords are unacceptable, but disk encryption is permitted, provided additional and prescribed physical safeguards are implemented.

From ZDNet
View Full Article


Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


No entries found