acm-header
Sign In

Communications of the ACM

Home/News/Data Security Rules Instituted for U.S. Payment Processing.../Full Text
ACM TechNews

Data Security Rules Instituted for U.S. Payment Processing System

By ZDNet
July 9, 2021
Comments
View as: Print Mobile App Share:
Using an ATM.

New data security rules governing how money changes hands in the U.S. have gone into effect, forcing major digital money processors to render deposit account information unreadable in electronic storage.

Credit: ZDNet

New data security rules governing the payment system that facilitates direct deposits and direct payments for nearly all U.S. bank and credit union accounts are now in effect.

The National Automated Clearinghouse Association (NACHA) stipulates that an account number used for any Automated Clearinghouse (ACH) payment must be rendered indecipherable while stored electronically.

This mandate is applicable to any facility where account numbers related to ACH entries are stored.

NACHA has instructed ACH originators and third parties that process over 6 million ACH transactions annually to render deposit account data unreadable when stored electronically, recommending measures that include encryption, truncation, tokenization, and destruction.

The regulator said access controls like passwords are unacceptable, but disk encryption is permitted, provided additional and prescribed physical safeguards are implemented.

From ZDNet
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account