The PCI Security Standards Council Data Security Guidelines (DSS) provide specific recommendations on the use of encryption to protect credit and financial account information. Coalfire, an independent IT audit group found that CipherCloud encryption and tokenization capabilities adhere to PCI-DSS requirements.
Acceptable methods rendering data unreadable are defined as:
Public notification is required in most countries for breaches of PCI-DSS. Yet, encryption is viewed as a “critical component” and if it has been adequately applied, there are exemptions from breach notification requirements.