THE NEED OF POINT-TO-POINT ENCRYPTION IN FINANCIAL TRANSACTIONS

Authors: Diana Popova, Oksana Kovalchuk
Affiliation: Scientific Cyber Security Association, Sokhumi State University

Category:

Keywords: encryption, data, security, financial
ABSTRACT. Today, more than ever, consumers need fast and secure payment options. At the same time, businesses must protect customer data. But ever-changing demand and payment technology have increased the operational and technical complexity of business. According to the IT Examination Handbook published by the Federal Financial Institutions Examination Board, financial institutions must use encryption in storage and transit to reduce the risk of exposure or alteration of sensitive information. Scientific and Practical Cyber Security Journal (SPCSJ) 6(5): 31-37 ISSN Point-to-point encryption (P2PE) protects cardholder data, makes it easier for organizations to secure payment data, and helps them meet PCI SSC (Payment Card Industry Security Standards Council) compliance requirements and the latest security standards, reducing the risk of fraud. The use of P2PE standards is the responsibility of the individual companies that offer products and services using those standards, not the PCI SSC Governing Board itself. Thanks to the requirements of payment systems, PCI SSC standards are implemented in many organizations, but they are not considered mandatory at the state level. After analyzing a number of factors, we can say that in order to minimize the risk of fraud, we need to make the accepted standards mandatory for all organizations. The article also provides recommendations for consumers to avoid fraudulent schemes.

References:

1. H. DeYoung, D. Garg, L. Jia, D. Kaynar and A. Datta, "Experiences in the logical specification of the hipaa and glba privacy laws", Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society ser. WPES ‘10, pp. 73-82, 2010.
2. Avtandil Gagnidze, Maksim Iavich, Giorgi Iashvili, SOME ASPECTS OF POST-QUANTUM CRYPTOSYSTEMS, Eurasian Journal of Business and Management, 5(1), 2017, 16-20 DOI: 10.15604/ejbm.2017.05.01.002
3. Iavich, M., Gnatyuk, S., Fesenko, G.: Cyber security European standards in business. Scientific and Practical Cyber Security Journal. J. 3, 36–39 (2019)
4. H. Qin, Z. Li, P. Hu, Y. Zhang and Y. Dai, "Research on Point-To-Point Encryption Method of Power System Communication Data Based on Block Chain Technology," 2019 12th International Conference on Intelligent Computation Technology and Automation (ICICTA), Xiangtan, China, 2019, pp. 328-332, doi: 10.1109/ICICTA49267.2019.00076.
5. S. Jahan, M. S. Rahman and S. Saha, "Application specific tunneling protocol selection for Virtual Private Networks," 2017 International Conference on Networking, Systems and Security (NSysS), Dhaka, Bangladesh, 2017, pp. 39-44, doi: 10.1109/NSysS.2017.7885799.