BreachExchange mailing list archives
Re: Banking and state regulations regarding the transmission of banking routing/account information
From: Chris Walsh <chris () cwalsh org>
Date: Fri, 17 Apr 2009 14:32:24 -0500
Not sure what the specific use case in question is, but if this is in the context of an ACH transaction, then the NACHA rules require encryption. From http://www.umacha.org/pdf/Update1Summary.pdf: "Effective September 10, 2004, the NACHA Operating Rules will be expanded to require all ACH transactions, regardless of Standard Entry Class (SEC) Code, that involve the exchange or transmission of banking information via Unsecured Electronic Networks to be either (1) encrypted using a commercially reasonable security technology that, at a minimum, is equivalent to 128-bit RC4 encryption technology, or (2) transmitted via a secure session utilizing a commercially reasonable security technology that provides a level of security that, at a minimum, is equivalent to 128-bit RC4 encryption technology. Such encryption technology must be used prior to the key-entry and through transmission of any banking information, and it applies to the transmission or exchange of banking information between: a Receiver and an Originator; an Originator and an ODFI; an ODFI and an ACH Operator; an ACH Operator and an RDFI; and an Originator, ODFI, RDFI, or ACH Operator and a Third Party Service Provider. " HTH. cw _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance. http://www.credant.com/stopdataloss
Current thread:
- Banking and state regulations regarding the transmission of banking routing/account information fzbrick (Apr 16)
- Re: Banking and state regulations regarding the transmission of banking routing/account information Al (Apr 17)
- Re: Banking and state regulations regarding the transmission of banking routing/account information Pia Sachs-Donerkiel (Apr 17)
- Re: Banking and state regulations regarding the transmission of banking routing/account information JAMES RITCHIE (Apr 17)
- Re: Banking and state regulations regarding the transmission of banking routing/account information Mark Simon (Apr 17)
- Re: Banking and state regulations regarding the transmission of banking routing/account information Luther Martin (Apr 17)
- Re: Banking and state regulations regarding the transmission of banking routing/account information Chris Walsh (Apr 17)
- Re: Banking and state regulations regarding the transmissionof banking routing/account information Maureen Fabbri (Apr 17)