PCI-DSS

PCI-DSS 4.2: Protect Cardholder Data in Transit Explained

Never send primary account numbers over end-user messaging technologies and use strong cryptography for transmission over open, public networks.

OFFICIAL REFERENCE (PARAPHRASED)

PAN is protected with strong cryptography during transmission over networks that are easily accessed by malicious individuals. (PCI DSS v4.0.1 Requirement 4.2.1)

Last reviewed: June 2026. Not legal or audit advice.

WHAT EVIDENCE SATISFIES THIS

✓ TLS configuration for payment pages and APIs
✓ Network diagram of CHD transmission paths
✓ Certificate management records
✓ Prohibition of PAN in email/chat policy

Cross-framework overlap

This control requirement also appears in:

SOC 2 CC6.7 →

See this control in your personalized checklist

Start free →

See your readiness in 5 minutes

Answer a few questions and get a personalized, actionable checklist, free, no card.

Get your free checklist →