Oracle ATG PCI Encryption Module
An easy way to simplify your Oracle Commerce PCI compliance process.
Maintaining PCI compliance is a vital part of managing your customers’ data and ensuring proper website security. Yet meeting all PCI DSS requirements can be a daunting task.
The ATG PCI Encryption Module helps ecommerce businesses stay compliant by addressing:
- Credit card numbers encrypted using strong cryptography.
- Encryption keys stored securely, additionally encrypted, with severely restricted access.
- Key changes performed periodically.
Our ATG PCI Encryption Module satisfies these requirements by utilizing AES 256-bit encryption – including a data encryption passphrase, as well as a key encryption passphrase used to encrypt the data encryption passphrase. Additionally, the two passphrases are stored in separate systems on separate servers.
Supported Batch Encryption Actions:
- Existing plain text data encryption
- Re-encryption of data which is currently encrypted with another non-PCI compliant system
- Re-encryption of data with a new passphrase-based key (which makes the annual PCI mandated key rotation a simple matter)
If you have any questions or want to leave feedback related to the ATG PCI Encryption Module, please visit our ATG PCI Encryption Module GitHub page.