Visa USA has stepped forward with a set of best practices for the use of so-called end-to-end encryption.

End-to-encryption would encrypt debit and credit card data through all points in the payments process to protect it from hackers who might compromise some parts of it.

The card brand said the new standards will do the following:

• Limit clear text availability of cardholder data and sensitive authentication data to the point of encryption and the point of decryption.
• Use robust key management solutions consistent with international and/or regional standards.
• Use key-lengths and cryptographic algorithms consistent with international and/or regional standards.
• Protect devices used to perform cryptographic operations against physical/logical compromises.
• Use an alternate account or transaction identifier for business processes that requires the primary account number to be utilized after authorization, such as processing of recurring payments, customer loyalty programs or fraud management.

"While no single technology will completely solve fraud, data field encryption can be an effective security layer to render cardholder data useless to criminals in the event of a merchant data breach," said Eduardo Perez, global head of data security, Visa Inc. "Using encryption as one component of a comprehensive data security program can enhance a merchant's security by eliminating any clear text data either in storage or in flight." he added.