Solid Wi-Fi Client Security Needed for PCI DSS Compliance

White paper reveals best practices to meet credit card security requirements

Akron, Ohio (Vocus/PRWEB ) January 29, 2009 -- On January 1, a new version of the Payment Card Industry Data Security Standard (PCI DSS), version 1.2, took effect. A new white paper from Summit Data Communications reveals that, for most of today's retailers, solid Wi-Fi® client device security is essential for compliance with PCI DSS v1.2. Such security can be achieved by following three best practices identified in the paper.

In retail, business-critical applications rely on Wi-Fi connections between client devices and the network

Ensuring that those connections are secure is a critical first step toward achieving PCI DSS compliance.

Thieves are growing increasingly sophisticated

Today they can break WEP keys in a matter of minutes, and soon they may be able to crack WPA keys just as easily. Retailers need to use Wi-Fi client devices that support the highest level of standards-based authentication and encryption, which is the Enterprise version of WPA2.

Wi-Fi Client Device Security and Compliance with PCI DSS

"In retail, business-critical applications rely on Wi-Fi connections between client devices and the network," said Summit president Ron Seide. "Ensuring that those connections are secure is a critical first step toward achieving PCI DSS compliance."

PCI DSS v1.1 allowed for the use of WEP, the outmoded encryption method that can be hacked easily. PCI DSS v1.2 prohibits the use of WEP for new wireless LANs after March 31 and requires that retailers phase out WEP from existing wireless LANs by the middle of next year.

PCI DSS v1.2 classifies both Wi-Fi Protected Access (WPA) and WPA2 as sufficient replacements for WEP. A few months ago, however, two German researchers reported that a vulnerability in the WPA encryption method of TKIP could enable an attacker to decrypt individual packets that are encrypted with TKIP. The same vulnerability does not exist with the WPA2 encryption method of AES-CCMP.

"Thieves are growing increasingly sophisticated," said Seide. "Today they can break WEP keys in a matter of minutes, and soon they may be able to crack WPA keys just as easily. Retailers need to use Wi-Fi client devices that support the highest level of standards-based authentication and encryption, which is the Enterprise version of WPA2."

The Summit white paper, "Wi-Fi Client Device Security and Compliance with PCI DSS", is available free of charge from the Summit Web site, www.summitdatacom.com.

About Summit
Summit Data Communications, Inc. is the leader in embedded Wi-Fi solutions for mobile computers and other business-critical mobile devices. Summit Wi-Fi solutions are optimized for the challenging environments in which business-critical mobile devices operate, including factories, warehouses, ports, hospitals, and retail stores.

Wi-Fi® is a registered trademark and Wi-Fi Protected Access is a trademark of the Wi-Fi Alliance.

Media Contact:
Chris Bolinger
+1 330.434.7929 Ext. 100

###

Post Comment:
Trackback URL: http://www.prweb.com/pingpr.php/RW1wdC1NYWduLVByb2YtUGlnZy1GYWx1LVNpbmctWmVybw==

summit data communications summit wi-fi solutions wi-fi client device security wi-fi client security wi-fi mobile computers payment card industry data security standard pci dss pci dss compliance

Bookmark -  Del.icio.us | Furl It | Technorati | Ask | MyWeb | Propeller | Live Bookmarks | Newsvine | TailRank | Reddit | Slashdot | Digg | Stumbleupon | Google Bookmarks | Sphere | Blink It | Spurl

• Summit Launches Two Dual-Band Wi-Fi Modules 2009-07-28
• Unitech Forges Strategic Alliance with Summit 2009-07-24
• Summit Announces Program for Socket Mobile Customers 2009-06-23
• Summit Data Communications Recognized Again 2009-05-27
• Summit Enables Philips PageWriter Cardiographs To Achieve CCX 2009-05-19