EFT Security Recommendations
August 24, 2009 8:27 AM Subscribe
Is there a required or recommended security standard, compliance, or best practice for entities in the USA for collecting and storing bank account and routing numbers?
posted by branwen to Computers & Internet (5 answers total)
We will not be collecting credit/debit card information (so PCI DSS not required)...only bank account information for the purpose of Electronic Funds Transfer. The information will be stored and batch transmitted to our bank on a daily basis. Aside from the general measures in regards to site security and proper encryption of the information, are there any other specific requirements our developers need to be aware of?