The Accredited Standards Committee X9 (X9) has announced the publication of a new standard that defines requirements for using a particular method of preserving formatting in the encryption of financial services data.

The standard, X9.124-2 Symmetric Key Cryptography For the Financial Services Industry — Format Preserving Encryption – Part 2: Key Stream with Counter Mode, is now available for purchase from the ANSI Store.

The X9.124 standard defines a collection of format-preserving encryption methods for financial services. Format-preserving encryption (FPE) is useful in situations where fixed-format data, such as primary account numbers or Social Security numbers, must be encrypted, but there is a requirement to limit changes to existing communication protocols, database schemata or application code.

Encryption has historically been an expensive technique to deploy in real-world systems because of the need to alter the operation of existing systems and applications. The benefit of FPE techniques is that encryption can be added to existing systems in such a way that system modifications are kept to a minimum. Often, substantial savings can be realized because database schemas and financial applications can run with encrypted data without needing modification or replacement.

X9.124-2 defines requirements for using a particular approach – Key Stream with Counter Mode — to specify a set of algorithms that securely encrypts formatted data and retains that format in the resulting ciphertext. Format-preserving encryption Counter Mode is a particularly simple and efficient mechanism for maintaining data format while also safeguarding its security. IT equipment vendors, banks, and retailers are some of the sectors that will benefit from X9.124-2.

“This new standard describes a straightforward method of preserving the format of important data while ensuring its security, leading to cost efficiencies in systems and processing throughout the industry,” said ASC X9 Executive Director Steve Stevens.

“The new format-preserving encryption standard offers an additional encryption method to security professionals in search of a solution to efficiently protect data and privacy in a digital world,” said Eric Le Saint, distinguished engineer, Visa, and chairman, X9F1 Working Group. “The development of the new standard is the result of hard work by many dedicated contributors from the X9F1 working group, to whom we are grateful.”

by Alex Hamilton
Alex is Senior Reporter at IBS Intelligence, follow him on Twitter or contact him at: