Requirement 4 - Protect Cardholder Data with Strong Cryptography During Transmission

Requirement 4 of PCI DSS v4.0 mandates that all cardholder data be protected with strong cryptography whenever it is transmitted over open, public networks or between system components, typically using TLS 1.2 or higher. Organizations must also ensure proper key management, avoid weak ciphers, and verify that encryption is applied end-to-end.