The SPVA document is the first to cover what should be encrypted end-to-end, general requirements of how it should be encrypted and the tamper-resistant environment of the POS. Though this document is an important step forward, it contains only voluntary guidelines at this stage. The standard covers the following areas:
* Data to be encrypted during transmission
* Key management
* Physical and logical security of the tamper-resistant security module and key components
* Encryption monitoring and management systems requirements