The SPVA document is the first to cover what should be encrypted end-to-end, general requirements of how it should be encrypted and the tamper-resistant environment of the POS. Though this document is an important step forward, it contains only voluntary guidelines at this stage. The standard covers the following areas: 

* Data to be encrypted during transmission

* Key management

* Physical and logical security of the tamper-resistant security module and key components

* Encryption monitoring and management systems requirements