The following Public Review announcement will appear as shown below in ANSI Standards Action 8/9/2025. 

Comment Deadline: October 13, 2025 

X9.119-2-202x, Requirements for Protection of Sensitive Payment Card Data – Part 2:Using Tokenization Methods (revision of ANSI X9.119-2-2017)

Theft of sensitive card data during a retail payment transaction is increasingly becoming a major source of financial fraud. Besides an optional encrypted PIN, this data includes magnetic stripe track 2 data: PAN, expiration date, card verification value, and issuer private data. While thefts of this data at all segments of the transaction processing system have been reported, the most vulnerable segments are between the point of transaction device capturing the magnetic stripe data and the processing systems at the acquirer. This document would standardize the security requirements and implementation for a method for protecting this sensitive card data over these segments using tokenization and would be a companion standard to X9.119 part 1. Several implementations exist to address this situation. This document would
provide guidance for evaluating these implementations.

Single copy price: $60.00