The Payment Card Industry Data Security Standard (PCI DSS) consists of 12 requirements which were developed to protect cardholder data. Requirement 4 is about encrypting cardholder data as it is transmitted across open, public networks. The intent of this requirement is to ensure sensitive information (which includes Sensitive Authentication Data (SAD) during the authorisation process) is not easily accessible by malicious individuals as it is transmitted over networks.
SSL/TLS and the PCI DSS Requirement 4 is a post from: IT Governance Blog on IT governance, risk management, compliance and information security.