Amazon ElastiCache for Redis is Now PCI DSS Compliant

Posted on: Jul 5, 2018

Amazon ElastiCache for Redis is now certified as Payment Card Industry Data Security Standard (PCI DSS) compliant. You can now use the latest version of ElastiCache for Redis for low latency and high throughput in-memory processing of sensitive payment card data for use cases such as payment processing, mobile wallet, and payment fraud prevention.

ElastiCache for Redis is a Redis-compatible, fully managed, in-memory data store and caching service that delivers sub-millisecond response times and supports millions of requests per second. ElastiCache for Redis supports popular use cases such as database and application caching, session management, queues, publish/subscribe, and real-time analytics. Now you can use the speed, simplicity, security, and scalability of ElastiCache for Redis to deliver secure, high-performance, and scalable apps that process sensitive data including Customer Cardholder Data (CHD).

PCI DSS compliant ElastiCache for Redis requires Redis engine version 4.0.10 or higher. It provides Transport Layer Security (TLS) to encrypt all communication between clients and Redis server as well as between the Redis servers (primary and read replica nodes). Additionally, the encryption at-rest feature allows you to encrypt your backups on disk and in Amazon S3, and the Redis AUTH command can be used for an added level of authentication for executing Redis commands.

There is no additional charge for PCI-compliant ElastiCache for Redis. To get started, see ElastiCache for Redis Compliance documentation.