[PCI DSS 3.0] 6.5.3 Insecure cryptographic storage

6.5.3 Insecure cryptographic storage

6.5.3 Examine software-development policies and procedures and interview responsible personnel to verify that insecure cryptographic storage is addressed by coding techniques that:
• Prevent cryptographic flaws.
• Use strong cryptographic algorithms and keys.

Applications that do not utilize strong cryptographic functions properly to store data are at increased risk of being compromised, and exposing authentication credentials and/or cardholder data. If an attacker is able to exploit weak cryptographic processes, they may be able to gain clear-text access to encrypted data.