Protect Cardholder Data

Topic	Replies	Views	Activity
About the Protect Cardholder Data category	0	73	January 23, 2023
[PCI DSS 1.x] 3.2 Do not store sensitive authentication data after authorization (even if encrypted). pci-dss-requirement-	4	13719	July 3, 2014
[PCI DSS 1.x] 3.4 Render PAN, at minimum, unreadable anywhere it is stored (including on portable digita pci-dss-requirement-	18	34077	January 20, 2014
[PCI DSS 1.x] 3.6.6 Split knowledge and establishment of dual control of cryptographic keys pci-dss-requirement-	7	10960	July 3, 2013
[PCI DSS 1.x] 3.6.2 Secure cryptographic key distribution pci-dss-requirement-	4	7820	March 16, 2012
[PCI DSS 1.x] 3.4.1 If disk encryption is used (rather than file- or column-level database encryption), pci-dss-requirement-	14	18830	April 12, 2011
[PCI DSS 1.x] 4.1 Use strong cryptography and security protocols such as SSL/TLS or IPSEC to safeguard s pci-dss-requirement-	5	15785	March 29, 2011
[PCI DSS 1.x] 3.3 Mask PAN when displayed (the first six and last four digits are the maximum number of pci-dss-requirement-	2	14827	March 11, 2011
[PCI DSS 1.x] 3.5 Protect cryptographic keys used for encryption of cardholder data against both disclos pci-dss-requirement-	2	5244	February 15, 2011
[PCI DSS 1.x] 3.1 Keep cardholder data storage to a minimum. Develop a data retention and disposal polic pci-dss-requirement-	2	7940	January 18, 2011
[PCI DSS 1.x] 3.6.1 Generation of strong cryptographic keys pci-dss-requirement-	1	3695	December 13, 2010
[PCI DSS 1.x] 4.2 Never send unencrypted PANs by end-user messaging technologies (for example, e-mail, i pci-dss-requirement-	2	7329	May 28, 2010
[PCI DSS 1.x] 3.2.2 Do not store the card-verification code or value (three-digit or four-digit number p pci-dss-requirement-	1	5046	August 3, 2009
[PCI DSS 1.x] 3.6.4 Periodic cryptographic key changes pci-dss-requirement-	1	7453	April 22, 2009
[PCI DSS 1.x] 4.1.1 Ensure wireless networks transmitting cardholder data or connected to the cardholder pci-dss-requirement-	0	5002	March 18, 2007
[PCI DSS 1.x] 3.6.8 Requirement for cryptographic key custodians to sign a form stating that they unders pci-dss-requirement-	0	5304	March 18, 2007
[PCI DSS 1.x] 3.6.7 Prevention of unauthorized substitution of cryptographic keys pci-dss-requirement-	0	4084	March 18, 2007
[PCI DSS 1.x] 3.6.5 Retirement or replacement of old or suspected compromised cryptographic keys pci-dss-requirement-	0	3660	March 18, 2007
[PCI DSS 1.x] 3.6.3 Secure cryptographic key storage pci-dss-requirement-	0	4962	March 18, 2007
[PCI DSS 1.x] 3.6 Fully document and implement all key-management processes and procedures for cryptogra pci-dss-requirement-	0	4350	March 18, 2007
[PCI DSS 1.x] 3.5.2 Store cryptographic keys securely in the fewest possible locations and forms. pci-dss-requirement-	0	4162	March 18, 2007
[PCI DSS 1.x] 3.5.1 Restrict access to cryptographic keys to the fewest number of custodians necessary. pci-dss-requirement-	0	3575	March 18, 2007
[PCI DSS 1.x] 3.2.3 Do not store the personal identification number (PIN) or the encrypted PIN block. pci-dss-requirement-	0	3443	March 18, 2007
[PCI DSS 1.x] 3.2.1 Do not store the full contents of any track from the magnetic stripe (located on the pci-dss-requirement-	0	3831	March 18, 2007