Protect Cardholder Data

Topic	Replies	Views	Activity
About the Protect Cardholder Data category	0	48	January 23, 2023
[PCI DSS 1.x] 3.2 Do not store sensitive authentication data after authorization (even if encrypted). pci-dss-requirement-	4	13651	July 3, 2014
[PCI DSS 1.x] 3.4 Render PAN, at minimum, unreadable anywhere it is stored (including on portable digita pci-dss-requirement-	18	33823	January 20, 2014
[PCI DSS 1.x] 3.6.6 Split knowledge and establishment of dual control of cryptographic keys pci-dss-requirement-	7	10856	July 3, 2013
[PCI DSS 1.x] 3.6.2 Secure cryptographic key distribution pci-dss-requirement-	4	7756	March 16, 2012
[PCI DSS 1.x] 3.4.1 If disk encryption is used (rather than file- or column-level database encryption), pci-dss-requirement-	14	18646	April 12, 2011
[PCI DSS 1.x] 4.1 Use strong cryptography and security protocols such as SSL/TLS or IPSEC to safeguard s pci-dss-requirement-	5	15716	March 29, 2011
[PCI DSS 1.x] 3.3 Mask PAN when displayed (the first six and last four digits are the maximum number of pci-dss-requirement-	2	14770	March 11, 2011
[PCI DSS 1.x] 3.5 Protect cryptographic keys used for encryption of cardholder data against both disclos pci-dss-requirement-	2	5204	February 15, 2011
[PCI DSS 1.x] 3.1 Keep cardholder data storage to a minimum. Develop a data retention and disposal polic pci-dss-requirement-	2	7896	January 18, 2011
[PCI DSS 1.x] 3.6.1 Generation of strong cryptographic keys pci-dss-requirement-	1	3657	December 13, 2010
[PCI DSS 1.x] 4.2 Never send unencrypted PANs by end-user messaging technologies (for example, e-mail, i pci-dss-requirement-	2	7271	May 28, 2010
[PCI DSS 1.x] 3.2.2 Do not store the card-verification code or value (three-digit or four-digit number p pci-dss-requirement-	1	5003	August 3, 2009
[PCI DSS 1.x] 3.6.4 Periodic cryptographic key changes pci-dss-requirement-	1	7422	April 22, 2009
[PCI DSS 1.x] 4.1.1 Ensure wireless networks transmitting cardholder data or connected to the cardholder pci-dss-requirement-	0	4976	March 18, 2007
[PCI DSS 1.x] 3.6.8 Requirement for cryptographic key custodians to sign a form stating that they unders pci-dss-requirement-	0	5271	March 18, 2007
[PCI DSS 1.x] 3.6.7 Prevention of unauthorized substitution of cryptographic keys pci-dss-requirement-	0	4052	March 18, 2007
[PCI DSS 1.x] 3.6.5 Retirement or replacement of old or suspected compromised cryptographic keys pci-dss-requirement-	0	3629	March 18, 2007
[PCI DSS 1.x] 3.6.3 Secure cryptographic key storage pci-dss-requirement-	0	4930	March 18, 2007
[PCI DSS 1.x] 3.6 Fully document and implement all key-management processes and procedures for cryptogra pci-dss-requirement-	0	4304	March 18, 2007
[PCI DSS 1.x] 3.5.2 Store cryptographic keys securely in the fewest possible locations and forms. pci-dss-requirement-	0	4112	March 18, 2007
[PCI DSS 1.x] 3.5.1 Restrict access to cryptographic keys to the fewest number of custodians necessary. pci-dss-requirement-	0	3550	March 18, 2007
[PCI DSS 1.x] 3.2.3 Do not store the personal identification number (PIN) or the encrypted PIN block. pci-dss-requirement-	0	3422	March 18, 2007
[PCI DSS 1.x] 3.2.1 Do not store the full contents of any track from the magnetic stripe (located on the pci-dss-requirement-	0	3810	March 18, 2007