Protect Cardholder Data

Topic	Replies	Views	Activity
About the Protect Cardholder Data category	0	71	January 23, 2023
[PCI DSS 1.x] 3.2 Do not store sensitive authentication data after authorization (even if encrypted). pci-dss-requirement-	4	13716	July 3, 2014
[PCI DSS 1.x] 3.4 Render PAN, at minimum, unreadable anywhere it is stored (including on portable digita pci-dss-requirement-	18	34058	January 20, 2014
[PCI DSS 1.x] 3.6.6 Split knowledge and establishment of dual control of cryptographic keys pci-dss-requirement-	7	10955	July 3, 2013
[PCI DSS 1.x] 3.6.2 Secure cryptographic key distribution pci-dss-requirement-	4	7812	March 16, 2012
[PCI DSS 1.x] 3.4.1 If disk encryption is used (rather than file- or column-level database encryption), pci-dss-requirement-	14	18822	April 12, 2011
[PCI DSS 1.x] 4.1 Use strong cryptography and security protocols such as SSL/TLS or IPSEC to safeguard s pci-dss-requirement-	5	15780	March 29, 2011
[PCI DSS 1.x] 3.3 Mask PAN when displayed (the first six and last four digits are the maximum number of pci-dss-requirement-	2	14824	March 11, 2011
[PCI DSS 1.x] 3.5 Protect cryptographic keys used for encryption of cardholder data against both disclos pci-dss-requirement-	2	5244	February 15, 2011
[PCI DSS 1.x] 3.1 Keep cardholder data storage to a minimum. Develop a data retention and disposal polic pci-dss-requirement-	2	7938	January 18, 2011
[PCI DSS 1.x] 3.6.1 Generation of strong cryptographic keys pci-dss-requirement-	1	3692	December 13, 2010
[PCI DSS 1.x] 4.2 Never send unencrypted PANs by end-user messaging technologies (for example, e-mail, i pci-dss-requirement-	2	7326	May 28, 2010
[PCI DSS 1.x] 3.2.2 Do not store the card-verification code or value (three-digit or four-digit number p pci-dss-requirement-	1	5043	August 3, 2009
[PCI DSS 1.x] 3.6.4 Periodic cryptographic key changes pci-dss-requirement-	1	7452	April 22, 2009
[PCI DSS 1.x] 4.1.1 Ensure wireless networks transmitting cardholder data or connected to the cardholder pci-dss-requirement-	0	5002	March 18, 2007
[PCI DSS 1.x] 3.6.8 Requirement for cryptographic key custodians to sign a form stating that they unders pci-dss-requirement-	0	5303	March 18, 2007
[PCI DSS 1.x] 3.6.7 Prevention of unauthorized substitution of cryptographic keys pci-dss-requirement-	0	4081	March 18, 2007
[PCI DSS 1.x] 3.6.5 Retirement or replacement of old or suspected compromised cryptographic keys pci-dss-requirement-	0	3656	March 18, 2007
[PCI DSS 1.x] 3.6.3 Secure cryptographic key storage pci-dss-requirement-	0	4958	March 18, 2007
[PCI DSS 1.x] 3.6 Fully document and implement all key-management processes and procedures for cryptogra pci-dss-requirement-	0	4348	March 18, 2007
[PCI DSS 1.x] 3.5.2 Store cryptographic keys securely in the fewest possible locations and forms. pci-dss-requirement-	0	4160	March 18, 2007
[PCI DSS 1.x] 3.5.1 Restrict access to cryptographic keys to the fewest number of custodians necessary. pci-dss-requirement-	0	3573	March 18, 2007
[PCI DSS 1.x] 3.2.3 Do not store the personal identification number (PIN) or the encrypted PIN block. pci-dss-requirement-	0	3442	March 18, 2007
[PCI DSS 1.x] 3.2.1 Do not store the full contents of any track from the magnetic stripe (located on the pci-dss-requirement-	0	3830	March 18, 2007