Protect Cardholder Data

Topic	Replies	Views	Activity
About the Protect Cardholder Data category	0	10	January 23, 2023
[PCI DSS 1.x] 3.2 Do not store sensitive authentication data after authorization (even if encrypted). pci-dss-requirement-	4	13591	July 3, 2014
[PCI DSS 1.x] 3.4 Render PAN, at minimum, unreadable anywhere it is stored (including on portable digita pci-dss-requirement-	18	33638	January 20, 2014
[PCI DSS 1.x] 3.6.6 Split knowledge and establishment of dual control of cryptographic keys pci-dss-requirement-	7	10786	July 3, 2013
[PCI DSS 1.x] 3.6.2 Secure cryptographic key distribution pci-dss-requirement-	4	7706	March 16, 2012
[PCI DSS 1.x] 3.4.1 If disk encryption is used (rather than file- or column-level database encryption), pci-dss-requirement-	14	18535	April 12, 2011
[PCI DSS 1.x] 4.1 Use strong cryptography and security protocols such as SSL/TLS or IPSEC to safeguard s pci-dss-requirement-	5	15663	March 29, 2011
[PCI DSS 1.x] 3.3 Mask PAN when displayed (the first six and last four digits are the maximum number of pci-dss-requirement-	2	14707	March 11, 2011
[PCI DSS 1.x] 3.5 Protect cryptographic keys used for encryption of cardholder data against both disclos pci-dss-requirement-	2	5159	February 15, 2011
[PCI DSS 1.x] 3.1 Keep cardholder data storage to a minimum. Develop a data retention and disposal polic pci-dss-requirement-	2	7846	January 18, 2011
[PCI DSS 1.x] 3.6.1 Generation of strong cryptographic keys pci-dss-requirement-	1	3605	December 13, 2010
[PCI DSS 1.x] 4.2 Never send unencrypted PANs by end-user messaging technologies (for example, e-mail, i pci-dss-requirement-	2	7208	May 28, 2010
[PCI DSS 1.x] 3.2.2 Do not store the card-verification code or value (three-digit or four-digit number p pci-dss-requirement-	1	4943	August 3, 2009
[PCI DSS 1.x] 3.6.4 Periodic cryptographic key changes pci-dss-requirement-	1	7374	April 22, 2009
[PCI DSS 1.x] 4.1.1 Ensure wireless networks transmitting cardholder data or connected to the cardholder pci-dss-requirement-	0	4932	March 18, 2007
[PCI DSS 1.x] 3.6.8 Requirement for cryptographic key custodians to sign a form stating that they unders pci-dss-requirement-	0	5217	March 18, 2007
[PCI DSS 1.x] 3.6.7 Prevention of unauthorized substitution of cryptographic keys pci-dss-requirement-	0	4002	March 18, 2007
[PCI DSS 1.x] 3.6.5 Retirement or replacement of old or suspected compromised cryptographic keys pci-dss-requirement-	0	3592	March 18, 2007
[PCI DSS 1.x] 3.6.3 Secure cryptographic key storage pci-dss-requirement-	0	4871	March 18, 2007
[PCI DSS 1.x] 3.6 Fully document and implement all key-management processes and procedures for cryptogra pci-dss-requirement-	0	4254	March 18, 2007
[PCI DSS 1.x] 3.5.2 Store cryptographic keys securely in the fewest possible locations and forms. pci-dss-requirement-	0	4058	March 18, 2007
[PCI DSS 1.x] 3.5.1 Restrict access to cryptographic keys to the fewest number of custodians necessary. pci-dss-requirement-	0	3487	March 18, 2007
[PCI DSS 1.x] 3.2.3 Do not store the personal identification number (PIN) or the encrypted PIN block. pci-dss-requirement-	0	3370	March 18, 2007
[PCI DSS 1.x] 3.2.1 Do not store the full contents of any track from the magnetic stripe (located on the pci-dss-requirement-	0	3741	March 18, 2007