1.1.3 After authorization, do not store the personal identification number (PIN) or the encrypted PIN block.
PCI Data Security Standard Requirement 3.2.3
PIN blocks must never be retained (even if encrypted) after transaction authorization.
Testing Procedures:
1.1.3 Use forensic tools and/or methods (commercial tools, scripts, etc.)[3] to examine all output created by the payment application, and verify that PINs and encrypted PIN blocks are not stored after authorization. Include the following types of files (as well as any other output generated by the payment application).
[ul]
[li]Incoming transaction data[/li][li]Transaction logsHistory files[/li][li]Trace files[/li][li]Non-volatile memory, including non-volatile cache[/li][li]Debugging and error logs[/li][li]Audit logs[/li][li]Database schemas and tables[/li][li]Database contents[/li][/ul]
[SIZE=2][3] Forensic tool or method: A tool or method for uncovering, analyzing and presenting forensic data, which provides a robust way to authenticate, search, and recover computer evidence rapidly and thoroughly. In the case of forensic tools or methods used by PA-QSAs, these tools or methods should accurately locate any sensitive authentication data written by the payment application. These tools may be commercial, open-source, or developed in-house by the PA-QSA.[/SIZE]