PCI DSS: Top Guidelines to Store Card Details

Here’re are guidelines to retain card data per PCI DSS rules.

PCI DSS: How to Retain Card details
How to retain Cardholder data Useful PCI DSS Checklist

Guidelines to Store Card Details

  1. All the cardholder data must be kept only a certain time. After that, the data should be purged.
  2. Discard all sensitive authentication data after the transaction is successful or processed. Only issuers can save sensitive data for business reasons in a Secured server.
  3. Must mask all PAN (credit card account number). It should not be visible to the public.
  4. Need to make the PAN unreadable.
  5. A procedure is required to protect cardholder data. Ex: Encryption or Decryption.
  6. Document and implement key management processes.
  7. All security policies should be documented.

Related Posts

References

Author: Srini

Experienced software developer. Skills in Development, Coding, Testing and Debugging. Good Data analytic skills (Data Warehousing and BI). Also skills in Mainframe.