- From a PCI standpoint, what is defined as ‘cardholder data’?
From a PCI standpoint, what is defined as ‘cardholder data’?
The PCI Security Standards Council (SSC) defines cardholder data as the full Primary Account Number (PAN) or the full PAN along with any of the following elements:
- Cardholder name
- Expiration date
- Service code
Sensitive Authentication Data, which must also be protected, includes full magnetic stripe data, CAV2, CVC2, CVV2, CID, PINs, PIN blocks and more.