Web Design

Your content goes here. Edit or remove this text inline.

Logo Design

Your content goes here. Edit or remove this text inline.

Web Development

Your content goes here. Edit or remove this text inline.

White Labeling

Your content goes here. Edit or remove this text inline.

VIEW ALL SERVICES 

Discussion – 

0

Discussion – 

0

Who should be PCI Compliant

It is often asked if this organization should be PCI Compliant. Many conferences include a discussion around the topic of Who should be PCI compliant.

PCI DSS is applicable to all organizations who store, process or transmit account data. Extract from the PCI Standard tells us that the account data consist of cardholder data plus Sensitive Authentication Data

Cardholder data includes:

  • Primary Account Number (PAN)
  • Cardholder Name
  • Expiration Date
  • Service Code

Sensitive Authentication Data includes:

  • Full magnetic stripe data or equivalent on a chip
  • CAV2/CVC2/CVV2/CID
  • PINs/PIN blocks

If the PAN is stored, processed or transmitted then the PCI DSS requirements are applicable to the organization. However, if the PAN is not stored, processed or transmitted PCI DSS requirements do not apply.

This provides clarity on whether or not your organization falls under the PCI DSS requirement and weather you should be PCI Compliant

Binoy KL

0 Comments

You May Also Like