πΌ 3.2.1 Do not store the full contents of any track after authorization.
- Contextual name: πΌ 3.2.1 Do not store the full contents of any track after authorization.
- ID:
/frameworks/pci-dss-v3.2.1/03/02/01 - Located in: πΌ 3.2 Do not store sensitive authentication data after authorization (even if encrypted).
Descriptionβ
This data is alternatively called full track, track, track 1, track 2, and magnetic-stripe data.
In the normal course of business, the following data elements from the magnetic stripe may need to be retained:
- The cardholder's name
- Primary account number (PAN)
- Expiration date
- Service code
To minimize risk, store only these data elements as needed for business.
Similarβ
- Sections
/frameworks/pci-dss-v4.0/03/03/01/01
- Internal
- ID:
dec-c-31e5dfdd
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 3.3.1.1 The full contents of any track are not retained upon completion of the authorization process. |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 3.3.1.1 The full contents of any track are not retained upon completion of the authorization process. |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|