Skip to main content

💼 3.3.1 SAD is not retained after authorization, even if encrypted.

Contextual name: 💼 3.3.1 SAD is not retained after authorization, even if encrypted.
ID: /frameworks/pci-dss-v4.0/03/03/01
Located in: 💼 3.3 Sensitive authentication data (SAD) is not stored after authorization.

Description

All sensitive authentication data received is rendered unrecoverable upon completion of the authorization process.

Similar

Sections
- /frameworks/pci-dss-v3.2.1/03/02
- /frameworks/pci-dss-v4.0.1/03/03/01

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 3.2 Do not store sensitive authentication data after authorization (even if encrypted).	3
💼 PCI DSS v4.0.1 → 💼 3.3.1 SAD is not retained after authorization, even if encrypted.	3

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 3.2 Do not store sensitive authentication data after authorization (even if encrypted).	3
💼 PCI DSS v4.0.1 → 💼 3.3.1 SAD is not retained after authorization, even if encrypted.	3

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 3.3.1.1 The full contents of any track are not retained upon completion of the authorization process.
💼 3.3.1.2 The card verification code is not retained upon completion of the authorization process.
💼 3.3.1.3 The personal identification number (PIN) and the PIN block are not retained upon completion of the authorization process.

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections