💼 3.3.1 SAD is not retained after authorization, even if encrypted.

• ID: /frameworks/pci-dss-v4.0/03/03/01

Description

All sensitive authentication data received is rendered unrecoverable upon completion of the authorization process.

Similar

• Sections
  • /frameworks/pci-dss-v3.2.1/03/02
  • /frameworks/pci-dss-v4.0.1/03/03/01
• Internal
  • ID: dec-c-68ae2c4c

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v3.2.1 → 💼 3.2 Do not store sensitive authentication data after authorization (even if encrypted).	3		5		no data
💼 PCI DSS v4.0.1 → 💼 3.3.1 SAD is not retained after authorization, even if encrypted.	3		5		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v3.2.1 → 💼 3.2 Do not store sensitive authentication data after authorization (even if encrypted).	3		5		no data
💼 PCI DSS v4.0.1 → 💼 3.3.1 SAD is not retained after authorization, even if encrypted.	3		5		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 3.3.1.1 The full contents of any track are not retained upon completion of the authorization process.					no data
💼 3.3.1.2 The card verification code is not retained upon completion of the authorization process.					no data
💼 3.3.1.3 The personal identification number (PIN) and the PIN block are not retained upon completion of the authorization process.					no data

Policies (5)

Policy	Logic Count	Flags	Compliance
🛡️ Google BigQuery Dataset is not encrypted with Customer-Managed Encryption Key (CMEK)🟢	1	🟢 x6	no data
🛡️ Google BigQuery Table is not encrypted with Customer-Managed Encryption Key (CMEK)🟢	1	🟢 x6	no data
🛡️ Google Dataproc Cluster is not encrypted using Customer-Managed Encryption Key🟢	1	🟢 x6	no data
🛡️ Google GCE Disk for critical VMs is not encrypted with Customer-Supplied Encryption Key (CSEK)🟢	1	🟢 x6	no data
🛡️ Google GCE Instance Confidential Compute is not enabled🟢	1	🟢 x6	no data