💼 3.3.1 SAD is not retained after authorization, even if encrypted.

• Contextual name: 💼 3.3.1 SAD is not retained after authorization, even if encrypted.

• ID: /frameworks/pci-dss-v4.0/03/03/01

• Located in: 💼 3.3 Sensitive authentication data (SAD) is not stored after authorization.

Description

All sensitive authentication data received is rendered unrecoverable upon completion of the authorization process.

Similar

• Sections
  • /frameworks/pci-dss-v3.2.1/03/02
  • /frameworks/pci-dss-v4.0.1/03/03/01
• Internal
  • ID: dec-c-68ae2c4c

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 3.2 Do not store sensitive authentication data after authorization (even if encrypted).	3		5
💼 PCI DSS v4.0.1 → 💼 3.3.1 SAD is not retained after authorization, even if encrypted.	3		5

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 3.2 Do not store sensitive authentication data after authorization (even if encrypted).	3		5
💼 PCI DSS v4.0.1 → 💼 3.3.1 SAD is not retained after authorization, even if encrypted.	3		5

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 3.3.1.1 The full contents of any track are not retained upon completion of the authorization process.
💼 3.3.1.2 The card verification code is not retained upon completion of the authorization process.
💼 3.3.1.3 The personal identification number (PIN) and the PIN block are not retained upon completion of the authorization process.

Policies (5)

Policy	Logic Count	Flags
📝 Google BigQuery Dataset is not encrypted with Customer-Managed Encryption Key (CMEK) 🟢	1	🟢 x6
📝 Google BigQuery Table is not encrypted with Customer-Managed Encryption Key (CMEK) 🟢	1	🟢 x6
📝 Google Dataproc Cluster is not encrypted using Customer-Managed Encryption Key 🟢	1	🟢 x6
📝 Google GCE Disk for critical VMs is not encrypted with Customer-Supplied Encryption Key (CSEK) 🟢	1	🟢 x6
📝 Google GCE Instance Confidential Compute is not enabled 🟢	1	🟢 x6