PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum
>
PA-DSS - Payment Application Data Security Standards
[PA-DSS] 2. Protect stored cardholder data
User Name
Remember Me?
Password
Register
FAQ
Calendar
Search
Today's Posts
Mark Forums Read
[PA-DSS] 2. Protect stored cardholder data
Protect stored cardholder data
Threads in Forum
: [PA-DSS] 2. Protect stored cardholder data
Forum Tools
Search this Forum
Rating
Thread
/
Thread Starter
Last Post
Replies
Views
[PA-DSS] 2.1 Software vendor must provide guidance to customers regarding purging of cardholder data after expiration of customer-defined retention period
admin
03-18-2007
02:42 AM
by
admin
0
473
[PA-DSS] 2.2 Mask PAN when displayed (the first six and last four digits are the maximum number of digits to be displayed)
admin
03-18-2007
02:42 AM
by
admin
0
456
[PA-DSS] 2.3 Render PAN, at a minimum, unreadable anywhere it is stored, (including data on portable digital media, backup media, in logs, and data received from or stored by wireless networks) by using any of the following approaches
admin
03-18-2007
02:43 AM
by
admin
0
614
[PA-DSS] 2.4 If disk encryption is used (rather than file- or column-level database encryption), logical access must be managed independently of native operating system access control mechanisms (for example, by not using local user account databases). Decryption keys must not be tied to user accounts
admin
03-18-2007
02:43 AM
by
admin
0
445
[PA-DSS] 2.5 Payment application must protect encryption keys used for encryption of cardholder data against disclosure and misuse
admin
05-24-2010
07:28 AM
by
Roger Nebel
8
764
[PA-DSS] 2.6 Payment application must implement key management processes and procedures for keys used for encryption of cardholder data
admin
03-18-2007
02:44 AM
by
admin
0
482
[PA-DSS] 2.7 Securely delete any cryptographic key material or cryptogram stored by previous versions of the payment application, in accordance with industry-accepted standards for secure deletion, as defined, for example the list of approved products maintained by the National Security Agency, or by other State or National standards or regulations. These are cryptographic keys used to encrypt or verify cardholder data
admin
03-18-2007
02:44 AM
by
admin
0
1,171
Display Options
Showing threads 1 to 7 of 7
Sorted By
Thread Title
Last Post Time
Thread Start Time
Number of Replies
Number of Views
Thread Starter
Thread Rating
Sort Order
Ascending
Descending
From The
Last Day
Last 2 Days
Last Week
Last 10 Days
Last 2 Weeks
Last Month
Last 45 Days
Last 2 Months
Last 75 Days
Last 100 Days
Last Year
Beginning
Forum Tools
Search this Forum
Mark This Forum Read
View Parent Forum
Search this Forum
:
Advanced Search
New posts
Hot thread with new posts
No new posts
Hot thread with no new posts
Thread is closed
Posting Rules
You
may not
post new threads
You
may not
post replies
You
may not
post attachments
You
may not
edit your posts
BB code
is
On
Smilies
are
On
[IMG]
code is
On
HTML code is
Off
Forum Rules
All times are GMT -4. The time now is
04:21 AM
.
Contact Us
-
PCI DSS FAQ - Payment Card Industry (PCI) Data Security Standard Discussion Forum
-
Archive
-
Top
All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest ©1997 - 2010 by PCIDSSFAQ.ORG, except where noted otherwise.
Powered by vBulletin, Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
PCI-DSS Forum
|
PA-DSS Forum
