CHAPTER 2: WHAT IS THE SCOPE OF THE PCI DSS?
The PCI DSS is applicable if you store, process or transmit cardholder data, or if you are responsible for third parties that store, process or transmit cardholder data. The Cardholder Data Environment (CDE) is any network that possesses cardholder data or sensitive authentication data. It does not apply to your organisation if Primary Account Numbers (PANs) – the 16-digit credit card numbers – are not stored, processed or transmitted. The PCI DSS applies to any type of media on which card data may be held – this includes not only hard disk drives, floppy disks, magnetic tape and back-up media, but also embraces printed or handwritten credit and debit card receipts where the full card number is printed. ...
Get PCI DSS: A Pocket Guide, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
