CHAPTER 2: WHAT IS THE SCOPE OF THE PCI DSS?
The PCI DSS is applicable if you store, process or transmit cardholder data, or if you are responsible for third parties that store, process or transmit cardholder data. It also applies if you are involved with or can affect the security of the storage, processing or transmission of cardholder data. The cardholder data environment (CDE) is any network that possesses cardholder data or sensitive authentication data. It does not apply to your organisation if primary account numbers (PANs) – the up-to-19-digit credit card numbers – are not stored, processed or transmitted. The PCI DSS applies to any type of media on which card data may be held – this includes not only hard disk drives, floppy disks, magnetic ...
Get PCI DSS: A Pocket Guide 5th edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
