Skip to the main content.
Contact
Contact
Facebook Instagram Linkedin X YouTube Medium

What Is Sensitive Authentication Data in PCI Compliance?

Picture of David Gamey David Gamey : Dec 20, 2020 10:07:14 PM

pci
What Is Sensitive Authentication Data in PCI Compliance?

Sensitive authentication data, aka SAD, in PCI compliance is data used by the issuers of cards to authorize transactions.

Similar to cardholder data, PCI DSS requires protection of SAD. Additionally SAD can’t be retained (stored) by merchants and their payment processors. SAD includes the following:

  • “track” data from magnetic stripes
  • “track equivalent data” generated by chip and contactless cards
  • security validation codes (i.e. the 3-4 digit  number printed on cards) used for online and card not present transactions.
  • PINs

For more see the official PCI glossary.
Don’t Tie Yourself in Knots Thinking you can Store Payment Card Verification Codes/Values

Don’t Tie Yourself in Knots Thinking you can Store Payment Card Verification Codes/Values

Picture of David Gamey David Gamey : Aug 26, 2021 10:07:00 PM

Card Not Present Security Codes/Values are the 3 and 4 digit printed numbers on your payment cards used to verify card-not-present transactions. PCI...

pci Credit cards
Read More
PCI Compliance & Why You Need to be Compliant

PCI Compliance & Why You Need to be Compliant

Picture of Robert Spivak Robert Spivak : May 20, 2022 2:04:15 PM

Getting paid is just as important as PCI compliance. Businesses of all sizes rely on cash flow to effectively manage business operations. To ensure...

pci
Read More
A Guide to PCI 3DS Compliance and Why It Matters

A Guide to PCI 3DS Compliance and Why It Matters

Picture of CG Blogger CG Blogger : Feb 6, 2025 7:36:32 AM

The PCI 3DS Core Security Standard, which builds on the EMV 3DS standard was introduced to mitigate the risk of fraud for businesses handling...

pci Cybersecurity 3DS compliance
Read More