Skip to the main content.
Contact
Contact

What Is Cardholder Data In PCI Compliance?

What Is Cardholder Data In PCI Compliance?

Cardholder data, aka CHD, comes from credit, debit, and prepaid cards bearing the logo of one of the PCI founding card brands.  CHD includes the primary account number (PAN) alone or in combination with any of name, expiry date, and a piece of hidden data called a service code. CHD can be in any media format including text or binary data in files and databases, images, and audio. All of these formats need to be protected under PCI.

For clarity, sensitive authentication data has additional restrictions. Truncated cardholder data is not considered cardholder data.

For more see the official PCI Compliance glossary.

Call Centers and PCI Compliance: Things You Need to Know

Call Centers and PCI Compliance: Things You Need to Know

Call centers can be challenging places. They range from small and simple to large and complex. For many businesses they are a place where new...

Read More
Control Gap at Vancouver PCI Community Meeting

Control Gap at Vancouver PCI Community Meeting

Control Gap is excited to announce that we will be exhibiting at this year’s @PCISecurityStandardsCouncil Community Meeting on September 17-19....

Read More
Understanding P2PE, NESA, E2EE, and PCI Compliance

Understanding P2PE, NESA, E2EE, and PCI Compliance

Compliance simplification, what most people call “scope reduction”, can have huge benefits in terms of saving time, effort, headaches, and money....

Read More