Skip to the main content.
Contact
Contact
Facebook Instagram Linkedin X YouTube Medium

What Is Cardholder Data In PCI Compliance?

Picture of David Gamey David Gamey : Jan 16, 2017 10:07:00 PM

pci
What Is Cardholder Data In PCI Compliance?

Cardholder data, aka CHD, comes from credit, debit, and prepaid cards bearing the logo of one of the PCI founding card brands.  CHD includes the primary account number (PAN) alone or in combination with any of name, expiry date, and a piece of hidden data called a service code. CHD can be in any media format including text or binary data in files and databases, images, and audio. All of these formats need to be protected under PCI.

For clarity, sensitive authentication data has additional restrictions. Truncated cardholder data is not considered cardholder data.

For more see the official PCI Compliance glossary.
Why did my PCI DSS Scope Explode?

Why did my PCI DSS Scope Explode?

Picture of Laura McNamee Laura McNamee : Sep 1, 2021 10:07:00 PM

It can be extremely frustrating for a compliance team to realize that additional systems are in-scope. It means additional and unexpected security...

pci Credit cards
Read More
Call Centers and PCI Compliance: Things You Need to Know

Call Centers and PCI Compliance: Things You Need to Know

Picture of David Gamey David Gamey : Dec 15, 2016 12:00:00 AM

Call centers can be challenging places. They range from small and simple to large and complex. For many businesses they are a place where new...

pci
Read More
3 Risks of Ignoring PCI Compliance

3 Risks of Ignoring PCI Compliance

Picture of Robert Spivak Robert Spivak : Nov 15, 2016 10:07:00 PM

With more than 510 million records containing sensitive information breached since January 2005, statistics indicate that cardholder data breaches...

pci
Read More