Emerald Business Systems Blog

The Definition of Cardholder Data

Posted in PCI,POS by ebs4pos on October 5, 2009

The Definition of Cardholder Data

September 30th, 2009 by Branden Williams

The definition of cardholder data for most of us usually stops at the Primary Account Number, or PAN. Those pesky digits that we have to protect as they run through our systems cause CIOs to cringe and security professionals to salivate over potential budget money. Before you can embark on your information security journey, you need to understand what you must secure, and where it is. I’ve posted about this before.

At this year’s community meeting, the definition of cardholder data was a hot topic in both general sessions and one of the Special Interest Groups (SIGs). I’ve always thought the definition of cardholder data was quite clear, but here’s a good rule of thumb. This information is pulled directly from the PCI DSS that can be found on the Council’s website.

via Branden Williams’s Security Convergence Blog » The Definition of Cardholder Data.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: