Security Basics mailing list archives

Re: Is PCI Compliance Mandatory

From: Chad Loder <cloder () loder us>
Date: Sat, 12 Jan 2008 08:52:39 -0800

On Sat Jan 12/2008 @ 10:01:P -0000 asdasd, global.infosec () gmail com wrote:

Recently our organisation decided not to store credit card numbers in our databases of our retail outlets.
Do we still need to comply to PCI DSS?


According to the PCI DSS v1.1 [1]:

"PCI DSS requirements are applicable if a Primary Account Number (PAN)
is stored, processed, or. transmitted."

[1] https://www.pcisecuritystandards.org/pdfs/pci_dss_v1-1.pdf

Current thread:

Is PCI Compliance Mandatory global . infosec (Jan 12)
- RE: Is PCI Compliance Mandatory Craig Wright (Jan 14)
- Re: Is PCI Compliance Mandatory J. Lion (Jan 14)
- RE: Is PCI Compliance Mandatory Palmer, Mark (Jan 14)
- Re: Is PCI Compliance Mandatory Chad Loder (Jan 14)
- RE: Is PCI Compliance Mandatory Abimbola, Abiola (Jan 14)
- Re: Is PCI Compliance Mandatory Jason Thompson (Jan 14)
- <Possible follow-ups>
- Re: Is PCI Compliance Mandatory cstubbs (Jan 14)
- Re: RE: Is PCI Compliance Mandatory marc . massar (Jan 14)
- Re: Is PCI Compliance Mandatory evilwon12 (Jan 14)