Product Documentation

The Payment Card Industry (PCI) released version 3.2 of its Data Security Standard (DSS) on April 2016 (https://www.pcisecuritystandards.org/pci_security).

PCI DSS covers security requirements of many information technology components with which companies processing and/or storing credit card numbers must comply. This chapter focuses specifically on analyzing Sections 3.4 through 3.6 (Protect Cardholder Data) of the DSS, to show how SAKA addresses these requirements.

The format of this chapter presents the PCI DSS requirement first, followed by how SAKA addresses the requirement. An assumption made in this analysis is that the company in question needs to store the Primary Account Number (PAN); if there is no need to store the PAN, then there may be no need for SAKA in your environment.