Requirement 3.1 of the Payment Card Industry Data Security Standard (DSS) requires organizations to retain and follow data retention and disposal procedures.
As for PCI DSS requirement 3, sensitive authentication data shall not be stored and should be deleted after authorization.
Requirement 3 of the PCI DSS is about securing stored cardholder data, and six sub-requirements provide detailed guidelines for how merchants should store the various pieces of information on a card.
Want to stay up to date with the latest news?
We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!