MCB Group

<b>Allowed to be Displayed/Stored</b>: These data elements can be stored and displayed in compliance with PCI DSS 4.0 guidelines. For PAN, only the first 6 and last 4 digits can be displayed; the full PAN should never be stored or displayed in its entirety.

<b>Not Allowed to be Displayed/Stored</b>: These data elements must never be stored post-authorization or displayed as per PCI DSS 4.0 guidelines. This includes full track data, card verification codes, and PINs/PIN blocks.

This table provides a clear and formal comparison of what data can and cannot be displayed or stored according to PCI DSS 4.0 standards.

PCI DSS : How to Deal with Card holder data ?

My Apps

Intranet

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you

Data Element	Allowed to be Displayed/Stored	Not Allowed to be Displayed/Stored
Primary Account Number (PAN)	First 6 and last 4 digits only	Full PAN
Cardholder Name	Yes	No
Expiration Date	Yes	No
Service Code	Yes	No
Sensitive Authentication Data
- Full Track Data (magnetic-stripe data or equivalent on a chip)	No	Yes
- Card Verification Code (CVV, CVC, CID, CAV2)	No	Yes
- PINs/PIN blocks	No	Yes