PCI CVV requirement - encrypt prior to authorisation?

Published: 1/12/2019
PCI CVV requirement - encrypt prior to authorisation?
Source: SECURITY.STACKEXCHANGE.COM

Technically, according to PCI SSC you can hold onto CVV and other sensitive authentication data until authorisation has occurred. In other words the restriction on storing sensitive authentication data applies to post authentication/processing storage. Is it a requirement that the CVV be encrypted prior to authorisation?

Read more
Related news
Comment
FACEBOOK