Which statement about magnetic stripe data retention after authorization is true?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the PCI Data Security Standard Test with our quiz. Use flashcards and multiple-choice questions to learn each concept. Get ready to excel in your examination!

Multiple Choice

Which statement about magnetic stripe data retention after authorization is true?

Explanation:
After authorization, you should keep only the minimum cardholder data elements necessary for business needs, and you must not retain full magnetic stripe data. The data elements that may be retained are the cardholder's name, the PAN, the expiration date, and the service code. This allows ongoing processing or record-keeping without exposing the complete magnetic stripe information. Retaining full track data is not permitted after authorization, and the card verification code should not be retained once authorization is complete. So, the statement listing the allowed elements—name, PAN, expiration date, and service code—best reflects the correct practice.

After authorization, you should keep only the minimum cardholder data elements necessary for business needs, and you must not retain full magnetic stripe data. The data elements that may be retained are the cardholder's name, the PAN, the expiration date, and the service code. This allows ongoing processing or record-keeping without exposing the complete magnetic stripe information. Retaining full track data is not permitted after authorization, and the card verification code should not be retained once authorization is complete. So, the statement listing the allowed elements—name, PAN, expiration date, and service code—best reflects the correct practice.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy