According to PCI DSS requirement 3.3, the first six and last four digits are the maximum number of digits that can be displayed. Any paper receipts stored by merchants must adhere to the PCI DSS, especially regarding physical security.
Articles in this section
- How do I become PCI Compliant?
- What are the PCI compliance levels and how are they determined?
- If I only accept credit cards over the phone, does PCI still apply to me?
- My business has multiple locations; is each location required to validate PCI compliance?
- Are debit card transactions in scope for PCI?
- Am I PCI compliant if I have an SSL certificate?
- What are the penalties for noncompliance?
- What is defined as ‘cardholder data’?
- What is the definition of merchant?
- What constitutes a payment application?