Payment card information (PCI)
- PCI Audit for discovery
A permissive policy for detecting potential credit-card-numbers. The policy contains several rules to address corner cases, such as numbers that appear as part of a long sequence, with user-defined delimiters etc. Most of the rules in the policy may cause high rate of false positives and are not recommended for usage in production mode. The rules for this policy are:
- PCI Audit: No Word Boundaries
- PCI Audit: Non-Delimited
- PCI Audit: User-Defined Delimiter
- PCI Audit: CCN and Expiration Date
- PCI Audit: CCN and CVV
- PCI Audit: CCN Without Validation
- PCI Audit: Credit Card Number (Extra Wide)
- PCI Audit: Credit Card Number (Default)
- PCI Audit: Credit Card Magnetic Strip
- PCI Audit: Masked Credit Card Number
- PCI Audit: CCN in Non-English Characters
- PCI Audit: User-Defined IIN (Wide)
- PCI Audit: User-Defined IIN (Default)
- PCI Audit: User-Defined IIN (Narrow)
- PCI Policy for discovery
The Payment Card Industry Data Security Standard (PCI DSS) is an industry standard, accepted internationally by all major credit card issuers. The standard is enforced on companies and organization that accept credit card payments or process, store, or transmit cardholder data. The standard mandates, among others, that credit card numbers and cardholder data should be highly secured and that transactions comprising data should be encrypted. The rules for this policy are:
- PCI: Credit Cards - Wide
- PCI: Credit Cards - Default
- PCI: Credit Cards - Narrow
- PCI: Credit Card Magnetic Strips