What Is The Difference Between Masking And Truncation In PCI Compliance?

Picture of David Gamey David Gamey : Jan 17, 2017 10:07:00 PM

pci truncation masking

What Is The Difference Between Masking And Truncation In PCI Compliance?

Masking and truncation of cardholder data may seem the same on the surface (eg. 423456XXXXXX7890); however, each implies different functionality.

Masking applies to displays and implies the data can be accessed behind the scenes.

Truncation applies to storage and implies the permanent and irrecoverable transformation of the original data.

For more see the official PCI Compliance glossary.

The Art of Reading a PCI Attestation of Compliance (AoC)

David Gamey: Mar 22, 2023 9:00:00 AM

PCI Attestations of Compliance (AoCs) provide organizations with a tool that helps with the all-important aspects of third-party due diligence. Yet...

Control Gap Vulnerability Roundup: March 4th to March 10th

Zach Matthews: Mar 20, 2023 11:00:00 AM

This week saw the publication of 493 new CVE IDs. Of those, 58 have not yet been assigned official CVSS scores, however, of the ones that were,...

offensivesecurity Cybersecurity Certified Zero CVE

Control Gap Vulnerability Roundup: February 25th to March 3rd

Zach Matthews: Mar 16, 2023 2:32:38 PM

This week saw the publication of 442 new CVE IDs. Of those, 258 have not yet been assigned official CVSS scores, however, of the ones that were,...

offensivesecurity Cybersecurity Certified Zero CVE

What Is The Difference Between Masking And Truncation In PCI Compliance?

The Art of Reading a PCI Attestation of Compliance (AoC)

Control Gap Vulnerability Roundup: March 4th to March 10th

Control Gap Vulnerability Roundup: February 25th to March 3rd

Services

About Us

Knowledge Base

Contact