What is cardholder data?

According to the Payment Card Industry Security Standards Council (PCI SSC), cardholder data is defined as either the full Primary Account Number (PAN), or the full PAN plus any of the following elements:

  • Cardholder name
  • Expiration date
  • Service code

Sensitive Authentication Data must also be protected under PCI DSS. This data includes: 

  • Full magnetic stripe data
  • CAV2
  • CVC2
  • CVV2
  • CID
  • PINs and PIN blocks