Skip to Content

PCI Policy

The transmission of cardholder data via any end-user messaging technology (e.g., instant messaging, email, etc.) should be explicitly prohibited, unless there is a valid business case for doing so and appropriate encryption technologies are in use. Unencrypted PANs should never be transmitted via any end-user messaging technology.