PCI DSS Compliance

1 point

a year ago

I'm building an iOS app. I want to store a users' name and the last 4 digits of their CC number. I'll use those to match transactions I read from another API which also provides name and the last 4 cc digits.

If I'm just storing name + last 4 cc digits, do I have to comply by PCI DSS?

This thread sounds promising: https://stackoverflow.com/questions/44630367/is-last-4-digits-of-credit-card-and-expiry-date-storage-allowed-in-pci-dss but not sure how accurate or dated the info is.

4 comments