3.4 - Access to Displays of Full PAN and Copies Restricted

Requirement 3.4 of PCI DSS v4.0 requires that full primary account numbers (PAN) shown on monitors or printed copies be viewable only by personnel with a legitimate need. Organizations must implement technical and procedural controls to restrict and log access, ensuring that unauthorized users cannot see or reproduce the complete PAN.