3.5 - Primary Account Number (PAN) Secured Wherever Stored

Requirement 3.5 of PCI DSS 4.0 mandates that primary account numbers be protected wherever they are stored, using strong cryptography, truncation, tokenization or other approved methods, and that access to the full PAN be limited to only those individuals with a legitimate business need.